Skip to main content

MINNEAPOLIS, November 11, 2020

Society of Corporate Compliance and Ethics & Health Care Compliance Association (SCCE & HCCA) is pleased to announce the publication by the Committee of Sponsoring organizations of the Treadway Commission (COSO) of Compliance Risk Management: Applying the COSO ERM Framework.

The publication, commissioned by COSO and authored by SCCE & HCCA, describes the characteristics of effective compliance and ethics (C&E) programs associated with each of the five components and twenty underlying principles of COSO’s Enterprise Risk Management (ERM) framework. A significant aspect of ERM is its focus on creating, preserving, and realizing value. Effective C&E programs contribute to each of these objectives.

“Compliance risks are common and frequently material risks to achieving an organization’s objectives,” said Paul Sobel, COSO Chairman. “This publication aims to provide guidance on the application of the COSO ERM framework to the identification, assessment, and management of compliance risks by aligning it with the C&E program framework, creating a powerful tool that integrates the concepts underlying each of these valuable frameworks.”

The publication provides guidance for risk managers, internal auditors, compliance professionals and others directly involved in managing compliance risk, as well as to assist members of senior management and boards of director in understanding their roles in compliance risk management.

“As compliance and ethics programs continue to evolve and gain wider adoption globally, it makes increasing sense to understand and appreciate the synergies that can be achieved by applying the ERM framework,” said Gerry Zack, the CEO of SCCE & HCCA. “The goal of this publication is to facilitate this synergy by creating a roadmap between required and emerging practices for C&E programs and the COSO ERM framework.”

SCCE & HCCA has developed a virtual conference to assist in understanding and applying the guidance found in this important publication. Applying the COSO ERM Framework to Compliance Risk Management is a one-day educational event, led by the publication authors, who are leaders in the compliance and ethics profession.

Please visit the SCCE & HCCA resource page at for further information.