• Home

  • Documents

  • How Coso Has Improved Imternal Control in the United States
prev
next
out of 3

How Coso Has Improved Imternal Control in the United States

Embed Size (px)

Citation preview

  • 8/13/2019 How Coso Has Improved Imternal Control in the United States

    1/3

    HOW COSO HAS IMPROVED IMTERNAL CONTROL IN THE UNITED STATES

    Since its inception in 1985, the Committee of Sponsoring Organization of the Treadway Commission

    (COSO) has created a variety of methods to improve the internal control processes used by

    organizations worldwide. All types of the entities can improve internal controls by carefully

    examining the contributions of COSO over time.

    COSO is a voluntary, private sector entity comprised of the following five professional organizations

    a. The American Institute of Certified Public Accountants (AICPA);b. The American Accounting Association (AAA)c. The institute of Managerial Accountants (IMA)d. The Institute of the Internal Auditors (IIA);ande. Financial Executives International (FEI)

    COSO has contributed greatly to the audit profession since its inception in 1985. Although COSO was

    intended to have only a 12-to 18-month life, it is still making significant contibutions worldwide.

    In February 2009, COSO published Guidance Monitoring Internal Control Systems. This guidance can

    help auditors and managers at organizations of any size monitor the effectiveness of internal control

    objectives related to finance, operations, and compliance.

    Internal Control prior to COSO

    There had been several modification of the term internal control prior to the creation of COSO. In

    1958, Statement of Accounting Practice (SAP) No. 29 defined internal control as having two

    components; accounting controls and administrative controls.In attempt to prevent auditors from detecting brides, some corporations established slush funds,

    or off-the-books accounts. Because of the transactions involved cash exchanges that were not

    recorded on an organizations books, there was no audit trail, which madedetecting bribes almost

    imposible.

    About COSO

    COSO was originally called the National Commission on Management Fraud, and its primary

    objective was to identify factors associated with fraudulent financial reporting while reducing

    taxpayer dollars allocated to excessive regulaory compliance.

    COSO is sometimes referred to as the Treadway Commission, after its first board chairman, James C.Treadway. Prior to being the chairman for COSO, Treadway was appointed by President Ronald

    Reagan as the Commissioner of the Securities and Exchange Commission (SEC) from 1982 to 1985.

    COSOs guidance

    Looking at internal control frameworks from a historical perspective can help management and

    auditors comprehend how COSO has contributed to improving organizations risk management

    processes and internal control systems.

    Internal Control-Intergrated Framework

    In 11992, COSO published Internal Control-Intergrated Framework, which defined internal control as

  • 8/13/2019 How Coso Has Improved Imternal Control in the United States

    2/3

    a process. Hence. This internal control framework went one step further than the FCPA. The

    objectives of the COSO internal control framework help address the following questions:

    a. How do we define internal control?b. What best practices should we incorporate into internal audits envolving role?c. How can internal audit become an integral part of risk management processes and maintain

    independence?

    d. What should be the departments strategic plan be?e. How should the audit function deliver its services and communicate its observations?

    Control Environment.

    The control enviroment sets the tone for an organization and its often perceived as the most crucial

    component, although it is difficult to manage and effectively evaluate.

    Risk Assessment.

    The risks faced by an organization nedd to be continuously monitored, to ensure that anorganizations goals and objectives can be met.

    Control Activities.

    Control activities are the policies and procedures needed to mitigate risks so that an organizations

    goals and obectives can be achieved.

    Informayion and Communication

    Information should be identified, gathered, and communicated to appropriate individuals in a timely

    manner.

    Monitoring

    Monitoring involves continuous processes to elimate risks so that an organizations goals and

    objectives are met.

    Internal Control Issues in Derivatives Usage

    According to COSO, risk management processes related to derivatives should involve the following:

    a. Understanding operations and entity wide objectivesb. Indentifying, measuring, assessing, and modifying business riskc. Evaluating the usage of derivatives to control market risk and linking use to entity wide and

    activity level objectivesd. Defining risk management activities and terms relating to derivatives to provide a clear

    understanding of their usage

    e. Assessing the appropriateness of specified activities and strategies relating to the use ofderivatives

    f. Establishing procedures for obtaining and communicating information and analyzing andmonitoring risk management activities and their results.

    Enterprise Risk Management-Integrated Framework

    In 2001, COSO commissioned a group of professors at the University of Virginia to assits in

    determining whether a risk management framework was necessary. In 2004, COSO published

  • 8/13/2019 How Coso Has Improved Imternal Control in the United States

    3/3

    Enterprise Risk Management-Integarted Framework, often referred to as the COSO ERM framework.

    The COSO ERM framework has the following eight components:

    Internal enviroment Objective setting Event identification Risk assessment Risk response Control activities Information and communication Monitoring

    Guidance for Smaller Public Companies

    While COSOs Internal Control-Integrated Framework was intended for all types and sizes of

    organization, specific guidance was deemed necessary to help smaller organization comply with

    Sarbanes-Oxley Act, especially Section 404. In 2006, COSO issued Internal Control Over Financial

    Reporting-Guidance Smaller Public Companies. This guidance gives a high level overview for senior

    management and board members, real examples drawn from small organizations, and techniques to

    help smaller organizations implement and evaluate internal control specifically related to financial

    reporting.

    Guidance on Monitoring Internal Control Systems

    COSO emphasizes the following three primary elements of monitoring:

    Organizations should have an effective control environment for monitoring internal controlsto create an appropriate tone at the top that highlights the importance of internal controls

    and the related role of monitoring internal control.

    Organizations should priorize effective monitoring procedures and allocate monitoringresources consistent with the organizations risk appetite.

    Organizations should establish a communication structure to allow timely reporting ofmonitoring activities, including control weaknesses, to appropriate parties.

    In order to achieve these objectives and design effective monitoring procedures, COSOsmonitoring

    guidance recommends that companies perform the following for steps.

    a. Prioritize risks. Understand and prioritize risks to organizational objectives.b. Identify controls. Identify key controls accross the internal controls systems that address

    those prioritized risks

    c. Identify information. Identify information that will persuasively indicate whether the internalcontrol system is operating effectively.

    d. Implement monitoring. Develop and implement cosy effective procedures to evaluate thatpersuasive information.


INTOSAI COSO

INTOSAI COSO

Documents
COSO DefinED

COSO DefinED

Documents
grupo 13 , coso I, COSO II , COSO III Y GUIA DE IMPLEMENTACION.docx

grupo 13 , coso I, COSO II , COSO III Y GUIA DE IMPLEMENTACION.docx

Documents
Singapore Quick Guide to the COSO - Protiviti...The COSO Enterprise Risk Management-Integrated Framework and the COSO Internal Control-Integrated Framework (COSO Frameworks) are internationally

Singapore Quick Guide to the COSO - Protiviti...The COSO Enterprise Risk Management-Integrated Framework and the COSO Internal Control-Integrated Framework (COSO Frameworks) are internationally

Documents
Coso Erm.ppt

Coso Erm.ppt

Documents
InternalControlQuestionnaire coso

InternalControlQuestionnaire coso

Documents
AMRAE Référentiel COSO 2013 sur le contrôle interne · COSO is a joint initiative of five private sector organizations, established in the United States, dedicated to providing

AMRAE Référentiel COSO 2013 sur le contrôle interne · COSO is a joint initiative of five private sector organizations, established in the United States, dedicated to providing

Documents
COSO Y COSO ERM

COSO Y COSO ERM

Business
informe coso

informe coso

Documents
COSO Enterprise Risk Management …...Framework now? 1 Who is COSO and what is the COSO ERM Framework? Introducing COSO COSO recognises the growing expectation of organisations to

COSO Enterprise Risk Management …...Framework now? 1 Who is COSO and what is the COSO ERM Framework? Introducing COSO COSO recognises the growing expectation of organisations to

Documents
Improved Methodology for Limit States Finite Element

Improved Methodology for Limit States Finite Element

Documents
09CONTROLMA4KU68INTERNALCONTROL COSO

09CONTROLMA4KU68INTERNALCONTROL COSO

Documents
LOGO COSO I Y COSO II.. LOGO Contenidos. ¿Qué es el COSO? 1 Informe COSO 2 Objetivos Informe COSO 3 Componentes del Control Interno. 4

LOGO COSO I Y COSO II.. LOGO Contenidos. ¿Qué es el COSO? 1 Informe COSO 2 Objetivos Informe COSO 3 Componentes del Control Interno. 4

Documents
COSO 1 Y COSO 2

COSO 1 Y COSO 2

Documents
Sistema Coso

Sistema Coso

Documents
Using COSO Principle 11 for IT Audits · COSO Principle 11 states that the organization selects and develops general control activities over technology to support the achievement

Using COSO Principle 11 for IT Audits · COSO Principle 11 states that the organization selects and develops general control activities over technology to support the achievement

Documents
Improved “magic states” distillation for quantum universalitybreichar/talks... · Improved “magic states” distillation for quantum universality Ben W. Reichardt UC Berkeley

Improved “magic states” distillation for quantum universalitybreichar/talks... · Improved “magic states” distillation for quantum universality Ben W. Reichardt UC Berkeley

Documents
COSO Framework

COSO Framework

Documents
BEYOND COMPLIANCE: IMPLEMENTING COSO IN ......COSO) is a joint initiative of five private sector organizations, including The IIA, established in the United States. • The COSO Internal

BEYOND COMPLIANCE: IMPLEMENTING COSO IN ......COSO) is a joint initiative of five private sector organizations, including The IIA, established in the United States. • The COSO Internal

Documents
COSO Guidance

COSO Guidance

Documents
COSO Auditoria

COSO Auditoria

Documents
9º COSO I Y COSO II.ppt

9º COSO I Y COSO II.ppt

Documents
Cumple coso!

Cumple coso!

Documents
Control Coso

Control Coso

Documents
13 COSO I Vrs COSO II

13 COSO I Vrs COSO II

Documents
Presentacion coso

Presentacion coso

Education
Exposicion COSO

Exposicion COSO

Documents
Cibera coso

Cibera coso

Documents
Coso, New Coso, Iso 31000

Coso, New Coso, Iso 31000

Documents
Coso - Biblat

Coso - Biblat

Documents