Strategic Change for Effective Risk Management: Risk Governance in the Light of the COSO Enterprise Risk Management Framework 2017

ABSTRACT Multiple crises, increasing complexity, and uncertainty continue to challenge organizations worldwide, leading to a rise in corporate insolvencies. Consequently, the relevance of risk management (RM) and risk governance (RG) is rising. The primary objective of RG is to ensure that RM effectively safeguards the organization from risks, thereby facilitating the achievement of competitive advantages. This study conducts a conceptual analysis of the revised COSO Enterprise Risk Management (ERM) Framework 2017, which provides a comprehensive approach for integrating strategy and performance within enterprise RM, in the context of existing RG perceptions. The approach combines conceptual rigor with practical relevance, offering specific recommendations for organizations seeking to institutionalize RG: strengthening board‐level risk oversight, embedding risk culture across all organizational levels, and aligning RM practices with strategic objectives and performance. Overall, this study contributes to both academic discourse and corporate practice by providing insights into the applicability of the revised COSO ERM Framework 2017 for the realization of RG.