SlideShare uma empresa Scribd logo

Introduction to COSO 2013 - Corporate Compliance Seminars

Corporate Compliance Seminars
Corporate Compliance Seminars

Corporate Compliance Seminars provides educational seminars and consulting services on internal controls, regulatory compliance, corporate governance, IT security, and fraud prevention. The document discusses the Committee of Sponsoring Organizations of the Treadway Commission (COSO), which issued an updated Internal Control - Integrated Framework in 2013. The update codified principles and points of focus to help organizations develop and assess the effectiveness of their internal control systems. It expanded the focus to include operations, compliance and non-financial reporting objectives in addition to financial reporting. Organizations are encouraged to transition to applying the updated framework by December 15, 2014.

NegóciosEconomia e finanças
1 de 21
Baixar para ler offline
Property of Corporate Compliance Seminars www.compliance.seminars.com 1 David S. Marshall, MBA, CISA, CFE, CFS Ph: 708-205-2366 / dmarshall@infotech-global.com John C. Blackshire, Jr., CPA Ph: 479-200-4373/ jblackshire@compliance-seminars.net COSO 2013 Overview of the Framework A Practical Implementation of the COSO Update for Management and Auditors Corporate Compliance Seminars
http://www.compliance-seminars.com Corporate Compliance Seminars provides educational seminars and consulting services to businesses of all sizes. Our mission is to promote the awareness of internal controls, regulatory compliance, corporate governance, IT security, and fraud prevention and detection to improve business profitability. Each faculty member has over 20 years of work experience within the subject matter. Corporate Compliance Seminars has been presenting practical, informative and entertaining seminars since 2004. We are a proud sponsor of NASBA. Property of Corporate Compliance Seminars www.compliance-seminars.com 2 Corporate Compliance Seminars
Problems • Foreign Corrupt Practices Act of 1977 - Violations • Real Estate boon; inflation; high interest rates; Savings and Loan deregulation • Business Failures: Penn Square Bank, Continental Bank; Crazy Eddie’s Electronics • S & L Crisis: Over 700 failures - many from fraud; overvalued real estate; lack of internal controls; lending out far too much money than was prudent Solutions 1985: National Commission on Fraudulent Financial Reporting aka “Treadway Commission” Mission: “To identify causal factors that can lead to fraudulent financial reporting.” 1999: Blue Ribbon Committee on Improving the Effectiveness of Corporate Audit Committees 3 Property of Corporate Compliance Seminars www.compliance-seminars.com
Property of Corporate Compliance Seminars www.compliance.seminars.com 4 1985 - Committee of Sponsoring Organizations (COSO) of the Treadway Commission was formed “COSO is a joint initiative of five private sector organizations and is dedicated to providing thought leadership through the development of frameworks and guidance on enterprise risk management, internal control and fraud deterrence.”
The term internal control over financial reporting is defined as a process designed by, or under the supervision of, the issuer's principal executive and principal financial officers, or persons performing similar functions, and effected by the issuer's board of directors, management and other personnel, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles and includes those policies and procedures that: • Pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the issuer; • Provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the issuer are being made only in accordance with authorizations of management and directors of the issuer; and • Provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the issuer's assets that could have a material effect on the financial statements.” (Rule 13a-15 (f) ) Property of Corporate Compliance Seminars www.compliance.seminars.com 5
“A process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding achievement of objectives in the following categories: • Effectiveness and efficiency of operations, • Reliability of financial reporting, and • Compliance with applicable laws and regulations.” Property of Corporate Compliance Seminars www.compliance.seminars.com 6 Components of Internal Control Definition of Internal Control Layers of Internal Control
www.compliance-seminars.com 7 COSO - Board of Directors COSO Advisory Council AICPA, AAA, IIA, FEI, IMA Regulatory Observers Public Accounting Firms Others (IFAC, GAVI Alliance, ISACA) PwC - Contracted Author Stakeholders Over 700 stakeholders and users were surveyed and others submitted comments during the draft review period Douglas F. Prawitt AAA Charles Landes AICPA Marie N. Hollein FEI Sandra Richtermeyer IMA Richard F. Chambers, IIA Robert B. Hirth, Jr. Chairman
Why update the “Internal Control – Integrated Framework”? • Address significant changes to business environment and associated risks • Codify criteria to us in development and assessment of systems of internal control • Increase focus on operations, compliance and non-financial reporting objectives. Property of Corporate Compliance Seminars www.compliance.seminars.com
A changing business environment... Drives updates to the Framework... Expectations for governance oversight Globalization of markets and operations Changes in business models Demands and complexity of rules, regulations and standards Expectations for competencies and accountabilities Use and reliance on evolving technology Expectations for preventing and detecting fraud www.compliance-seminars.com 9 Why Change? Benefits… - Improve governance - Expand use beyond financial reporting - Improve quality of risk assessment - Strengthen anti-fraud efforts - Adapt controls to changing business needs - Greater applicability for various business models
What did not change... What changed... 1. Definition of internal control 2. Five components of internal control 3. The fundamental criteria used to assess effectiveness of systems of internal control 4. Use of judgment in evaluating the effectiveness of systems of internal control 1. Codification of principles with universal application for use in developing and evaluating the effectiveness of systems of internal control 2. Expanded financial reporting objective to address internal and external, financial and non-financial reporting objectives 3. Increased focus on operations, compliance and non-financial reporting objectives based on user input “The experienced reader will find much familiar in the updated Framework, which builds on what has proven effective in the original version.” Property of Corporate Compliance Seminars www.compliance.seminars.com COSO Update created “Principles of Control” (PoCs) and “Points of Focus” (PoFs)
Control Environment Risk Assessment Control Activities Information & Communication Monitoring Activities 1. Demonstrates commitment to integrity and ethical values 2. Exercises oversight responsibility 3. Establishes structure, authority and responsibility 4. Demonstrates commitment to competence 5. Enforces accountability 6. Specifies relevant objectives 7. Identifies and analyzes risk 8. Assesses fraud risk 9. Identifies and analyzes significant change 10. Selects and develops control activities 11. Selects and develops general controls over technology 12. Deploys through policies and procedures 13. Uses relevant information 14. Communicates internally 15. Communicates externally 16. Conducts ongoing and/or separate evaluations 17. Evaluates and communicates deficiencies
• “Effective internal control provides reasonable assurance regarding the achievement of objectives and requires that: • Each component and each relevant principle is present and functioning • The five components are operating together in an integrated manner” • “Each principle is suitable to all entities…” • “All principles are presumed relevant except in rare situations where management determines that a principle is not relevant to a component (e.g., governance, technology)” • “Components operate together when all components are present and functioning and internal control deficiencies aggregated across components do not result in one or more major deficiencies…” • “A major deficiency represents an internal control deficiency or combination thereof that severely reduces the likelihood that an entity can achieve its objectives…”
PoF Statements from COSO • “Points of focus may not be suitable or relevant, and others may be identified” • “Points of focus may facilitate designing, implementing, and conducting internal control” • “There is no requirement to separately assess whether points of focus are in place” Control Environment Principle of Control 1: “The organization demonstrates a commitment to integrity and ethical values.” Points of Focus: • Sets the Tone at the Top • Establishes Standards of Conduct • Evaluates Adherence to Standards of Conduct • Addresses Deviations in a Timely Manner
• “The Framework does not prescribe controls to be selected, developed, and deployed for effective internal control.” • “An organization’s selection of controls to effect relevant principles and associated components is a function of management judgment based on factors unique to the entity.” • “A major deficiency in a component or principle cannot be mitigated to an acceptable level by the presence and functioning of other components and principles.” • “However, understanding and considering how controls effect multiple principles can provide persuasive evidence supporting management’s assessment of whether components and relevant principles are present and functioning.”
10. No statement of the problems with COSO 1992 9. Management by Objectives (MBO) based 8. COSO is not ERM – financial statement risks 7. No Study of the utility of the COSO Framework 6. No integration of other disciplines Property of Corporate Compliance Seminars 15
5. It is not a dynamic framework nor organization 4. No study of “What Went Wrong Post-SOX” 3. Linear control representation 2. “Concept of Culture” Property of Corporate Compliance Seminars 16 1. Is COSO independent and objective?
• “Users are encouraged to transition applications and related documentation to the updated Framework as soon as feasible” • Due date is December 15, 2014, when the New Framework will supersede the current one • The transition period starts now • During the transition period, external reports (issued by management to regulators-SEC) should disclose whether the original or updated version of the Framework was used • “Adopting the updated Framework will vary by organization…” Does your system of internal control need to address changes in operations – structure, products, services? Should your system of internal control be updated to address all 17 Principles? Should your system of internal control be updated to address all 79 Points of Focus?
Property of Corporate Compliance Seminars www.compliance.seminars.com 18 Five COSO Components: CE, RA, CA, I&C, MA 17 Principles Imbedded in the Components Focus on the pervasive controls that set the overall tone of the organization and the key controls to prevent and detect material misstatements The fundamental concepts associated with, and drawn directly from, the five components of the Framework 87 Points of Focus Imbedded in the Principles Supporting each principle are “Points of Focus” to assist management in determining whether the associated principle is present and functioning
Property of Corporate Compliance Seminars www.compliance.seminars.com 19 • Understand the COSO updated Framework and its impact on your organization • Communicate the Update to your Compliance team, internal auditors, executives, Board/ Audit Committee, and operations management • Assess and apply changes in controls and supporting documentation, and map to five COSO Components and applicable Principles of Control and Points of Focus • Implement by December 31, 2014 for external reporting
The principles-based approach provides flexibility in applying the Framework to multiple, overlapping objectives across the entity • Easier to see what is covered and what is missing • Focus on principles may reduce likelihood of considering something that’s irrelevant Understand the importance of specifying suitable objectives focuses on those risks and controls most important to achieving these objectives Focus on areas of risk that exceed acceptance levels or need to be managed across the entity may reduce efforts spent mitigating risks in areas of lesser significance Coordinate efforts for identifying and assessing risks across multiple, overlapping objectives may reduce the number of discrete risks assessed and mitigated Improved Controls = Less Risk = Achieving Organization Objectives
- This is an excerpt from our COSO Update seminars - David S. Marshall, MBA, CISA, CFE, CFS Corporate Compliance Seminars/ Infotech Global 708-205-2366/ dmarshall@infotech-global.com John C. Blackshire, Jr., CPA Corporate Compliance Seminars/ The AccountWare Group 479-200-4373/ jblackshire@compliance-seminars.net www.compliance-seminars.com Property of Corporate Compliance Seminars www.compliance.seminars.com 21 Corporate Compliance Seminars

Recomendados

Best Practices: Change Management
Best Practices: Change ManagementBest Practices: Change Management
Best Practices: Change Management
Corporate Compliance Seminars
 
COSO 2013 and The Auditor
COSO 2013 and The AuditorCOSO 2013 and The Auditor
COSO 2013 and The Auditor
Corporate Compliance Seminars
 
A COSO Based Risk & Control Framework
A COSO Based Risk & Control FrameworkA COSO Based Risk & Control Framework
A COSO Based Risk & Control Framework
Jhurt7103
 
Internal Audit COSO Framework
Internal Audit COSO FrameworkInternal Audit COSO Framework
Internal Audit COSO Framework
Jesús Gándara
 
Coso And Internal Audit
Coso And Internal AuditCoso And Internal Audit
Coso And Internal Audit
ijazurrehman
 
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORKPOSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
Haresh Lalwani
 
Coso framework
Coso frameworkCoso framework
Coso framework
Darryl Woolley
 
Are You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkAre You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls Framework
BlackLine
 

Recomendados

Best Practices: Change Management
Best Practices: Change ManagementBest Practices: Change Management
Best Practices: Change Management
Corporate Compliance Seminars
 
COSO 2013 and The Auditor
COSO 2013 and The AuditorCOSO 2013 and The Auditor
COSO 2013 and The Auditor
Corporate Compliance Seminars
 
A COSO Based Risk & Control Framework
A COSO Based Risk & Control FrameworkA COSO Based Risk & Control Framework
A COSO Based Risk & Control Framework
Jhurt7103
 
Internal Audit COSO Framework
Internal Audit COSO FrameworkInternal Audit COSO Framework
Internal Audit COSO Framework
Jesús Gándara
 
Coso And Internal Audit
Coso And Internal AuditCoso And Internal Audit
Coso And Internal Audit
ijazurrehman
 
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORKPOSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
POSITION OF INTERNAL AUDIT IN THE CORPORATE FRAMEWORK
Haresh Lalwani
 
Coso framework
Coso frameworkCoso framework
Coso framework
Darryl Woolley
 
Are You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls FrameworkAre You Ready? Implementing COSO's Updated Internal Controls Framework
Are You Ready? Implementing COSO's Updated Internal Controls Framework
BlackLine
 
COSO Framework Model
COSO Framework ModelCOSO Framework Model
COSO Framework Model
TownofAddison
 
Coso Internal Control Integrated Framework
Coso Internal Control Integrated FrameworkCoso Internal Control Integrated Framework
Coso Internal Control Integrated Framework
hyesue
 
COSO Internal Control - Integrated Framework
COSO Internal Control - Integrated FrameworkCOSO Internal Control - Integrated Framework
COSO Internal Control - Integrated Framework
Aziz Fataliyev, Internal Audit Practitioner
 
Coso guidance on_monitoring_intro_online1_002
Coso guidance on_monitoring_intro_online1_002Coso guidance on_monitoring_intro_online1_002
Coso guidance on_monitoring_intro_online1_002
SARVJEET KAUSHAL
 
internal control and control self assessment
internal control and control self assessmentinternal control and control self assessment
internal control and control self assessment
Manoj Agarwal
 
COSO Implementation: Getting Real, Getting It Right
COSO Implementation: Getting Real, Getting It RightCOSO Implementation: Getting Real, Getting It Right
COSO Implementation: Getting Real, Getting It Right
BlackLine
 
Coso internal control integrated framework
Coso internal control integrated frameworkCoso internal control integrated framework
Coso internal control integrated framework
Irfan Ahmed - ACA, CICA
 
Control Self Assessment
Control Self AssessmentControl Self Assessment
Control Self Assessment
Manoj Agarwal
 
COSO Deck
COSO DeckCOSO Deck
COSO Deck
Ron Steinkamp
 
Upgrading Risk Management and Internal Control in Your Organization
Upgrading Risk Management and Internal Control in Your OrganizationUpgrading Risk Management and Internal Control in Your Organization
Upgrading Risk Management and Internal Control in Your Organization
International Federation of Accountants
 
Internal controls myths and best practices
Internal controls myths and best practicesInternal controls myths and best practices
Internal controls myths and best practices
Pamela Mantone
 
Internal Control COSO
Internal Control COSOInternal Control COSO
Internal Control COSO
Jesús Gándara
 
Internal Control & Risk Management Framework
Internal Control & Risk Management FrameworkInternal Control & Risk Management Framework
Internal Control & Risk Management Framework
Treasury Consulting LLP
 
Functional Audit
Functional AuditFunctional Audit
Functional Audit
Manoj Agarwal
 
Compliance framework
Compliance frameworkCompliance framework
Compliance framework
Manoj Agarwal
 
Corporate Governance
Corporate GovernanceCorporate Governance
Corporate Governance
Salih Islam
 
COSO Update DTF
COSO Update DTFCOSO Update DTF
COSO Update DTF
David Fernandes
 
Turning risk into opportunities
Turning risk into opportunitiesTurning risk into opportunities
Turning risk into opportunities
Manoj Agarwal
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self Assessment
Manoj Agarwal
 
Top 10 lessons learned from COSO 2013 Implementation
Top 10 lessons learned from COSO 2013 Implementation Top 10 lessons learned from COSO 2013 Implementation
Top 10 lessons learned from COSO 2013 Implementation
Amit Bhargava
 
Internal Financial Controls
Internal Financial ControlsInternal Financial Controls
Internal Financial Controls
tarunmallappa
 
Recent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management DevelopmentsRecent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management Developments
International Federation of Accountants
 

Mais conteúdo relacionado

Mais procurados

Coso Internal Control Integrated Framework
Coso Internal Control Integrated FrameworkCoso Internal Control Integrated Framework
Coso Internal Control Integrated Framework
hyesue
 
internal control and control self assessment
internal control and control self assessmentinternal control and control self assessment
internal control and control self assessment
Manoj Agarwal
 
Internal Control & Risk Management Framework
Internal Control & Risk Management FrameworkInternal Control & Risk Management Framework
Internal Control & Risk Management Framework
Treasury Consulting LLP
 

Mais procurados (20)

COSO Framework Model
COSO Framework ModelCOSO Framework Model
COSO Framework Model
 
Coso Internal Control Integrated Framework
Coso Internal Control Integrated FrameworkCoso Internal Control Integrated Framework
Coso Internal Control Integrated Framework
 
COSO Internal Control - Integrated Framework
COSO Internal Control - Integrated FrameworkCOSO Internal Control - Integrated Framework
COSO Internal Control - Integrated Framework
 
Coso guidance on_monitoring_intro_online1_002
Coso guidance on_monitoring_intro_online1_002Coso guidance on_monitoring_intro_online1_002
Coso guidance on_monitoring_intro_online1_002
 
internal control and control self assessment
internal control and control self assessmentinternal control and control self assessment
internal control and control self assessment
 
COSO Implementation: Getting Real, Getting It Right
COSO Implementation: Getting Real, Getting It RightCOSO Implementation: Getting Real, Getting It Right
COSO Implementation: Getting Real, Getting It Right
 
Coso internal control integrated framework
Coso internal control integrated frameworkCoso internal control integrated framework
Coso internal control integrated framework
 
Control Self Assessment
Control Self AssessmentControl Self Assessment
Control Self Assessment
 
COSO Deck
COSO DeckCOSO Deck
COSO Deck
 
Upgrading Risk Management and Internal Control in Your Organization
Upgrading Risk Management and Internal Control in Your OrganizationUpgrading Risk Management and Internal Control in Your Organization
Upgrading Risk Management and Internal Control in Your Organization
 
Internal controls myths and best practices
Internal controls myths and best practicesInternal controls myths and best practices
Internal controls myths and best practices
 
Internal Control COSO
Internal Control COSOInternal Control COSO
Internal Control COSO
 
Internal Control & Risk Management Framework
Internal Control & Risk Management FrameworkInternal Control & Risk Management Framework
Internal Control & Risk Management Framework
 
Functional Audit
Functional AuditFunctional Audit
Functional Audit
 
Compliance framework
Compliance frameworkCompliance framework
Compliance framework
 
Corporate Governance
Corporate GovernanceCorporate Governance
Corporate Governance
 
COSO Update DTF
COSO Update DTFCOSO Update DTF
COSO Update DTF
 
Turning risk into opportunities
Turning risk into opportunitiesTurning risk into opportunities
Turning risk into opportunities
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self Assessment
 
Top 10 lessons learned from COSO 2013 Implementation
Top 10 lessons learned from COSO 2013 Implementation Top 10 lessons learned from COSO 2013 Implementation
Top 10 lessons learned from COSO 2013 Implementation
 

Semelhante a Introduction to COSO 2013 - Corporate Compliance Seminars

COSO Deep Dive - Using BlackLine to Manage Your COSO Framework
COSO Deep Dive - Using BlackLine to Manage Your COSO FrameworkCOSO Deep Dive - Using BlackLine to Manage Your COSO Framework
COSO Deep Dive - Using BlackLine to Manage Your COSO Framework
BlackLine
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk Consulting
Prashant Jain
 
IFC Knowldge Sharing 23.02.20 (1).pptx
IFC Knowldge Sharing 23.02.20 (1).pptxIFC Knowldge Sharing 23.02.20 (1).pptx
IFC Knowldge Sharing 23.02.20 (1).pptx
SejalJain178980
 
El-Paso SOX TestingTraining- June 2007
El-Paso SOX TestingTraining- June 2007El-Paso SOX TestingTraining- June 2007
El-Paso SOX TestingTraining- June 2007
Danial Khan
 
Assessing risks and internal controls training
Assessing risks and internal controls trainingAssessing risks and internal controls training
Assessing risks and internal controls training
shifataraislam
 
Designing Effective Financial Controls
Designing Effective Financial ControlsDesigning Effective Financial Controls
Designing Effective Financial Controls
Stephen G. Lynch
 
01 linkage of risk to governance processes
01 linkage of risk to governance processes01 linkage of risk to governance processes
01 linkage of risk to governance processes
veritama
 
Designing Effective Financial Controls - Leveraging the Internal Control Fram...
Designing Effective Financial Controls - Leveraging the Internal Control Fram...Designing Effective Financial Controls - Leveraging the Internal Control Fram...
Designing Effective Financial Controls - Leveraging the Internal Control Fram...
Stephen G. Lynch
 
Internal control system
Internal control systemInternal control system
Internal control system
Madiha Hassan
 
Covering Your Bases McDonald
Covering Your Bases McDonaldCovering Your Bases McDonald
Covering Your Bases McDonald
EDR
 

Semelhante a Introduction to COSO 2013 - Corporate Compliance Seminars (20)

Internal Financial Controls
Internal Financial ControlsInternal Financial Controls
Internal Financial Controls
 
Recent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management DevelopmentsRecent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management Developments
 
COSO Deep Dive - Using BlackLine to Manage Your COSO Framework
COSO Deep Dive - Using BlackLine to Manage Your COSO FrameworkCOSO Deep Dive - Using BlackLine to Manage Your COSO Framework
COSO Deep Dive - Using BlackLine to Manage Your COSO Framework
 
Spire Brief - Risk Consulting
Spire Brief - Risk ConsultingSpire Brief - Risk Consulting
Spire Brief - Risk Consulting
 
IFC Knowldge Sharing 23.02.20 (1).pptx
IFC Knowldge Sharing 23.02.20 (1).pptxIFC Knowldge Sharing 23.02.20 (1).pptx
IFC Knowldge Sharing 23.02.20 (1).pptx
 
Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)Control and audit of information System (hendri eka saputra)
Control and audit of information System (hendri eka saputra)
 
El-Paso SOX TestingTraining- June 2007
El-Paso SOX TestingTraining- June 2007El-Paso SOX TestingTraining- June 2007
El-Paso SOX TestingTraining- June 2007
 
Assessing risks and internal controls training
Assessing risks and internal controls trainingAssessing risks and internal controls training
Assessing risks and internal controls training
 
Designing Effective Financial Controls
Designing Effective Financial ControlsDesigning Effective Financial Controls
Designing Effective Financial Controls
 
01 linkage of risk to governance processes
01 linkage of risk to governance processes01 linkage of risk to governance processes
01 linkage of risk to governance processes
 
WIRC-IFC.pdf
WIRC-IFC.pdfWIRC-IFC.pdf
WIRC-IFC.pdf
 
Designing Effective Financial Controls - Leveraging the Internal Control Fram...
Designing Effective Financial Controls - Leveraging the Internal Control Fram...Designing Effective Financial Controls - Leveraging the Internal Control Fram...
Designing Effective Financial Controls - Leveraging the Internal Control Fram...
 
COSO.pptx
COSO.pptxCOSO.pptx
COSO.pptx
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Internal control system
Internal control systemInternal control system
Internal control system
 
IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15
IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15
IMA Annual Event LA 2015 Brad Monterio and Liv Watson 23 jun15
 
COSO_2013_Framework_on_Internal_Control.pdf
COSO_2013_Framework_on_Internal_Control.pdfCOSO_2013_Framework_on_Internal_Control.pdf
COSO_2013_Framework_on_Internal_Control.pdf
 
Covering Your Bases McDonald
Covering Your Bases McDonaldCovering Your Bases McDonald
Covering Your Bases McDonald
 
PART II INTERNAL AUDITING in local government.ppt
PART II INTERNAL AUDITING in local government.pptPART II INTERNAL AUDITING in local government.ppt
PART II INTERNAL AUDITING in local government.ppt
 
UNCCInternalControls.pptx
UNCCInternalControls.pptxUNCCInternalControls.pptx
UNCCInternalControls.pptx
 

Último

Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
pr788182
 
Structuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdfStructuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdf
laloo_007
 
Mckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for ViewingMckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for Viewing
Nauman Safdar
 
Cracking the 'Career Pathing' Slideshare
Cracking the 'Career Pathing' SlideshareCracking the 'Career Pathing' Slideshare
Cracking the 'Career Pathing' Slideshare
Workforce Group
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
allensay1
 
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
DUBAI (+971)581248768 BUY ABORTION PILLS IN ABU dhabi...Qatar
 

Último (20)

Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024Marel Q1 2024 Investor Presentation from May 8, 2024
Marel Q1 2024 Investor Presentation from May 8, 2024
 
HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024HomeRoots Pitch Deck | Investor Insights | April 2024
HomeRoots Pitch Deck | Investor Insights | April 2024
 
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDINGParadip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
Paradip CALL GIRL❤7091819311❤CALL GIRLS IN ESCORT SERVICE WE ARE PROVIDING
 
Structuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdfStructuring and Writing DRL Mckinsey (1).pdf
Structuring and Writing DRL Mckinsey (1).pdf
 
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 MonthsSEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
SEO Case Study: How I Increased SEO Traffic & Ranking by 50-60% in 6 Months
 
Over the Top (OTT) Market Size & Growth Outlook 2024-2030
Over the Top (OTT) Market Size & Growth Outlook 2024-2030Over the Top (OTT) Market Size & Growth Outlook 2024-2030
Over the Top (OTT) Market Size & Growth Outlook 2024-2030
 
Falcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investorsFalcon Invoice Discounting: The best investment platform in india for investors
Falcon Invoice Discounting: The best investment platform in india for investors
 
Mckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for ViewingMckinsey foundation level Handbook for Viewing
Mckinsey foundation level Handbook for Viewing
 
Cracking the 'Career Pathing' Slideshare
Cracking the 'Career Pathing' SlideshareCracking the 'Career Pathing' Slideshare
Cracking the 'Career Pathing' Slideshare
 
Putting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptxPutting the SPARK into Virtual Training.pptx
Putting the SPARK into Virtual Training.pptx
 
Power point presentation on enterprise performance management
Power point presentation on enterprise performance managementPower point presentation on enterprise performance management
Power point presentation on enterprise performance management
 
Rice Manufacturers in India | Shree Krishna Exports
Rice Manufacturers in India | Shree Krishna ExportsRice Manufacturers in India | Shree Krishna Exports
Rice Manufacturers in India | Shree Krishna Exports
 
Falcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business PotentialFalcon Invoice Discounting: Unlock Your Business Potential
Falcon Invoice Discounting: Unlock Your Business Potential
 
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al MizharAl Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
Al Mizhar Dubai Escorts +971561403006 Escorts Service In Al Mizhar
 
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
!~+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUD...
 
TVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdf
TVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdfTVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdf
TVB_The Vietnam Believer Newsletter_May 6th, 2024_ENVol. 006.pdf
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
Falcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business GrowthFalcon Invoice Discounting: Empowering Your Business Growth
Falcon Invoice Discounting: Empowering Your Business Growth
 
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAIGetting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
Getting Real with AI - Columbus DAW - May 2024 - Nick Woo from AlignAI
 
Falcon Invoice Discounting: Tailored Financial Wings
Falcon Invoice Discounting: Tailored Financial WingsFalcon Invoice Discounting: Tailored Financial Wings
Falcon Invoice Discounting: Tailored Financial Wings
 

Introduction to COSO 2013 - Corporate Compliance Seminars

  • 1. Property of Corporate Compliance Seminars www.compliance.seminars.com 1 David S. Marshall, MBA, CISA, CFE, CFS Ph: 708-205-2366 / dmarshall@infotech-global.com John C. Blackshire, Jr., CPA Ph: 479-200-4373/ jblackshire@compliance-seminars.net COSO 2013 Overview of the Framework A Practical Implementation of the COSO Update for Management and Auditors Corporate Compliance Seminars
  • 2. http://www.compliance-seminars.com Corporate Compliance Seminars provides educational seminars and consulting services to businesses of all sizes. Our mission is to promote the awareness of internal controls, regulatory compliance, corporate governance, IT security, and fraud prevention and detection to improve business profitability. Each faculty member has over 20 years of work experience within the subject matter. Corporate Compliance Seminars has been presenting practical, informative and entertaining seminars since 2004. We are a proud sponsor of NASBA. Property of Corporate Compliance Seminars www.compliance-seminars.com 2 Corporate Compliance Seminars
  • 3. Problems • Foreign Corrupt Practices Act of 1977 - Violations • Real Estate boon; inflation; high interest rates; Savings and Loan deregulation • Business Failures: Penn Square Bank, Continental Bank; Crazy Eddie’s Electronics • S & L Crisis: Over 700 failures - many from fraud; overvalued real estate; lack of internal controls; lending out far too much money than was prudent Solutions 1985: National Commission on Fraudulent Financial Reporting aka “Treadway Commission” Mission: “To identify causal factors that can lead to fraudulent financial reporting.” 1999: Blue Ribbon Committee on Improving the Effectiveness of Corporate Audit Committees 3 Property of Corporate Compliance Seminars www.compliance-seminars.com
  • 4. Property of Corporate Compliance Seminars www.compliance.seminars.com 4 1985 - Committee of Sponsoring Organizations (COSO) of the Treadway Commission was formed “COSO is a joint initiative of five private sector organizations and is dedicated to providing thought leadership through the development of frameworks and guidance on enterprise risk management, internal control and fraud deterrence.”
  • 5. The term internal control over financial reporting is defined as a process designed by, or under the supervision of, the issuer's principal executive and principal financial officers, or persons performing similar functions, and effected by the issuer's board of directors, management and other personnel, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles and includes those policies and procedures that: • Pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the issuer; • Provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the issuer are being made only in accordance with authorizations of management and directors of the issuer; and • Provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the issuer's assets that could have a material effect on the financial statements.” (Rule 13a-15 (f) ) Property of Corporate Compliance Seminars www.compliance.seminars.com 5
  • 6. “A process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding achievement of objectives in the following categories: • Effectiveness and efficiency of operations, • Reliability of financial reporting, and • Compliance with applicable laws and regulations.” Property of Corporate Compliance Seminars www.compliance.seminars.com 6 Components of Internal Control Definition of Internal Control Layers of Internal Control
  • 7. www.compliance-seminars.com 7 COSO - Board of Directors COSO Advisory Council AICPA, AAA, IIA, FEI, IMA Regulatory Observers Public Accounting Firms Others (IFAC, GAVI Alliance, ISACA) PwC - Contracted Author Stakeholders Over 700 stakeholders and users were surveyed and others submitted comments during the draft review period Douglas F. Prawitt AAA Charles Landes AICPA Marie N. Hollein FEI Sandra Richtermeyer IMA Richard F. Chambers, IIA Robert B. Hirth, Jr. Chairman
  • 8. Why update the “Internal Control – Integrated Framework”? • Address significant changes to business environment and associated risks • Codify criteria to us in development and assessment of systems of internal control • Increase focus on operations, compliance and non-financial reporting objectives. Property of Corporate Compliance Seminars www.compliance.seminars.com
  • 9. A changing business environment... Drives updates to the Framework... Expectations for governance oversight Globalization of markets and operations Changes in business models Demands and complexity of rules, regulations and standards Expectations for competencies and accountabilities Use and reliance on evolving technology Expectations for preventing and detecting fraud www.compliance-seminars.com 9 Why Change? Benefits… - Improve governance - Expand use beyond financial reporting - Improve quality of risk assessment - Strengthen anti-fraud efforts - Adapt controls to changing business needs - Greater applicability for various business models
  • 10. What did not change... What changed... 1. Definition of internal control 2. Five components of internal control 3. The fundamental criteria used to assess effectiveness of systems of internal control 4. Use of judgment in evaluating the effectiveness of systems of internal control 1. Codification of principles with universal application for use in developing and evaluating the effectiveness of systems of internal control 2. Expanded financial reporting objective to address internal and external, financial and non-financial reporting objectives 3. Increased focus on operations, compliance and non-financial reporting objectives based on user input “The experienced reader will find much familiar in the updated Framework, which builds on what has proven effective in the original version.” Property of Corporate Compliance Seminars www.compliance.seminars.com COSO Update created “Principles of Control” (PoCs) and “Points of Focus” (PoFs)
  • 11. Control Environment Risk Assessment Control Activities Information & Communication Monitoring Activities 1. Demonstrates commitment to integrity and ethical values 2. Exercises oversight responsibility 3. Establishes structure, authority and responsibility 4. Demonstrates commitment to competence 5. Enforces accountability 6. Specifies relevant objectives 7. Identifies and analyzes risk 8. Assesses fraud risk 9. Identifies and analyzes significant change 10. Selects and develops control activities 11. Selects and develops general controls over technology 12. Deploys through policies and procedures 13. Uses relevant information 14. Communicates internally 15. Communicates externally 16. Conducts ongoing and/or separate evaluations 17. Evaluates and communicates deficiencies
  • 12. • “Effective internal control provides reasonable assurance regarding the achievement of objectives and requires that: • Each component and each relevant principle is present and functioning • The five components are operating together in an integrated manner” • “Each principle is suitable to all entities…” • “All principles are presumed relevant except in rare situations where management determines that a principle is not relevant to a component (e.g., governance, technology)” • “Components operate together when all components are present and functioning and internal control deficiencies aggregated across components do not result in one or more major deficiencies…” • “A major deficiency represents an internal control deficiency or combination thereof that severely reduces the likelihood that an entity can achieve its objectives…”
  • 13. PoF Statements from COSO • “Points of focus may not be suitable or relevant, and others may be identified” • “Points of focus may facilitate designing, implementing, and conducting internal control” • “There is no requirement to separately assess whether points of focus are in place” Control Environment Principle of Control 1: “The organization demonstrates a commitment to integrity and ethical values.” Points of Focus: • Sets the Tone at the Top • Establishes Standards of Conduct • Evaluates Adherence to Standards of Conduct • Addresses Deviations in a Timely Manner
  • 14. • “The Framework does not prescribe controls to be selected, developed, and deployed for effective internal control.” • “An organization’s selection of controls to effect relevant principles and associated components is a function of management judgment based on factors unique to the entity.” • “A major deficiency in a component or principle cannot be mitigated to an acceptable level by the presence and functioning of other components and principles.” • “However, understanding and considering how controls effect multiple principles can provide persuasive evidence supporting management’s assessment of whether components and relevant principles are present and functioning.”
  • 15. 10. No statement of the problems with COSO 1992 9. Management by Objectives (MBO) based 8. COSO is not ERM – financial statement risks 7. No Study of the utility of the COSO Framework 6. No integration of other disciplines Property of Corporate Compliance Seminars 15
  • 16. 5. It is not a dynamic framework nor organization 4. No study of “What Went Wrong Post-SOX” 3. Linear control representation 2. “Concept of Culture” Property of Corporate Compliance Seminars 16 1. Is COSO independent and objective?
  • 17. • “Users are encouraged to transition applications and related documentation to the updated Framework as soon as feasible” • Due date is December 15, 2014, when the New Framework will supersede the current one • The transition period starts now • During the transition period, external reports (issued by management to regulators-SEC) should disclose whether the original or updated version of the Framework was used • “Adopting the updated Framework will vary by organization…” Does your system of internal control need to address changes in operations – structure, products, services? Should your system of internal control be updated to address all 17 Principles? Should your system of internal control be updated to address all 79 Points of Focus?
  • 18. Property of Corporate Compliance Seminars www.compliance.seminars.com 18 Five COSO Components: CE, RA, CA, I&C, MA 17 Principles Imbedded in the Components Focus on the pervasive controls that set the overall tone of the organization and the key controls to prevent and detect material misstatements The fundamental concepts associated with, and drawn directly from, the five components of the Framework 87 Points of Focus Imbedded in the Principles Supporting each principle are “Points of Focus” to assist management in determining whether the associated principle is present and functioning
  • 19. Property of Corporate Compliance Seminars www.compliance.seminars.com 19 • Understand the COSO updated Framework and its impact on your organization • Communicate the Update to your Compliance team, internal auditors, executives, Board/ Audit Committee, and operations management • Assess and apply changes in controls and supporting documentation, and map to five COSO Components and applicable Principles of Control and Points of Focus • Implement by December 31, 2014 for external reporting
  • 20. The principles-based approach provides flexibility in applying the Framework to multiple, overlapping objectives across the entity • Easier to see what is covered and what is missing • Focus on principles may reduce likelihood of considering something that’s irrelevant Understand the importance of specifying suitable objectives focuses on those risks and controls most important to achieving these objectives Focus on areas of risk that exceed acceptance levels or need to be managed across the entity may reduce efforts spent mitigating risks in areas of lesser significance Coordinate efforts for identifying and assessing risks across multiple, overlapping objectives may reduce the number of discrete risks assessed and mitigated Improved Controls = Less Risk = Achieving Organization Objectives
  • 21. - This is an excerpt from our COSO Update seminars - David S. Marshall, MBA, CISA, CFE, CFS Corporate Compliance Seminars/ Infotech Global 708-205-2366/ dmarshall@infotech-global.com John C. Blackshire, Jr., CPA Corporate Compliance Seminars/ The AccountWare Group 479-200-4373/ jblackshire@compliance-seminars.net www.compliance-seminars.com Property of Corporate Compliance Seminars www.compliance.seminars.com 21 Corporate Compliance Seminars