New COSO ERM Guidance

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) just issued its 2026 paper, *From Guidance to Action: Exploring Practical Enterprise Risk Management*. Unlike earlier editions that treated risk as a checklist, the new guidance insists that ERM must be woven into the decision‑making fabric of an organization. By shifting the focus from cataloguing hazards to delivering decision‑ready risk signals, COSO aims to turn risk management from a compliance exercise into a strategic lever. This reflects a broader industry move toward “decision‑useful” risk intelligence.

Practically, the paper calls for risk information to be embedded in planning, investment and operating rhythms, so leaders receive concise, actionable insights even when the risk team is not at the table. The authors illustrate how risk‑adjusted options, trigger definitions, and clear ownership can replace static heat maps that often stall deliberations. However, reviewers note a glaring omission: the day‑to‑day decision makers—product managers, procurement officers, and technology leads—are absent from the examples, limiting the guidance’s relevance to frontline execution.

Enterprises that adopt decision‑useful ERM can expect sharper resource allocation, faster pivots, and stronger board confidence. By framing risk in the language of choices—what could change a decision and when—organizations turn uncertainty into a source of competitive advantage rather than a bureaucratic hurdle. The guidance also encourages CROs to position risk as a “Department of Know, not No,” partnering with business units to identify upside opportunities alongside downside threats. Companies that internalize these principles are likely to see higher bet‑success rates and a more resilient, agile operating model.