At the start of the 21st century, the United States economy was shaken in part by widespread corporate scandals that resulted in enormous losses for many shareholders and have dissolved much of investor confidence. In response to these unfortunate incidents of fraudulent financial reporting, laws were passed and committees were organized in an effort to prevent such incidents from happening again. However, due to previous scandals, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) was established in 1985 to initially research and write a report on the training of integrated corporate internal control frameworks. The revised version of the report in 1994 “presented a common definition of internal control and provided a framework against which internal control systems can be evaluated and improved. This report is the standard that U.S. companies use to assess their compliance with [the Foreign Corrupt Passages Act of 1977.” ]" (Wikipedia, 2007). Amid subsequent corporate scandals in 2001, COSO developed a new framework "that would be easily used by management to evaluate and improve their organization's enterprise risk management" (Wikipedia, 2007). COSO, 2007).The current COSO framework involves several key concepts and eight components for enterprise risk management. These will be discussed throughout the following pages as part of a proposed plan for implementing management. Enterprise Risk Management (ERM) for a small business named Laminate Board Manufacturing, Inc. Key Concepts of COSOAccording to its website, COSO maintains that there are four key concepts regarding internal control providing reasonable assurance in the achievement of. objectives of a company. The first is that “internal control is a process. It is a means to an end, not an end in itself. It is not just about manuals and policy forms, but about people at all levels of an organization." Third, "internal control can be expected to provide only reasonable assurance, not absolute assurance, to the management and board of directors of an entity". Finally, "internal control is oriented towards the achievement of objectives in one or more distinct but intertwined categories" (COSO, Key Concepts, 2005) These statements establish a realistic view of the limitations of COSO's recommended procedures and serve as a reminder of the need for human diligence in auditing progress toward achieving COSO's objectives. small, growing wood products company located in southern Oregon In anticipation of much greater growth in the near future, LBM is seeking to improve its enterprise risk management, in part through implementation. implementation of COSO recommendations. Although COSO has eight elements, the Committee itself states that not all will operate in the same way and that their "application in small and medium-sized entities...may be less formal and less structured" (COSO, 2007).