COSO tips: Developing agility in a changing environment

Agile organizations can outmaneuver their competitors in a rapidly changing business environment that has been buffeted by shocks resulting from the COVID-19 pandemic and Russia’s invasion of Ukraine.

Agility has become a coveted organisational quality in a business environment that's been prone to repeated shocks associated with events such as the COVID-19 pandemic and Russia's invasion of Ukraine.

Organisations that can pivot quickly to avoid risks and take advantage of opportunities can outmanoeuvre their competitors in these conditions. This has made the development of agility an increasing priority for management and governance bodies.

New guidance issued Wednesday by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), Enabling Organizational Agility in an Age of Speed and Disruption, provides strategies for leaders who endeavour to make enhancing agility a priority in their enterprise risk management (ERM) processes.

The guidance provides strategies for using COSO's popular 2017 ERM framework to address agility.

"In guiding an organisation, leaders cannot just move fast; they must also have a sense of direction," COSO Chairman Paul Sobel said in a news release. "It is imperative that ERM practices be aligned with the organisation's agile approach to help them meet their objectives and achieve enhanced value as they pursue their mission and strategies in a world that is rapidly changing. The COSO ERM framework provides a great method for thinking about how and where risk should be considered as companies become more agile."

COSO is dedicated to helping businesses enhance internal control, ERM, governance, and fraud deterrence. The AICPA is a sponsor of COSO, whose tips for ERM leaders to succeed in an agile environment include:

  • Regularly assessing the environment and the ability of the strategic approach to succeed in that environment.
  • Taking risks, but never blindly.
  • Factoring the speed of change, risks, and disruption into new business models.
  • Being aware that agility can mitigate some risks but also can introduce new risks.
  • Gathering and understanding the noise in the market and how it affects the business and operating model, as well as building an early-warning system.
  • Performing regular assessments of ERM as well as the purpose, mission, and alignment of ERM with the current environment, strategic approach, and business units.

"Organisational greatness includes taking risks but never blindly. Organisational leaders should regularly assess the environment in which they operate and the ability of the strategic approach to succeed in that environment," Paul Walker, CPA, Ph.D., author of the COSO paper and leader of the Center for Excellence in ERM at St. John's University's Tobin College of Business in New York, said in a news release. "An ERM framework and the ERM team can play a crucial role in helping organisations manage the risk. Importantly, the ERM function itself needs to be updated to keep up with these changes, or the ERM function will quickly be out of step with the rest of the organisation."

— To comment on this article or to suggest an idea for another article, contact Ken Tysiac at