Coso framework
Upcoming SlideShare
Loading in...5

Coso framework






Total Views
Views on SlideShare
Embed Views



1 Embed 44 44


Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Coso framework Coso framework Presentation Transcript

    • COSO Framework
      Ryan J. Hutten
      Aaron Zillinger
    • COSO
      Comprised of:
    • COSO: Committee of Sponsoring Organizations
      AAA (American Accounting Association)
      AICPA (American Institute of Certified Public Accountants)
      FEI (Financial Executives International)
      IMA (Institute of Management Accountants)
      IIA (Institute of Internal Auditors)
    • COSO Continued
      MISSION STATEMENT: The Committee of Sponsoring Organizations’ (COSO) mission is to provide thought leadership through the development of comprehensive frameworks and guidance on enterprise risk management, internal control and fraud deterrence designed to improve organizational performance and governance and to reduce the extent of fraud in organizations.
    • …But that’s not really what we’re talking about…
      The COSO Framework is about helping senior executives and managers in their establishment of better and more accurate internal controls
    • The Control Environment
      Attitudes, awareness, policies, and actions of management, board of directors, and staff concerning internal control and its importance in the entity
      Positive control environment:
      Provides discipline and structure
      Communicates integrity and ethical values
      Sets a positive “Tone at the Top” and “Trickle-down Effect” (Ref. 2)
    • The Control Environment
      7 Factors Affecting the Control Environment
      Communication and Enforcement of Integrity and Ethical Values
      Commitment to competence
      Participation of governance
      Managers Philosophy and Operating Style
      Organizational Structure
      Assignment of authority and responsibility
      Human resource policies and practices
    • Risk Assessment
      Management’s identification of risk including:
      Looking for risk relevant to the preparation of the financial statements
      Estimating their significance
      Assessing the likelihood of their occurrence
      Deciding on the best way to manage them
    • Where does this risk come from?
      Changes in operating environment
      New Personnel
      Rapid Growth
      Corporate Restructurings
    • Information System and Related Processes
      Infrastructure that consists of software, people, procedures, and data
      Identifies, captures, and communicates information in a form and timeframe that members involved can carry out their responsibilities
      Example: Accounting system
      Incorporates procedures that initiate, record, process, and report entity transactions and maintain accountability for related assets
    • Control Activities
      Pertain to internal controls to verify that management’s directives are carried out to address risks
      Might include:
      Performance Reviews
      Physical Controls
      Segregation of Duties
    • Monitoring of Controls
      Newly issued by COSO (2009) “Guidance on Monitoring Internal Control Systems”
      Purpose: To assess the quality of internal control performance over time and redesign controls when risks change
      Also necessary:
      Establish a baseline for control effectiveness
      Design and execute monitoring procedures that are based on the significance of business risks relative to entity objectives
      Assess and report results
      Follow-up and/or corrective actions
      Can be ongoing or nonrecurring
      Example: Inventory Valuation
    • Conclusion
      Control Environment: Verifying Compliance set forth in the Code of Conduct
      Risk Assessment: Verifying the controls in place keep the company free of material misstatement
      IS & Related Processes: Verification that the IS measures line item accounts and management assertions accurately
      Control Activities: Discourages unethical behavior to better achieve management goals
      Monitoring of Controls: Assesses the quality and effectiveness of Internal Controls, and how to change them for the better
    • Works Cited
      "Internal Control - Integrated Framework." Committee of Sponsoring Organizations. Web. 2 Oct. 2011. <>.
      Messier. Auditing and Assurance Services. 7. New York: McGraw-Hill Irwin, 2010. 187-96. Print