COSO.doc - What Is The COSO Framework The COSO model defines internal control as \u201ca process effected by an entity\u2019s board of directors management

COSO.doc - What Is The COSO Framework The COSO model...

This preview shows page 1 - 4 out of 7 pages.

What Is The COSO Framework? The COSO model defines internal control as “a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance of the achievement of objectives in the following categories: Effectiveness and efficiency of operations Reliability of financial reporting Compliance with applicable laws and regulations” In an “effective” internal control system, the following five components work to support the achievement of an entity’s mission, strategies and related business objectives. 1. Control Environment Integrity and Ethical Values Commitment to Competence Board of Directors and Audit Committee Management’s Philosophy and Operating Style Organizational Structure Assignment of Authority and Responsibility Human Resource Policies and Procedures 2. Risk Assessment Company-wide Objectives Process-level Objectives Risk Identification and Analysis Managing Change 3. Control Activities
Image of page 1
Policies and Procedures Security (Application and Network) Application Change Management Business Continuity/Backups Outsourcing 4. Information and Communication Quality of Information Effectiveness of Communication 5. Monitoring Ongoing Monitoring Separate Evaluations Reporting Deficiencies These components work to establish the foundation for sound internal control within the company through directed leadership, shared values and a culture that emphasizes accountability for control. The various risks facing the company are identified and assessed routinely at all levels and within all functions in the organization. Control activities and other mechanisms are proactively designed to address and mitigate the significant risks. Information critical to identifying risks and meeting business objectives is communicated through established channels up, down and across the company. The entire system of internal control is monitored continuously and problems are addressed timely. The 'Committee of Sponsoring Organizations of the Treadway Commission' ('COSO') is a joint initiative to combat corporate fraud. It was established in the United States by five private sector organizations, dedicated to guiding executive management and government entities in relevant aspects of organizational governance, business ethics, internal control, business risk management, fraud and financial reports. COSO has established a common internal control model against which companies and organizations can evaluate their control systems. COSO has the support of five support organizations: the Institute of Management Accountants (IMA), the American Accounting Association (AAA), the American Institute of Certified Public Accountants (AICPA), the Institute of Internal Auditors (IIA) and Financial Executives International (FEI).
Image of page 2
The COSO framework involves several key concepts: Internal Control is a "process". It is a means to an end, not an end in itself.
Image of page 3
Image of page 4

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture