The “2008 ERM Benchmarking Survey” conducted by the Institute of Internal Auditors (IIA‟s) and
IIA Research Foundation‟s Global Audit Information Network revealed in 2009 that the COSO‟s
Enterprise Risk Management – Integrated Framework is the most commonly used framework to
guide risk management efforts. In the perspective of experts, the only rival to this is the revised ISO
31000 standards published in late 2009