newswire_banner

     



    COSO Releases Updated Internal Control Framework

    Jun 26, 2013
    The Committee of Sponsoring Organizations of the Treadway Commission (COSO) – an organization providing thought leadership and guidance on internal control, enterprise risk management, and fraud deterrence – announced in May that it has released its updated Internal Control – Integrated Framework.

    The Committee of Sponsoring Organizations of the Treadway Commission (COSO) – an organization providing thought leadership and guidance on internal control, enterprise risk management, and fraud deterrence – announced in May that it has released its updated Internal Control – Integrated Framework.

    According to a June 19 Corporate Compliance Insights online article by Brian Christensen, COSO released its original version of this framework nearly 21 years ago, and it has been widely used since, more recently in conjunction with reporting on the effectiveness of internal control over financial reporting by U.S. public companies in accordance with Section 404 of the Sarbanes-Oxley Act of 2002.

    Christensen writes that the new framework is intended to help organizations adapt to the increasing complexity and pace of change, mitigate risks to achieving objectives, and provide reliable information to support decision making.

    According to the article, one of COSO’s goals in updating the framework was to reflect changes in the business environment, including its “increased focus on governance, greater attention to risk and risk-based approaches, deeper reliance on new and more complex technologies, adoption of more complex organizational structures and business models (including outsourcing relationships, strategic suppliers and channel partners), ever-expanding regulatory requirements, and the continuation of new and evolving reporting requirements that go beyond financial reporting (such as sustainability reporting and reports on the effectiveness of internal control).”

    Christensen writes that although the new framework retains much of the original structure, it formalizes more explicitly the principles that facilitate development of effective internal control and assessment of its effectiveness. While the original framework implicitly reflected the core principles of internal control, the 2013 version explicitly states them in the form of 17 principles that represent fundamental concepts associated with the five components of internal control: control environment, risk assessment, control activities, information and communication, and monitoring activities, according to Christensen.

    The author writes that there isn’t any new ground broken by these principles; they reflect widely known, long-standing tenets of internal control. The principles remain broad, he writes, as they are intended to apply to for-profit companies (including publicly traded and privately held companies), not-for-profit entities, government bodies, and other organizations.

    © 2016, ARMA International