Coso And Internal Audit
Upcoming SlideShare
Loading in...5
×
 

Coso And Internal Audit

on

  • 2,266 views

 

Statistics

Views

Total Views
2,266
Slideshare-icon Views on SlideShare
2,254
Embed Views
12

Actions

Likes
0
Downloads
113
Comments
0

4 Embeds 12

http://www.linkedin.com 8
https://twitter.com 2
https://twimg0-a.akamaihd.net 1
https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Coso And Internal Audit Coso And Internal Audit Presentation Transcript

    • COSO and Internal Audit
      Ijaz ur Rehman Qureshi
    • Session objectives
      By the end of the session you will be able to
      Understand how COSO links to our audit approach
      Understand the dimensions of the COSO cube
      List the 5 internal control components
      Describe the key considerations within each component
      Have an awareness of COSO2
    • What are the 4 stages of the ACM?
      Scoping
      Understanding
      Evaluating
      Validating
    • Where does COSO fit into Audit
      When performing the understanding, evaluating and validating stages we look at our clients’ internal controls.
      SCOPING
      VALIDATING
      AUDITCOMFORT
      CYCLE
      UNDERSATANDING
      EVALUATING
      INTERNALCONTROLS
    • Internal Control Framework (COSO)
      SCOPING
      VALIDATING
      AUDITCOMFORT
      CYCLE
      UNDERSATANDING
      EVALUATING
      INTERNALCONTROLS
      COSO = Framework
      against which we
      assess internal
      controls
    • Who or what is COSO?
      The Committee of Sponsoring Organizations of the Treadway Commission
      Voluntary, private sector organisation originally formed in 1985
      Dedicated to improving the quality of financial reporting through business ethics, effective internal controls and corporate governance.
    • Five components of internal control
      Monitoring
      Information and Communication
      Control Activities
      Risk Assessment
      Control Environment
      The five components of internal control as
      described in the COSO framework are as follows:
    • Understanding Control Activities
      • Policies/procedures that ensure management directives are carried out.
      • They help ensure that necessary actions are taken to address risks.
      • Control activities occur throughout the organization, at all levels and in all functions.
      • Range of activities including:
      Approvals, authorizations, verifications, recommendations, performance reviews, asset security and segregation of duties.
    • COSO and Control Activities
      • Business performance reviews:
      • Top Level Reviews
      • Direct Functional or Activity Management
      • Performance Indicators
      • Information Processing
      • Application controls
      • IT general controls
      • Physical Controls
      • Segregation of duties
    • Understanding Monitoring
      • Assessment of a control system’s performance over time.
      • Combination of ongoing and separate evaluation.
      • Internal control deficiencies should be reported upstream, with serious matters reported to top management and the board.
      • The combination of ongoing and separate evaluations will ensure that the internal control system remains effective over time.
    • Understanding Information andCommunication
      • Pertinent information is identified, captured and communicated in a timeframe that allows people to carry out their responsibilities.
      • Includes internal and externally information about events, activities and conditions necessary for informed business decision-making and external reporting.
      • Flow of information that allows for successful control from instructions on responsibilities to summary of findings for management action.
    • Understanding Risk Assessment
      • A precondition to risk assessment is establishment of objectives, linked at different levels and internally consistent.
      • The identification and analysis of relevant risks to achievement of the objectives.
      • Forms a basis for determining how risks should be managed.
      • Mechanisms are needed to identify and deal with the special risks associated with change.
    • Understanding ControlEnvironment
      • Sets the tone of an organization, influencing the control consciousness of its people.
      • Factors include:
      • Integrity and ethical values,
      • Competence of people,
      • HR practices,
      • Management’s operating philosophy,
      • The way authority and responsibility are assigned, and
      • The attention and direction provided by the board.
      • Foundation for all other components of control.
    • Reflecting COSO in our documentation
      SCOPING
      VALIDATING
      AUDITCOMFORT
      CYCLE
      UNDERSATANDING
      EVALUATING
      INTERNALCONTROLS
    • Enterprise Risk Management - COSO 2
      Enterprise Risk Management (ERM) model was developed.
      Incorporates the notion of risk administration, defined as a process designed to identify future events that can rebound in the future of the entity.
      Enterprise objectives defined in 4 categories:
      Strategic
      Operational
      Informative
      Observance
    • ERM Includes
      Alignment of the appetite of risk and strategy.
      It improves the answer to the waterings.
      It reduces surprises and operational losses.
      To take possession of opportunities.
    • ERM Components
      Original COSO Components:
      Control Activities
      Risk Assessment
      Information & Communication
      Monitoring of Controls
      Environment (Control Environment)
      Plus:
      Establishment of objectives
      Identification of events
      Answer to the risk
    • Summary
      Upon conclusion of this session you should now:
      Understand how COSO fits into our audit approach
      Understand the dimensions of the COSO cube
      List the 5 internal control components
      Describe the key considerations within each component
      Have an awareness of COSO2