The COSO Framework is a depiction of one of the most widely recognized and applied risk management frameworks in the world. The COSO model was developed by the Committee of Sponsoring Organizations of the Treadway Commission.
Internal Controls are effectively broken up into five separate components in order to support the organization’s mission, strategies, and business objectives.
Control Environment
Risk Assessment
Existing Control Activities
Monitoring
Information and Communication
Sets the overall tone of the organization and is the foundation for all other components of internal control. Includes elements such as:
Management’s integrity and ethical values
Operating philosophy
Organizational structure
HR policies and practices
The identification and analysis of relevant risks to the achievement of objectives.
Areas, where risk may arise, are:
Rapid expansion of operations
Corporate restructuring
Acquisitions
Incorporation of new technology
Are the policies and procedures that ensure management directives are carried out and risks are addressed?
Control Activities:
Pre-numbering documents (your checkbook)
Signed approval of transactions
Checks and Balances
Documentation (paper trail)
Physical Controls (security)
The process assesses the quality of internal control performance over time.
Monitoring actions:
Management: Establish & Maintain Internal Control
Evaluation of Internal Control performance
Internal Audit to Evaluate & Recommend Improvements
Evaluation of Communications
INFORMATION encompasses the accounting system as well as any other methods & records that:
Identify and record all valid transactions
Describe and allow proper classification
Present transactions in financial statements
Measure monetary value of transactions
COMMUNICATION involves providing an understanding of individual roles and responsibilities pertaining to internal control and financial reporting. Auditors look for:
The methods used to communicate
Communications between management and those with governance
Communication between management and external parties
Segregation of Duties is a key part of implemented internal controls over a company’s assets. Segregation of Duties Focuses on two parts:
Checks and Balances, oversight and review to catch errors
Prevent Fraud and Abuse by separating the responsibility of key functions of the transactions of money.
Learn more about segregation of duties by going to our article on – What is “Segregation of Duties”?
Source:
COSO Internal Controls- Integrated Framework Principles, © [2013] Committee of Sponsoring Organizations of the Treadway Commission (COSO). All rights reserved. Used with permission.
Disclaimer:
This publication is designed to provide information on federal tax and accounting laws and/or regulations. It is presented with the understanding that the author is not rendering legal or accounting services.
This text is not intended to address every situation that arises or provide specific, strategic tax and/or accounting planning advice. This text should not be used solely to answer tax and/or accounting questions and you should consult additional sources of information, as needed, to determine the solution to tax and/or accounting questions.
This text has been prepared with due diligence. However, the possibility of mechanical or human error does exist and the author accepts no responsibility or liability regarding this material and its use. This text is not intended or written by the practitioner to be used and cannot be used by a taxpayer or tax return preparer, for the purpose of avoiding penalties that may be imposed.
Copyright 2023 © ProAdvisor CPA
All Rights Reserved
Privacy Policy – Terms and Conditions
ProAdvisor CPA is an active, registered, & licensed Certified Public Accounting firm that abides by the strict regulations of the State Board of Accountancy.