COSO Framework’s 17 Principles of Effective Internal Control

Categories:

December 30, 2013 – Back to BlogShare

Earlier this year, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) updated its Internal Control — Integrated Framework. The updated principles-based framework, which supersedes the original 1992 framework, now explicitly describes its principles rather than simply implying them, thus making it easier for companies to apply the principles. The revised COSO framework’s 17 principles of effective internal control are as follows:

Internal Control Component

Principles

Control environment

  1. Demonstrate commitment to integrity and ethical values
  2. Ensure that board exercises oversight responsibility
  3. Establish structures, reporting lines, authorities and responsibilities
  4. Demonstrate commitment to a competent workforce
  5. Hold people accountable

Risk assessment

  1. Specify appropriate objectives
  2. Identify and analyze risks
  3. Evaluate fraud risks
  4. Identify and analyze changes that could significantly affect internal controls

Control activities

  1. Select and develop control activities that mitigate risks
  2. Select and develop technology controls
  3. Deploy control activities through policies and procedures

Information and communication

  1. Use relevant, quality information to support the internal control function
  2. Communicate internal control information internally
  3. Communicate internal control information externally

Monitoring

  1. Perform ongoing or periodic evaluations of internal controls (or a combination of the two)
  2. Communicate internal control deficiencies

Depending on a company’s facts and circumstances, making the transition to the updated framework can take time, so it’s a good idea to begin the process as soon as possible. Companies may begin by familiarizing themselves with the aforementioned 17 principles and other COSO guidelines. Then, companies may evaluate the current state of their internal control system and develop a plan for correcting any weaknesses.

To learn more about the revised COSO Framework, view the Weaver Insights article Updated COSO Framework: Will Your Company’s Internal Controls Make the Grade?

 

Copyright © 2013 Thomson Reuters / BizActions.

Add new comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.