Scribd
Upload
91 views

Committee On Sponsoring Organization On The Treadway Commission (COSO)

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a joint initiative dedicated to providing frameworks for enterprise risk management, internal control, and fraud deterrence. The COSO internal control framework consists of five components: control environment, risk assessment, control activities, information and communication, and monitoring. These components provide an effective framework for analyzing the internal control system implemented in an organization.

Uploaded by

Arth Vince Uy Malaca
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
91 views

Committee On Sponsoring Organization On The Treadway Commission (COSO)

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a joint initiative dedicated to providing frameworks for enterprise risk management, internal control, and fraud deterrence. The COSO internal control framework consists of five components: control environment, risk assessment, control activities, information and communication, and monitoring. These components provide an effective framework for analyzing the internal control system implemented in an organization.

Uploaded by

Arth Vince Uy Malaca
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Committee on Sponsoring Organization on the Treadway

Commission (COSO)

The Committee of Sponsoring Organizations of


the Treadway Commission (COSO) is a joint
initiative of the five private sector organizations
listed on the left and is dedicated to providing
thought leadership through the development of
frameworks and guidance on enterprise risk
management, internal control and fraud
deterrence.

Five framework components


The COSO internal control framework consists of
five interrelated components derived from the way
management runs a business. According to COSO,
these components provide an effective framework
for describing and analyzing the internal control
system implemented in an organization as
required by financial regulations
Control Environment
The control environment sets the tone of an
organization, influencing the control
consciousness of its people. It is the foundation for
all other components of internal control, providing
discipline and structure. Control environment factors include the integrity,
ethical values, management's operating style, delegation of authority
systems, as well as the processes for managing and developing people in the
organization.
Risk Assessment
Every entity faces a variety of risks from external and internal sources that
must be assessed. A precondition to risk assessment is establishment of
objectives and thus risk assessment is the identification and analysis of
relevant risks to the achievement of assigned objectives. Risk assessment is
a prerequisite for determining how the risks should be managed.
Control Activities
Control activities are the policies and procedures that help ensure
management directives are carried out. They help ensure that necessary
actions are taken to address the risks that may hinder the achievement of
the entity's objectives. Control activities occur throughout the organization,
at all levels and in all functions. They include a range of activities as diverse
as approvals, authorizations, verifications, reconciliations, reviews of
operating performance, security of assets and segregation of duties.
Information and Communication
Information systems play a key role in internal control systems as they
produce reports, including operational, financial and compliance-related
information, that make it possible to run and control the business. In a
broader sense, effective communication must ensure information flows
down, across and up the organization. For example, formalized procedures
exist for people to report suspected fraud. Effective communication should
also be ensured with external parties, such as customers, suppliers,
regulators and shareholders about related policy positions.
Monitoring
Internal control systems need to be monitoreda process that assesses the
quality of the system's performance over time. This is accomplished through
ongoing monitoring activities or separate evaluations. Internal control
deficiencies detected through these monitoring activities should be reported
upstream and corrective actions should be taken to ensure continuous
improvement of the system.

You might also like