Success Stories
Comprehensive White Papers
Join our Mailing List
Please enter your e-mail address to receive product updates and news:
News & Events

11 November 2010
SPV America to provide Security Weaver workshops
Register for workshops in Munich Germany and San Francisco CA.

10 November 2010
SPV America CEO Presented at Systems 2009
Vanessa Balogh presented on the following topics:

GRC a holistic approach with today's tools and technologies

Moving beyond Information Security to Process Oriented Risk Management

7 November 2010
SOX Institute releases First Book in Sarbanes-Oxley Body of Knowledge (Sox BokTM) Series
SOX Institute today announced the publication of the first book in its Sarbanes-Oxley Body of Knowledge (SOXBoK) series, “The Sarbanes-Oxley Act: An Introduction”. SOX Institute recognizes 23 professionals including SPV America in the creation of the SOX BoK. More info.

Managing Risks

Businesses today face the challenge of striking the right balance between risks and opportunity.  The underlying premise of Risk Management is that every organization exists to provide value to its stakeholders.  To enhance long term value creation, management must be trusted to effectively deal with uncertainty and associated risk and opportunity.  Organizations that are too risk adverse often struggle to prosper and grow.  Instituting a culture of doing the right thing at the right time, also known as Tone at the Top, instills the proper balance between risk and opportunity.

Designing and implementing governance and compliance programs establishes the framework in which the company can understand and manage enterprise wide risk.  Enterprise Risk Management, as defined by COSO II, is a process, affected by an organization’s board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the organization, and manage risks in order to provide reasonable assurance regarding the achievement of entity objectives.


The Committee for Sponsoring Organizations of the Treadway Commission was formed in 1985 to study the causal factors that can lead to fraudulent reporting and to make recommendations for public companies and their auditors, the SEC and other regulators and educational institutions. It is jointly sponsored by the American Accounting Association, the American Institute of Certified Public Accountants, Financial Executives International, the Institute of Internal Auditors and the Institute of Management Accountants.  COSO has issued various reports on internal control models, and recent ones on the Enterprise Risk Management model.

Sound governance policy should include an Enterprise Risk Management function consisting of the following:

  • Board awareness and approval for risk strategy
  • Management ownership of the risk strategy on an enterprise wide basis
  • Support the flow of information that reinforces the risk culture throughout the organization
  • Manage business processes in order to mitigate inherent business risk.
  • Protect against fraud by instituting Segregation of Duties controls
  • Enterprise risk and compliance initiatives are managed seperatley
  • Reduce the incidence of compliance failure.
  • Operate within the boundaries of relevant legislation and regulations. identifying, understanding and managing risk 
Our full-suite of GRC Services:
Related Challenges:
Related Sites
For More Information
Please contact your local SPV America office, or email us: