Publication
The Management is a key element in organizations and is a major component in their success. The aim of this thesis is to study the implementation of an enterprise management by putting forward the human factor. The ISO31000 ”Risk Management” standard and the COSO II ”Enterprise Risk Management Framework” were analyzed and mapped. It was found that their structure is similar and the majority of aspects are included in both frameworks. Ten semi-structured interviews were conducted with people working in the field of risk management. The interviews focused on the human factor in the risk management standards in order to identify potential gaps in the frameworks. The interviews were synthesized, analyzed and three hypotheses were put forward. With the ISO31000 and COSO mappings as well as the analysis of the interviews, it was highlighted that the definition of the human factor was not included and the notions of team management were not developed. These elements are aspects that influence risk management. Based on the hypotheses and findings of the analysis of the ISO31000 and COSO standards, a management recommendation was developed. This management recommendation defines the human factor, gives tools for an e↵ective team management and also puts forward the method of Control Self-Assessment (CSA), a method involving the employees in the evaluation of the process of risk management and control.