Riordan Virtual Organization: COSO Integration Plan for Compliance and Legal Liability

Risk in relation to functions- HR management, economic operations, OHS, supply chain, local governance and compliance issues.

Background- In its most basic sense, risk management identifies, allows assessment, and prioritizes risks that are associated and central to an individual project or organization. Risk management allows the organization to be proactive in preventing or mitigating risks, for improving certain processes within the organization, and with the hope of preventing fiscal exposure. However, in almost every organization there are risks individuals are unique and do not always perform at a high level of safety; mechanical or design failures exist, construction projects have supply or labor issues, there are uncertainties in computer or data modification, of course natural disasters, and even deliberate attacks from competitors, etc. Because this is such a common occurrence, national and even international standards have been developed in conjunction with the insurance and regulatory institutions to at least provide basic guidelines to minimize risks risk (International Organization for Standardization, 2009).

According to "PWC" (2008), “today, business strategy and talent management are linked as an integrated talent management framework combining organization, business process and technology. Riordan’s Manufacturing manages their human capital and talent as strategic assets. They achieved by aligning the workforce with business objectives and by use performance metrics to drive decisions, monitor and improve results. This strategy shows how Riordan Manufacturing can successfully align their talent management strategy with technology to effectively manage their workforce needs in order to be a marketplace leader of the future” (Creating an agile workforce). Riordan’s Manufacturing has adapted the mixed

The following Enterprise Risk Management (ERM) plan was developed for Riordan Industries, Inc. and its subsidiaries. The goal of this plan is to help mitigate any legal liability on the part of Riordan by implementing the Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework (Jennings, 2006).

Collier (2009) claims that the fundamental role of the Board of the directors in a company is to apply risk management and to review the performance of the organisations’ internal control procedures; these two principal processes will support the Board in the setting of the strategic targets, the transformation of the targets into real products and services, the effective business overseeing, and the realistic reporting to the external stakeholders. Apart from the Board, the author suggests that an effective risk management framework must be facilitated by a risk management group, a chief risk officer, external and internal audits, and a mature organisational culture disseminated to the line managers and employees. Under the same concept, Hampton (2009) presented a flow gram that suggests the path towards the establishment of enterprise risk management, starting from the risk recognition and ending to the standardization of a risk evaluation process, having prior involved the Board, the risk owners and the accountable staff.

Enterprise risk management, also known as ERM, was introduced in 2004 as a strategy to manage risk within a company to avert future outcomes that can negatively affect the company and/or industry. As the concept, ERM spread it became widely accepted. According to the Embracing ERM, Practical Approaches for Getting Started, many companies thrived from adopting and implementing risk management. It was adopted by many to prevent systematic risk by planning, organizing, and controlling the companies’ activities. The 2013 COSO Enterprise Risk Management – Integrated Framework is not the same as the COSO Internal Control – Integrated Framework. The COSO Internal Control – Integrated

Enterprise risk management is a strategy used to achieve organizational goals and objectives by addressing risk and evaluating how the risk affects the organization as a whole. JNJ has developed risk management teams that cover risk associated with reputation, finance, health care, compliance-related, and climate change (JNJ, 2016). For example, assumed some risk by cutting 3,000 jobs in the medical device segment. The job cuts included employees of the orthopedics, surgery, and cardiovascular operations. The result of the layoffs is projected to generate annual cost savings up to $1 billion and help focus the management on priority areas such as the development of artificial knees trauma surgery devices (Pierson,

The tragic and apparently intentional crash of Germanwings Flight 9525 in the French Alps serves to highlight the many and varied risks organizations have to manage in the face of compliance regulations, both domestic and international, for the protection of customers and their assets.

We need to minimise the tense environment with all our efforts because when we communicate in an aggressive way, the messages we are trying to deliver may not be well received.

As time evolves organizations must continue to grow and evolve. The demographics and territories of organizations change as time evolves. As a result the risk management trends and developments become extremely important to the long-term success and survivability of organizations. Risk management trends exist at the corporate, business, and project levels of organizations. At each level of the risk management process stakeholders are identified and encouraged to actively participate in the process (Merna & AL-Thani, 2008). This has a positive effect on any future challenges that may arise and helps insure that the risk mitigation

| |Produce Top Ten Risks, Develop Risk Management Plan, Present Project Scope (if available). |

Every day businesses face the challenge of being exposed to potential risks. Whether these risks are internal to the company financially, damaged caused to the interior or exterior of the building itself, or lawsuits due to liability losses, businesses have a responsibility to be prepared. There are numerous ways for businesses to protect themselves from possible risks resulting from a loss. Risks may also vary depending on the type of business and operations it conducts. Not all companies will be faced with the same challenges of protection for losses, which is why it is important to consider a risk management process. Risk management is the identification, assessment, and prioritization of risks, followed by coordinated and economical

In the wake of this wake these increasing interest and demand, the idea of enterprise risk management has gained substantial force as a potentially effective response to ERM challenges. The term enterprise in enterprise risk management itself shows a different meaning than silo-based traditional risk management. Silo-based means thinking in containers, some departments of a company do not share information with other departments. The opposite of this silo approach is an integrated view that considers risk from the perspective of the whole organization, which is called Enterprise Risk Management (ERM) (Connair & Stephen, 2013) .

As outlined in the International Organization for Standardization ISO/IEC 31000:2009 standard, “the success of risk management will depend on the effectiveness of the management framework providing the foundations and arrangements that will embed it throughout the organization at all levels” .

In light of the fraud scandals that took place in 2001 and 2002 companies all over the world have been introduced to a new system to help incorporate corporate governance, risk management, and the requirements made by the SOX. That new system is known as Enterprise Risk Management (ERM). The ERM system has been suggested to be the new system to help companies predict risk and help achieve their overall objectives (Arena, Arnaboldi, & Azzone, 2011). The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has defined “ERM as a process, effected by an entity’s board of directors, management, and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risk to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives” (Arena, Arnaboldi, & Azzone, 2011, & Baxter, et al., 2013). In addition, the COSO identifies eight unified components that consist of the internal environment, objectives setting, event identification, risk assessment, risk response, control activities, information and communication, and monitoring (Arena, Arnaboldi, & Azzone, 2011). Companies who implement an ERM system and follow these eight components help to guarantee the accomplishment of the company’s overall objective across their different organizational levels.