Research On Optimization Of The System Of ERM In Company Y Based On COSO Integrated Framework

In the background of today’s market economy, enterprises always face various risks in the process of development, which drive the enterprises to be equipped with risk management ability. In recent years, more and more widespread attention from domestic and international theory has been paid to Enterprise Risk Management (ERM), and many companies in the world have become practitioners of ERM. So have many advanced companies in our country.However, not only the research on risk management started later in our country, but also the research is mainly focuses on the construction of risk management system of finance and the insurance industry. In contrast, the research to manage the risk of the state-owned enterprises lacks enough attention. Helping state-owned enterprises improve the level of risk management and realize the value of the state-owned assets become urgent, which is the starting point of this thesis.This thesis adopts the method of case study. First of all, the thesis reviews the development of risk management and the related theory. Based on the current research of risk management home and abroad, we choose "Enterprise Risk Management-Integrated Framework" published by COSO (COSO-ERM) as the theoretical basis. First, we introduce the content of this framework. Then we compare the framework with the internal control framework and traditional risk management theory to illustrate the advantage and advancement of COSO-ERM. In order to integrate theory with practice, this thesis selects company Y of the tobacco industry as a typical case. Based on the analysis of the background and problem combining the actual situation with national policies, the thesis puts forward an comprehensive risk management system to company Y which both base on the COSO ERM framework and fits its own actual fundamentals.This ERM system is illustrated in five areas which is followed the principles of cost-effective, systemic, contingency and combination of powers, responsibilities and benefits basing on COSO-ERM. First of all, this thesis put forward proposals for building good internal environment for risk management. The points are improving company’s governance structure and establishing risk management agencies. Second of all, the setting of company’s strategic goal must consider the reality of the company. Third of all, this thesis supplies operational processes for company to identify, assess and respond risk. Those processes put a possibility for company to control risks. In the end, this thesis considers the combination of the governance structure, internal control system and internal audit system with the ERM system in company Y, proposes the compilation methods of RCD and introduces the way to combine internal audit and ERM system. The thesis describes the implementations of ERM system and gives the indemnifications for problems to ensure a smooth consummation.This thesis applies the COSO-ERM framework to the design of state-owned enterprises’ comprehensive risk management system in our country and considers the Y company’s governance structure, internal control system and internal audit system at the same time. All the above plays an important role on the construction of ERM system that fits company Y and also has a certain reference value for enriching and consummating comprehensive risk management theory system in our country.