Understanding and communicating Risk appetite

Organizations encounter risk every day as they pursue their objectives. In conducting appropriate oversight, management and the board must deal with a fundamental question: How much risk is acceptable in pursuing these objectives? Added to this, regulators and other oversight bodies are calling for better descriptions of organizations risk management processes, including oversight by the board.
This thought leadership document is one of a series of papers, sponsored by the Committee of Sponsoring Organizations of the Tread way Commission (COSO), to
help organizations implement enterprise risk management (ERM). The COSO document Enterprise Risk Management Integrated Framework explicitly states that organizations must embrace risk in pursuing their goals. The key is to understand how much risk they are willing to accept. Further, how should an organization decide how much risk it is willing to accept? To what extent should the risks accepted mirror stakeholders objectives and attitudes towards risk? How does an organization ensure that its units are operating within bounds that represent the organizations appetite for specific kinds of risk?