Risk Management

​Risk management has grown in importance in recent years as organizations, and their stakeholders, are understanding that a properly functioning risk management process can help the organization protect and grow their value to their stakeholders. Managing risk with excellence supports better decision making. CAEs can occasionally be responsible for an ERM process, but even when they are not, CAEs need to fully understand this second line of defense function – its mission, activities, processes, output, and impact.​


Featured Resources​​​​


​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​​Who Owns Risk?

This CBOK report provides insights into the status of risk management and the role internal audit plays. It lays out 13 key actions that can help CAEs ensure that their internal audit function is properly positioned to address risk challenges in an ever-changing world. Download the report.


​Solutions for Risk Management Challenges

AEC thought leadership summarizing a discussion amongst CAEs about some of the obstacles and the ensuing solutions that have served them well as they deal with heightened expectations and risk management in today’s evolving world. Read the Kn​owledge Brief.


​Risk Management: Everyone's Responsibility

Vincent Topoff, Senior Technical Manager of IFAC, is a member of both the COSO ERM Advisory Group and the ISO 31000 Working Group. In this two-part video, Vincent encourages CAEs to think about risk management differently than as a process run by risk managers. How is risk management most useful to an organization? 

View Part 1              View Part 2

Additional Risk Management resources are premium content for Audit Executive Center members only. Members, if you are not already signed in, ​please sign in to access the resources. Not a member? Learn more about the benefits of AEC membership.​