A Framework for Control COSOs five components of
- Slides: 66
A Framework for Control COSO’s five components of internal control and questions too important to ignore www. theiia. org
What is COSO? www. theiia. org
What is COSO? COSO, the Committee of Sponsoring Organizations of the Treadway Commission, is a private sector initiative established in 1985 by five financial professional associations. www. theiia. org
Who? www. theiia. org
Who? • The Institute of Internal Auditors www. theiia. org
Who? • The Institute of Internal Auditors • American Institute of Certified Public Accountants www. theiia. org
Who? • The Institute of Internal Auditors • American Institute of Certified Public Accountants • American Accounting Association www. theiia. org
Who? • The Institute of Internal Auditors • American Institute of Certified Public Accountants • American Accounting Association • Institute of Management Accountants www. theiia. org
Who? • The Institute of Internal Auditors • American Institute of Certified Public Accountants • American Accounting Association • Institute of Management Accountants • Financial Executives Institute www. theiia. org
Why? www. theiia. org
Why? COSO’s goal is to improve the quality of financial reporting through a focus on corporate governance, ethical practices, and internal control. www. theiia. org
Definition of Internal Control www. theiia. org
Definition of Internal Control A process, effected by an entity's board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives. www. theiia. org
Categories of Internal Control www. theiia. org
Categories of Internal Control • Effectiveness and efficiency of operations www. theiia. org
Categories of Internal Control • Effectiveness and efficiency of operations • Reliability of financial reporting www. theiia. org
Categories of Internal Control • Effectiveness and efficiency of operations • Reliability of financial reporting • Compliance with applicable laws and regulations www. theiia. org
Components of Internal Control www. theiia. org
Components of Internal Control 1. Control Environment www. theiia. org
Components of Internal Control 1. Control Environment 2. Risk Assessment www. theiia. org
Components of Internal Control 1. Control Environment 2. Risk Assessment 3. Control Activities www. theiia. org
Components of Internal Control 1. Control Environment 2. Risk Assessment 3. Control Activities 4. Information and Communication www. theiia. org
Components of Internal Control 1. Control Environment 2. Risk Assessment 3. Control Activities 4. Information and Communication 5. Monitoring www. theiia. org
Ask the Right Internal Control Questions about: www. theiia. org
ETHICS www. theiia. org
ETHICS 1. Do board members and senior executives set a day-in, day-out example of high integrity and ethical behavior? www. theiia. org
ETHICS 2. Is there a written code of conduct for employees, and is it reinforced by training, top down communications, and requirements for periodic written statements of compliance from key employees? www. theiia. org
ETHICS 3. Are performance and incentive compensation targets reasonable and realistic, or do they create undue pressure on achievement of shortterm results? www. theiia. org
ETHICS 4. Is it clear that fraudulent financial reporting at any level and in any form will not be tolerated? www. theiia. org
ETHICS 5. Are ethics woven into criteria that are used to evaluate individual and business unit performance? www. theiia. org
ETHICS 6. Does management react appropriately when receiving bad news from subordinates and business units? www. theiia. org
ETHICS 7. Does a process exist to resolve close ethical calls? www. theiia. org
ETHICS 8. Are business risks identified and candidly discussed with the board of directors? www. theiia. org
RISK www. theiia. org
RISK 1. Is relevant and reliable internal and external information identified, compiled, and communicated in a timely manner to those who are positioned to act? www. theiia. org
RISK 2. Are risks identified analyzed, and actions taken to mitigate them? www. theiia. org
RISK 3. Are controls in place to assure that management decisions are properly carried out? www. theiia. org
INTERNAL CONTROL www. theiia. org
INTERNAL CONTROL 1. Do senior and line management executives demonstrate that they accept control responsibility, not just delegate that responsibility to financial and audit staff? www. theiia. org
INTERNAL CONTROL 2. Does management routinely monitor controls in process of running the organization’s operations? www. theiia. org
INTERNAL CONTROL 3. Does management clearly assign responsibilities for training and monitoring of internal controls? www. theiia. org
INTERNAL CONTROL 4. Are periodic, systematic evaluations of control systems conducted and documented? www. theiia. org
INTERNAL CONTROL 5. Are such evaluations conducted by personnel with appropriate responsibilities, business experience, and knowledge of the organization’s affairs? www. theiia. org
INTERNAL CONTROL 6. Are appropriate criteria established to evaluate controls? www. theiia. org
INTERNAL CONTROL 7. Are control deficiencies reported to higher levels of management and corrected on a timely basis? www. theiia. org
INTERNAL CONTROL 8. Are appropriate controls built in as new systems are designed and brought on stream? www. theiia. org
AUDIT COMMITTEES www. theiia. org
AUDIT COMMITTEES 1. Has the board recently reviewed adequacy of the audit committee’s written charter? www. theiia. org
AUDIT COMMITTEES 2. Are audit committee members functioning and, in fact, independent of management? www. theiia. org
AUDIT COMMITTEES 3. Do audit committee members possess an appropriate mix of operating and financial control expertise? www. theiia. org
AUDIT COMMITTEES 4. Does the audit committee understand monitor the broad organizational control environment? www. theiia. org
AUDIT COMMITTEES 5. Does the audit committee oversee appropriateness, relevance, and reliability of operational and financial reporting to the board, as well as to investors and other external users? www. theiia. org
AUDIT COMMITTEES 6. Does the audit committee oversee existence of and compliance with ethical standards? www. theiia. org
AUDIT COMMITTEES 7. Does the audit committee or full board have a meaningful but challenging relationship with independent auditors, internal auditors, senior financial control executives, and key corporate and business unit operating executives? www. theiia. org
INTERNAL AUDITING www. theiia. org
INTERNAL AUDITING 1. Does internal auditing have the support of top management, the audit committee, and the board of directors as a whole? www. theiia. org
INTERNAL AUDITING 2. Has the written scope of internal audit responsibilities been reviewed by the audit committee for adequacy? www. theiia. org
INTERNAL AUDITING 3. Is the organizational relationship between internal auditing and senior executives appropriate? www. theiia. org
INTERNAL AUDITING 4. Does internal auditing have and use open lines of communication and private access to all senior officers and the audit committee? www. theiia. org
INTERNAL AUDITING 5. Are audit reports covering the right subjects distributed to the right people and acted upon in a timely manner? www. theiia. org
INTERNAL AUDITING 6. Do key audit executives possess an appropriate level of expertise? www. theiia. org
To Purchase the Framework: Visit The IIA Bookstore at www. theiia. org
For More about the Framework: www. theiia. org
For More about the Framework: Visit www. coso. org www. theiia. org
A Framework for Control This presentation was produced by www. theiia. org
The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate and principal educator worldwide. www. theiia. org
- The sounding cataract haunted me
- Five of five
- Five elements and five senses
- Macbeth act five scene five
- 3gis training
- Five components of gis
- Components of gis
- Five components of fitness
- Five components of computer
- Robert sternberg five components of creativity
- What are the 5 components of information system
- Five components of a healthy church
- Five element of multimedia
- Elar mc meaning
- Five components of health related fitness
- Health related components definition
- Five component framework
- Five component framework
- Five component framework
- Five forces framework template
- Danielson rubric
- Charlotte danielson framework
- Application framework in android architecture
- What is logframe in project
- Moser framework tools
- Moser framework tools
- Zachman framework
- Fspos vägledning för kontinuitetshantering
- Typiska novell drag
- Nationell inriktning för artificiell intelligens
- Returpilarna
- Shingelfrisyren
- En lathund för arbete med kontinuitetshantering
- Adressändring ideell förening
- Vilotidsbok
- Anatomi organ reproduksi
- Densitet vatten
- Datorkunskap för nybörjare
- Stig kerman
- Debattartikel mall
- Autokratiskt ledarskap
- Nyckelkompetenser för livslångt lärande
- Påbyggnader för flakfordon
- Lufttryck formel
- Svenskt ramverk för digital samverkan
- I gullregnens månad
- Presentera för publik crossboss
- Teckenspråk minoritetsspråk argument
- Kanaans land
- Klassificeringsstruktur för kommunala verksamheter
- Epiteltyper
- Bästa kameran för astrofoto
- Centrum för kunskap och säkerhet
- Byggprocessen steg för steg
- Mat för unga idrottare
- Verktyg för automatisering av utbetalningar
- Rutin för avvikelsehantering
- Smärtskolan kunskap för livet
- Ministerstyre för och nackdelar
- Tack för att ni har lyssnat
- Mall för referat
- Redogör för vad psykologi är
- Stål för stötfångarsystem
- Tack för att ni har lyssnat
- Borra hål för knoppar
- Orubbliga rättigheter
- Varians formel