Coso ERM and cyber risks in oil and gas industry
Abstract
The business world is changing rapidly, new risks continue to emerge at a faster pace than has been seen in the past while existing risks are also evolved. To compact and bring more value in dealing with risks, the Committee of Sponsoring Organisations of the Treadway Commission (COSO) has updated its most widely recognised risk management frameworks - COSO ERM 2004. The newly introduced framework, COSO Enterprise Risk Management - Integrating with Strategy and Performance (COSO - ERM 2017), aims to provide companies with a more robust approach to managing risks, which helps to create, preserve and realise value of the companies.
Oil and gas is one of the highest risk and capital-intensive industries facing many uncertainties around exploration, extraction, distribution, volatile commodity prices and the perplexing political landscape. Therefore, a discipline and systematic approach for risk management is needed for oil and gas companies to identify, assess, manage and monitor risks, and COSO ERM provides a risk management framework to do so. Oil and gas companies are also in the forefront to adopt many technologies such as robotics, digitisation, and the Internet of Things (IoT) into the operational environment. As a result, cyber risk becomes increasingly important for oil and gas companies to respond to.
References
2. Mary E.Galligan, Kelly Rau. COSO in the cyber age. Deloitte Global. 2015.
3. Paul Zonneveld, Andrew Slaughter. An integrated approach to combat cyber risk: Securing industrial operations in oil and gas. Deloitte Global. 2017.
4. Deloitte Global. Taking aim at value survey: Avoid overconfidence and look again at risk. 2017.
5. Deloitte Global. COSO’s ERM framework update comes with strategic risk advantage. 2017.
6. Deloitte Global. 2017 oil and gas industry executive survey: Trends show a pause in industry confidence. 2017.
7. Lindsey O’Donnell. Insecure SCADA system blamed in rash of pipeline data network attacks. 2018.
8. Naureen S.Malik, Ryan Collins, Meenal Vamburkar. Cyberattack pings data systems of at least four gas networks. Bloomberg. 2018.
1. The Author assigns all copyright in and to the article (the Work) to the Petrovietnam Journal, including the right to publish, republish, transmit, sell and distribute the Work in whole or in part in electronic and print editions of the Journal, in all media of expression now known or later developed.
2. By this assignment of copyright to the Petrovietnam Journal, reproduction, posting, transmission, distribution or other use of the Work in whole or in part in any medium by the Author requires a full citation to the Journal, suitable in form and content as follows: title of article, authors’ names, journal title, volume, issue, year, copyright owner as specified in the Journal, DOI number. Links to the final article published on the website of the Journal are encouraged.
