Scribd
Upload
132 views3 pages

What Does Coso Stand For?

The COSO framework was developed in 1992 by the Committee of Sponsoring Organizations of the Treadway Commission as a model for evaluating internal controls. It defines internal control as a process designed to provide reasonable assurance for achieving objectives related to operations, financial reporting, and compliance. The framework outlines five components of an effective internal control system: control environment, risk assessment, control activities, information and communication, and monitoring.

Uploaded by

Frhea Love Abello
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
132 views3 pages

What Does Coso Stand For?

The COSO framework was developed in 1992 by the Committee of Sponsoring Organizations of the Treadway Commission as a model for evaluating internal controls. It defines internal control as a process designed to provide reasonable assurance for achieving objectives related to operations, financial reporting, and compliance. The framework outlines five components of an effective internal control system: control environment, risk assessment, control activities, information and communication, and monitoring.

Uploaded by

Frhea Love Abello
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

WHAT DOES COSO STAND FOR?

In 1992, the Committee of Sponsoring Organizations of the Treadway


Commission (COSO) developed a model for evaluating internal controls.
This model has been adopted as the generally accepted framework for
internal control and is widely recognized as the definitive standard
against which organizations measure the effectiveness of their systems
of internal control. 

WHAT IS THE COSO FRAMEWORK?

The COSO model defines internal control as “a process effected by an


entity’s board of directors, management and other personnel designed
to provide reasonable assurance of the achievement of objectives in
the following categories:

 Operational Effectiveness and Efficiency

 Financial Reporting Reliability

 Applicable Laws and Regulations Compliance

In an effective internal control system, the following five components


work to support the achievement of an entity’s mission, strategies and
related business objectives:

1. Control Environment

 Exercise integrity and ethical values.

 Make a commitment to competence.

 Use the board of directors and audit committee.

 Facilitate management’s philosophy and operating style.


 Create organizational structure.

 Issue assignment of authority and responsibility.

 Utilize human resources policies and procedures.

2. Risk Assessment

 Create companywide objectives.

 Incorporate process-level objectives.

 Perform risk identification and analysis.

 Manage change.

3. Control Activities

 Follow policies and procedures.

 Improve security (application and network).

 Conduct application change management.

 Plan business continuity/backups.

 Perform outsourcing.

4. Information and Communication

 Measure quality of information.

 Measure effectiveness of communication.

5. Monitoring

 Perform ongoing monitoring.

 Conduct separate evaluations.


 Report deficiencies.

These components work to establish the foundation for sound internal


control within the company through directed leadership, shared values
and a culture that emphasizes accountability for control. The various
risks facing the company are identified and assessed routinely at all
levels and within all functions in the organization. Control activities and
other mechanisms are proactively designed to address and mitigate the
significant risks. Information critical to identifying risks and meeting
business objectives is communicated through established channels
across the company. The entire system of internal control is monitored
continuously, and problems are addressed timely.

You might also like