During 2012, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) wrote a
number of papers extending guidance on practical implementation of Enterprise Risk Management
(ERM) in organizations. In addition, the Professional Practices Framework has been revised to include
more relevant information. These changes and discussions were largely in response to corporate
governance concerns, that is that the Board of Directors and Officers of the firms are actively seeking
new and better ways to create effective internal controls. Risk assessment leads to more effective internal
controls because risk assessment is a proactive way of identifying the interaction and potential flaws of
the components within the system