In 1992, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) developed a COSO Framework for evaluating internal controls. This model has been adopted as the generally accepted framework for internal control and is widely recognized as the definitive standard against which organizations measure the effectiveness of their systems of internal control.
WHAT IS THE COSO FRAMEWORK?
The COSO model defines internal control as “a process effected by an entity’s board of directors, management and other personnel designed to provide reasonable assurance of the achievement of objectives in the following categories:
In an effective internal control system, the following five components work to support the achievement of an entity’s mission, strategies and related business objectives:
These components work to establish the foundation for sound internal control within the company through directed leadership, shared values and a culture that emphasizes accountability for control. The various risks facing the company are identified and assessed routinely at all levels and within all functions in the organization. Control activities and other mechanisms are proactively designed to address and mitigate the significant risks. Information critical to identifying risks and meeting business objectives is communicated through established channels across the company. The entire system of internal control is monitored continuously, and problems are addressed timely.
KnowledgeLeader offers a number of resources on COSO, including the items listed below. Explore the website for additional knowledge on this topic.
Entity-Level Controls Risk Assessment Questionnaire
Entity-Level Controls Fraud Questionnaire
Entity-Level Control Environment Questionnaire