Coso Issues Updated Internal Control-Integrated Framework
-
Upload
oconnor-davies -
Category
Documents
-
view
217 -
download
0
Transcript of Coso Issues Updated Internal Control-Integrated Framework
7/27/2019 Coso Issues Updated Internal Control-Integrated Framework
http://slidepdf.com/reader/full/coso-issues-updated-internal-control-integrated-framework 1/4
SEC ACCOUNTING AND AUDITING BRIEF
COSO ISSUES UPDATED INTERNAL CONTROL-INTEGRATED
FRAMEWORK
Background
Section 404 of the Sarbanes-Oxley Act of 2002 (SOX) mandates that all publicly-
registered companies must include with their audited annual financial statements a
management report on the effectiveness of internal controls. Further, if a company
is not a “smaller reporting company” it also must have its auditors provide an
opinion on internal controls.
When reporting on the effectiveness of internal controls, a public company must
disclose the “framework” on which it assesses that effectiveness. Most companies
use the framework promulgated by the Committee of Sponsoring Organizations of
the Treadway Commission (COSO).
Updated COSO Framework
On May 14, 2013, the Committee of Sponsoring Organizations of the Treadway
Commission (COSO) published an update to its 1992 Internal Control–Integrated
Framework (original framework) and related illustrative documents. The goals of
the update include:
• Clarification of the requirements of effective internal control;
• Update of the context for applying internal control to many changes in
business and operating environments; and
• Broadening its application by expanding the operations and reporting
objectives
Beginning with year-ends after December 15, 2014, the updated framework must be
used. In this connection, COSO recommends that all organizations currently using
the original framework should begin to align existing practices and related
documentation to the updated framework as soon as feasible. In the meantime, the
original framework can continue to be used during the transition, but the company
must clearly disclose whether it utilized the original framework or the updated
framework in its report on internal control.
The updated framework formalizes the fundamental concepts introduced in the
original framework into 17 principles associated with the five components of
internal control:
Contact:
New York, NY
(downtown)
212.867.8000
New York, NY
(midtown)
212.286.2600
Harrison, NY
914.381.8900
Stamford, CT
203.323.2400
Paramus, NJ
201.712.9800
New Windsor, NY
845.220.2400
Wethersfield, CT
860.257.1870
7/27/2019 Coso Issues Updated Internal Control-Integrated Framework
http://slidepdf.com/reader/full/coso-issues-updated-internal-control-integrated-framework 2/4
Control Environment
1) The organization demonstrates a commitment to integrity and ethical
values.
2) The board of directors demonstrates independence from management
and exercises oversight of the development and performance of
internal control.3) Management establishes, with board oversight, structures, reporting
lines, and appropriate authorities and responsibilities in the pursuit of
objectives.
4) The organization demonstrates a commitment to attract, develop, and
retain competent individuals in alignment with objectives.
5) The organization holds individuals accountable for their internal control
responsibilities in pursuit of objectives.
Risk Assessment
6)
The organization specifies objectives with sufficient clarity to enable the
identification and assessment of risks relating to objectives.
7) The organization identifies risks to the achievement of its objectives
across the entity and analyzes risks as a basis for determining how the
risks should be managed.
8) The organization considers the potential for fraud in assessing risks to
the achievement of objectives.
9) The organization identifies and assesses changes that could significantly
impact the system of internal control.
Control Activities
10) The organization selects and develops control activities that contribute
to the mitigation of risks to the achievement of objectives to acceptable
levels.
11) The organization selects and develops general control activities over
technology to support the achievement of objectives.
12) The organization deploys control activities through policies that
establish what is expected and procedures that put policies into action.
Information and Communication
13) The organization obtains or generates and uses relevant, quality
information to support the functioning of internal control.
14) The organization internally communicates information, including
objectives and responsibilities for internal control, necessary to support
the functioning of internal control.
15) The organization communicates with external parties regarding matters
affecting the functioning of internal control.
7/27/2019 Coso Issues Updated Internal Control-Integrated Framework
http://slidepdf.com/reader/full/coso-issues-updated-internal-control-integrated-framework 3/4
Monitoring Activities
16) The organization selects, develops, and performs ongoing and/or
separate evaluations to ascertain whether the components of internal
control are present and functioning.
17) The organization evaluates and communicates internal control
deficiencies in a timely manner to those parties responsible for takingcorrective action, including senior management and the board of
directors, as appropriate.
For public companies that currently apply the original framework for compliance
with Section 404 (a) or (b) of SOX, COSO has indicated that the updated framework
is not expected to fundamentally change an entity’s internal control over financial
reporting or related assessment process.
COSO recommends that senior management discuss with the board of directors its
plan to adopt the updated framework as soon as practical. The board of directors
should oversee management’s assessment of any implications of applying the
updated framework as well as its determination of appropriate actions. The original
framework will be considered to be superseded as of December 15, 2014.
Further information is available on the COSO website at www.coso.org.
A complimentary Executive Summary can be downloaded here.
Please feel free to contact your PKF O’Connor Davies team if you have any questions
or concerns.
About Our Firm:
PKF O'Connor Davies, a division of O’Connor Davies, LLP is a full service Certified Public Accounting and consulting
firm that has a long history of serving domestic and international clients and providing specialized professional
services of the highest quality. With roots tracing to 1891, seven offices located in New York, New Jersey and
Connecticut, and approximately 400 professionals including 70 partners, the Firm provides a complete range of
accounting, auditing, tax and management advisory services. O'Connor Davies is ranked as number 36 in
Accounting Today's 2013 list of the "Top 100 Firms" in the United States. The Firm is also within the 20 largest
accounting firms in the New York Metropolitan area according to Crain's New York Business and the Westchester
and Fairfield County Business Journals.
O'Connor Davies is a member firm of the PKF International network of legally independent member firms and does
not accept any responsibility or liability for the actions or inactions on the part of any other individual member firm
or firms.
IRS CIRCULAR 230 DISCLOSURE: To comply with IRS regulations, we are required to inform you that unless expressly
stated otherwise, any discussion of U.S. federal tax issues in this correspondence (including any attachments) is not
intended or written to be used, and cannot be used, (i) to avoid any penalties imposed by the Internal Revenue
Code, or (ii) to promote, market, or recommend to another party any transaction or matter addressed herein. Our
firm provides the information in this e-newsletter for general guidance only, and it does not constitute the provision
of legal advice, tax advice, accounting services, investment advice, or professional consulting of any kind.
The information provided herein should not be used as a substitute for consultation with professional tax,
accounting, legal, or other competent advisers. Before making any decision or taking any action, you should consult
a professional adviser who has been provided with all pertinent facts relevant to your particular situation.