Coso And Internal Audit
Upcoming SlideShare
Loading in...5
×
 

Coso And Internal Audit

on

  • 2,322 views

 

Statistics

Views

Total Views
2,322
Views on SlideShare
2,308
Embed Views
14

Actions

Likes
0
Downloads
115
Comments
0

4 Embeds 14

http://www.linkedin.com 8
https://twitter.com 3
https://www.linkedin.com 2
https://twimg0-a.akamaihd.net 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Coso And Internal Audit Coso And Internal Audit Presentation Transcript

  • COSO and Internal Audit
    Ijaz ur Rehman Qureshi
  • Session objectives
    By the end of the session you will be able to
    Understand how COSO links to our audit approach
    Understand the dimensions of the COSO cube
    List the 5 internal control components
    Describe the key considerations within each component
    Have an awareness of COSO2
  • What are the 4 stages of the ACM?
    Scoping
    Understanding
    Evaluating
    Validating
  • Where does COSO fit into Audit
    When performing the understanding, evaluating and validating stages we look at our clients’ internal controls.
    SCOPING
    VALIDATING
    AUDITCOMFORT
    CYCLE
    UNDERSATANDING
    EVALUATING
    INTERNALCONTROLS
  • Internal Control Framework (COSO)
    SCOPING
    VALIDATING
    AUDITCOMFORT
    CYCLE
    UNDERSATANDING
    EVALUATING
    INTERNALCONTROLS
    COSO = Framework
    against which we
    assess internal
    controls
  • Who or what is COSO?
    The Committee of Sponsoring Organizations of the Treadway Commission
    Voluntary, private sector organisation originally formed in 1985
    Dedicated to improving the quality of financial reporting through business ethics, effective internal controls and corporate governance.
  • Five components of internal control
    Monitoring
    Information and Communication
    Control Activities
    Risk Assessment
    Control Environment
    The five components of internal control as
    described in the COSO framework are as follows:
  • Understanding Control Activities
    • Policies/procedures that ensure management directives are carried out.
    • They help ensure that necessary actions are taken to address risks.
    • Control activities occur throughout the organization, at all levels and in all functions.
    • Range of activities including:
    Approvals, authorizations, verifications, recommendations, performance reviews, asset security and segregation of duties.
  • COSO and Control Activities
    • Business performance reviews:
    • Top Level Reviews
    • Direct Functional or Activity Management
    • Performance Indicators
    • Information Processing
    • Application controls
    • IT general controls
    • Physical Controls
    • Segregation of duties
  • Understanding Monitoring
    • Assessment of a control system’s performance over time.
    • Combination of ongoing and separate evaluation.
    • Internal control deficiencies should be reported upstream, with serious matters reported to top management and the board.
    • The combination of ongoing and separate evaluations will ensure that the internal control system remains effective over time.
  • Understanding Information andCommunication
    • Pertinent information is identified, captured and communicated in a timeframe that allows people to carry out their responsibilities.
    • Includes internal and externally information about events, activities and conditions necessary for informed business decision-making and external reporting.
    • Flow of information that allows for successful control from instructions on responsibilities to summary of findings for management action.
  • Understanding Risk Assessment
    • A precondition to risk assessment is establishment of objectives, linked at different levels and internally consistent.
    • The identification and analysis of relevant risks to achievement of the objectives.
    • Forms a basis for determining how risks should be managed.
    • Mechanisms are needed to identify and deal with the special risks associated with change.
  • Understanding ControlEnvironment
    • Sets the tone of an organization, influencing the control consciousness of its people.
    • Factors include:
    • Integrity and ethical values,
    • Competence of people,
    • HR practices,
    • Management’s operating philosophy,
    • The way authority and responsibility are assigned, and
    • The attention and direction provided by the board.
    • Foundation for all other components of control.
  • Reflecting COSO in our documentation
    SCOPING
    VALIDATING
    AUDITCOMFORT
    CYCLE
    UNDERSATANDING
    EVALUATING
    INTERNALCONTROLS
  • Enterprise Risk Management - COSO 2
    Enterprise Risk Management (ERM) model was developed.
    Incorporates the notion of risk administration, defined as a process designed to identify future events that can rebound in the future of the entity.
    Enterprise objectives defined in 4 categories:
    Strategic
    Operational
    Informative
    Observance
  • ERM Includes
    Alignment of the appetite of risk and strategy.
    It improves the answer to the waterings.
    It reduces surprises and operational losses.
    To take possession of opportunities.
  • ERM Components
    Original COSO Components:
    Control Activities
    Risk Assessment
    Information & Communication
    Monitoring of Controls
    Environment (Control Environment)
    Plus:
    Establishment of objectives
    Identification of events
    Answer to the risk
  • Summary
    Upon conclusion of this session you should now:
    Understand how COSO fits into our audit approach
    Understand the dimensions of the COSO cube
    List the 5 internal control components
    Describe the key considerations within each component
    Have an awareness of COSO2