Appendix A COSO and ISO 31000 Framework Mapping
Appendix A COSO and ISO 31000 Framework Mapping
Appendix A COSO and ISO 31000 Framework Mapping
Appendix A
COSO and ISO 31000 Framework Mapping
The matrix in this appendix is a summary comparison of the elements found in the COSO ERM framework
and the ISO 31000 framework and is referenced periodically in this publication. If the ISO 31000 framework
includes similar concepts to the COSO ERM framework, cross-references to the specific section of the ISO
31000 framework are included in the following table.
Principle 1: Exercises Board Risk Oversight See ISO 31000, Risk Management—Guidelines, section
The board of directors provides oversight of the strategy 5.2, ”Leadership and commitment.”
and carries out governance responsibility to support See ISO 31000, Risk Management—Guidelines, section
management in achieving strategy and business 5.4.3, ”Assigning organizational roles, authorities,
Practice Aid: Enterprise Risk Management: Guidance for Practical
The organization establishes operating structures in the 5.2, ”Leadership and commitment.”
pursuit of strategy and business objectives. See ISO 31000, Risk Management—Guidelines,
section 5.3, ”Integration.” See ISO 31000, Risk
By AICPA and CIMA
(continued)
(continued)
(continued)