coso internal control — integrated framework principles sprin… · coso internal control —...
TRANSCRIPT
For more informationabout COSO,visit coso.org.
©2013, Committee of Sponsoring Organizations of the Treadway Commission (COSO). Used by permission.
COSO Internal Control —Integrated Framework Principles
The organization demonstrates acommitment tointegrity and ethical values.
The board of directors demonstratesindependence from management andexercises oversight of the development andperformance of internal control.
Managementestablishes, with boardoversight, structures, reporting lines, andappropriate authorities and responsibilitiesin the pursuit ofobjectives.
The organization demonstrates acommitment to attract, develop, and retaincompetent individuals in alignment withobjectives.
The organization holds individualsaccountable for their internal controlresponsibilities in the pursuit of objectives.
The organization
Control Environment
Risk Assessment
Control Activities
Information &Communication
MonitoringActivities
The organization
to enable the
assessment of risks relating to objectives.
The organization
achievement of its objectives across theentity and analyzes risks as a basis fordetermining howthe risks should be managed.
The organizationconsiders the potential for fraud in assessing risks to theachievement ofobjectives.
The organization
changes that could
the system ofinternal control.
The organization selects and developscontrol activities that contribute to themitigation of risks tothe achievement ofobjectives toacceptable levels.
The organization selects and develops general controlactivities overtechnologyto support theachievement ofobjectives.
The organizationdeploys controlactivities through policies that establish what is expectedand proceduresthat put policiesinto action.
The organization obtains or generates and uses relevant, quality informationto support thefunctioning of internal control.
The organization internally communicatesinformation, including objectives andresponsibilities for internal control,necessary to support the functioning ofinternal control.
The organization communicates withexternal partiesregarding matters affecting thefunctioning ofinternal control.
The organization selects, develops, and performsongoing and/or separate evaluations to ascertain whether the componentsof internal controlare presentand functioning.
The organization evaluates andcommunicates internal control
in a timely mannerto those partiesresponsible for taking corrective action, including senior management and the boardof directors, asappropriate.
it
TdT1
Td
2
Me
3
TT6
T7
Tcf
8
T9
TTs
10
To
13
TTs
16
Te
17
Tini
14
Tc
15
Ts
11
Td
12
Td
4
Ti
5
AsseA
COSO