www.theiia.org a framework for control cosos five components of internal control and questions too...
TRANSCRIPT
![Page 1: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/1.jpg)
www.theiia.org
A Framework for Control
COSO’s five components of internal control and questions
too important to ignore
![Page 2: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/2.jpg)
www.theiia.org
What is COSO?
![Page 3: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/3.jpg)
www.theiia.org
What is COSO?
COSO, the Committee of Sponsoring Organizations of the Treadway Commission, is a private sector initiative established in 1985 by
five financial professional associations.
![Page 4: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/4.jpg)
www.theiia.org
Who?
![Page 5: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/5.jpg)
www.theiia.org
Who?
• The Institute of Internal Auditors
![Page 6: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/6.jpg)
www.theiia.org
Who?
• The Institute of Internal Auditors• American Institute of Certified
Public Accountants
![Page 7: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/7.jpg)
www.theiia.org
Who?
• The Institute of Internal Auditors• American Institute of Certified
Public Accountants• American Accounting Association
![Page 8: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/8.jpg)
www.theiia.org
Who?
• The Institute of Internal Auditors• American Institute of Certified
Public Accountants• American Accounting Association• Institute of Management
Accountants
![Page 9: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/9.jpg)
www.theiia.org
Who?• The Institute of Internal Auditors• American Institute of Certified
Public Accountants• American Accounting Association• Institute of Management
Accountants• Financial Executives Institute
![Page 10: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/10.jpg)
www.theiia.org
Why?
![Page 11: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/11.jpg)
www.theiia.org
Why?
COSO’s goal is to improve the quality of financial reporting
through a focus on corporate governance, ethical practices, and
internal control.
![Page 12: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/12.jpg)
www.theiia.org
Definition of Internal Control
![Page 13: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/13.jpg)
www.theiia.org
Definition of Internal Control
A process, effected by an entity's board of directors, management, and other personnel, designed to
provide reasonable assurance regarding the achievement of
objectives.
![Page 14: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/14.jpg)
www.theiia.org
Categories of Internal Control
![Page 15: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/15.jpg)
www.theiia.org
Categories of Internal Control
• Effectiveness and efficiency of operations
![Page 16: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/16.jpg)
www.theiia.org
Categories of Internal Control
• Effectiveness and efficiency of operations
• Reliability of financial reporting
![Page 17: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/17.jpg)
www.theiia.org
Categories of Internal Control
• Effectiveness and efficiency of operations
• Reliability of financial reporting
• Compliance with applicable laws and regulations
![Page 18: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/18.jpg)
www.theiia.org
Components of Internal Control
![Page 19: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/19.jpg)
www.theiia.org
Components of Internal Control
1. Control Environment
![Page 20: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/20.jpg)
www.theiia.org
Components of Internal Control
1. Control Environment
2. Risk Assessment
![Page 21: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/21.jpg)
www.theiia.org
Components of Internal Control
1. Control Environment
2. Risk Assessment
3. Control Activities
![Page 22: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/22.jpg)
www.theiia.org
Components of Internal Control
1. Control Environment
2. Risk Assessment
3. Control Activities
4. Information and Communication
![Page 23: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/23.jpg)
www.theiia.org
Components of Internal Control
1. Control Environment
2. Risk Assessment
3. Control Activities
4. Information and Communication
5. Monitoring
![Page 24: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/24.jpg)
www.theiia.org
Ask the Right Internal Control Questions about:
![Page 25: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/25.jpg)
www.theiia.org
ETHICS
![Page 26: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/26.jpg)
www.theiia.org
ETHICS
1. Do board members and senior executives set a day-in, day-out example of high integrity and ethical behavior?
![Page 27: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/27.jpg)
www.theiia.org
ETHICS
2. Is there a written code of conduct for employees, and is it reinforced by training, top down communications, and requirements for periodic written statements of compliance from key employees?
![Page 28: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/28.jpg)
www.theiia.org
ETHICS
3. Are performance and incentive compensation targets reasonable and realistic, or do they create undue pressure on achievement of short-term results?
![Page 29: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/29.jpg)
www.theiia.org
ETHICS
4. Is it clear that fraudulent financial reporting at any level and in any form will not be tolerated?
![Page 30: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/30.jpg)
www.theiia.org
ETHICS
5. Are ethics woven into criteria that are used to evaluate individual and business unit performance?
![Page 31: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/31.jpg)
www.theiia.org
ETHICS
6. Does management react appropriately when receiving bad news from subordinates and business units?
![Page 32: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/32.jpg)
www.theiia.org
ETHICS
7. Does a process exist to resolve close ethical calls?
![Page 33: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/33.jpg)
www.theiia.org
ETHICS
8. Are business risks identified and candidly discussed with the board
of directors?
![Page 34: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/34.jpg)
www.theiia.org
RISK
![Page 35: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/35.jpg)
www.theiia.org
RISK
1. Is relevant and reliable internal and external information identified, compiled, and communicated in a timely manner to those who are positioned to act?
![Page 36: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/36.jpg)
www.theiia.org
RISK
2. Are risks identified and analyzed, and actions taken to mitigate them?
![Page 37: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/37.jpg)
www.theiia.org
RISK
3. Are controls in place to assure that management decisions are properly carried out?
![Page 38: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/38.jpg)
www.theiia.org
INTERNAL CONTROL
![Page 39: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/39.jpg)
www.theiia.org
INTERNAL CONTROL
1. Do senior and line management executives demonstrate that they
accept control responsibility, not just delegate that responsibility to financial and audit staff?
![Page 40: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/40.jpg)
www.theiia.org
INTERNAL CONTROL
2. Does management routinely monitor controls in process of running the organization’s operations?
![Page 41: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/41.jpg)
www.theiia.org
INTERNAL CONTROL
3. Does management clearly assign responsibilities for training and monitoring of internal controls?
![Page 42: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/42.jpg)
www.theiia.org
INTERNAL CONTROL
4. Are periodic, systematic evaluations of control systems conducted and documented?
![Page 43: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/43.jpg)
www.theiia.org
INTERNAL CONTROL
5. Are such evaluations conducted by personnel with appropriate responsibilities, business experience, and knowledge of the organization’s affairs?
![Page 44: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/44.jpg)
www.theiia.org
INTERNAL CONTROL
6. Are appropriate criteria established to evaluate controls?
![Page 45: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/45.jpg)
www.theiia.org
INTERNAL CONTROL
7. Are control deficiencies reported to higher levels of management and corrected on a timely basis?
![Page 46: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/46.jpg)
www.theiia.org
INTERNAL CONTROL
8. Are appropriate controls built in as new systems are designed and brought on stream?
![Page 47: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/47.jpg)
www.theiia.org
AUDIT COMMITTEES
![Page 48: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/48.jpg)
www.theiia.org
AUDIT COMMITTEES
1. Has the board recently reviewed adequacy of the audit committee’s written charter?
![Page 49: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/49.jpg)
www.theiia.org
AUDIT COMMITTEES
2. Are audit committee members functioning and, in fact, independent of management?
![Page 50: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/50.jpg)
www.theiia.org
AUDIT COMMITTEES
3. Do audit committee members possess an appropriate mix of operating and financial control expertise?
![Page 51: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/51.jpg)
www.theiia.org
AUDIT COMMITTEES
4. Does the audit committee understand and monitor the broad organizational control environment?
![Page 52: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/52.jpg)
www.theiia.org
AUDIT COMMITTEES
5. Does the audit committee oversee appropriateness, relevance, and reliability of operational and financial reporting to the board, as well as to investors and other external users?
![Page 53: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/53.jpg)
www.theiia.org
AUDIT COMMITTEES
6. Does the audit committee oversee
existence of and compliance with ethical standards?
![Page 54: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/54.jpg)
www.theiia.org
AUDIT COMMITTEES
7. Does the audit committee or full board have a meaningful but challenging relationship with independent auditors, internal auditors, senior financial control executives, and key corporate and business unit operating executives?
![Page 55: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/55.jpg)
www.theiia.org
INTERNAL AUDITING
![Page 56: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/56.jpg)
www.theiia.org
INTERNAL AUDITING
1. Does internal auditing have the support of top management, the audit committee, and the board of directors as a whole?
![Page 57: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/57.jpg)
www.theiia.org
INTERNAL AUDITING
2. Has the written scope of internal audit responsibilities been reviewed by the audit committee for adequacy?
![Page 58: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/58.jpg)
www.theiia.org
INTERNAL AUDITING
3. Is the organizational relationship between internal auditing and senior executives appropriate?
![Page 59: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/59.jpg)
www.theiia.org
INTERNAL AUDITING
4. Does internal auditing have and use open lines of communication and private access to all senior officers and the audit committee?
![Page 60: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/60.jpg)
www.theiia.org
INTERNAL AUDITING
5. Are audit reports covering the right subjects distributed to the right people and acted upon in a timely manner?
![Page 61: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/61.jpg)
www.theiia.org
INTERNAL AUDITING
6. Do key audit executives possess an appropriate level of expertise?
![Page 62: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/62.jpg)
www.theiia.org
To Purchase the Framework:
Visit The IIA Bookstore at
www.theiia.org
![Page 63: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/63.jpg)
www.theiia.org
For More aboutthe Framework:
![Page 64: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/64.jpg)
www.theiia.org
For More aboutthe Framework:
Visit
www.coso.org
![Page 65: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/65.jpg)
www.theiia.org
A Framework for Control
This presentationwas produced
by
![Page 66: Www.theiia.org A Framework for Control COSOs five components of internal control and questions too important to ignore](https://reader037.vdocuments.mx/reader037/viewer/2022110303/5514e4d9550346a80c8b47ed/html5/thumbnails/66.jpg)
www.theiia.org
The IIA is the internal audit profession’s
global voice, recognized authority, acknowledged leader, chief advocate
and principal educatorworldwide.