RISK QUOTE: I never think of the future. It comes soon enough.
—ALBERT EINSTEIN, PHYSICIST
RISK QUOTE: The lion and the calf shall lie down together but the calf won’t get much sleep.
—WOODY ALLEN, WRITER/ACTOR/DIRECTOR/PRODUCER
The Sarbanes-Oxley Act of 2002 (SARBOX) established new standards for corporate governance, internal control assessment, and financial disclosure. It required new controls for managing and reporting risk. The Act is a driver for ERM but is not the same as ERM. It is a subset, and a relatively small subset at that. In this chapter, we cover basic tenets of the Act but do not put it into an ERM structure.
The goal of the Act is “to protect investors by improving the accuracy and reliability ...