Under pressure — from regulations, competition, legal liability, and corporate governance — organizations build risk management programs and processes that encompass operational risks as well as traditional financial risks. Many organizations look first to The Committee of Sponsoring Organizations of the Treadway Commission (COSO) enterprise risk management (ERM), only to discover that it is poorly written and difficult to implement. The Australia/New Zealand 4360:2004 Risk Management Standard (AS/NZ 4360) is more mature, straightforward, and flexible with a wealth of implementation resources for different risk scenarios.