Traditional risk management, which leaves decision making in the hands of division heads, can lead to siloed evaluations that do not account for other divisions. The COSO framework for enterprise ...