Scribd
Upload
21 views3 pages

Understanding COSO Internal Control Framework

This document summarizes the components and principles of internal control according to the COSO framework. It defines internal control as a process carried out by the management and staff of an entity to achieve objectives related to operations, information, and compliance. The five components of internal control according to COSO are: control environment, risk assessment, control activities, information and communication systems, and monitoring. The document also describes the principles and circumstances that should be considered in each component.

Uploaded by

ScribdTranslations
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
21 views3 pages

Understanding COSO Internal Control Framework

This document summarizes the components and principles of internal control according to the COSO framework. It defines internal control as a process carried out by the management and staff of an entity to achieve objectives related to operations, information, and compliance. The five components of internal control according to COSO are: control environment, risk assessment, control activities, information and communication systems, and monitoring. The document also describes the principles and circumstances that should be considered in each component.

Uploaded by

ScribdTranslations
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

AUTONOMOUS UNIVERSITY OF SANTO DOMINGO

AUDIT III Section 18


Teacher: Gloria Méndez
José Manuel Gil Domínguez 100161414
Unit 1: INTERNAL CONTROL AND ITS IMPORTANCE IN THE EXAMINATION OF THE STATES
FINANCIAL. TASK 2.3 READING REPORT UNIT II.

1- Define internal control according to COSO

Internal control is a process carried out by the board of directors, management


and the rest of the staff of an entity, designed for the purpose of providing a level of
reasonable security regarding the achievement of objectives related to the
operations, information, and compliance.

2- According to the COSO report, what are the components of internal control.

COSO is dedicated to developing frameworks and general guidelines on internal control,


business risk management and fraud deterrence designed to improve the
organizational performance and supervision and reduce the level of fraud in the
organizations. The components of the integrated internal control framework are:

Control Environment. These are the standards that make up the processes that are developed in the
different levels and/or the organization environment.

Risk Assessment. This prevents any event from influencing or negatively affecting the
development of activities that fulfill the objectives of the organization.

Control Activities. They are all the guidelines and actions that are established through
policies that help and moderate compliance with the requirements of the management for
that risks do not affect the organization's objectives.

Information and Communication System. They are all those quality informations.
internal or external that the company has to implement the responsibility of each
internal level to meet the needs of the organization.

Supervision of the Control System (monitoring). This manages and supervises periodically.
each of the components of internal control, to observe that each level of the entity
fulfill and function properly with the responsibility you have within the
organization.
3- Cite the circumstances that must be handled in each component of internal control.
within the organization.

The circumstances of COSO I are outlined below with some basic aspects that
they make up:

Control environment:

Organizational culture defined and disseminated.


2. Philosophical foundations (mission, vision, values, objectives)
3. Board of Directors or its equivalent according to the type of company.
4. Internal Audit Committee.
5. Organizational and functional structure defined
6. Code of ethics, code of conduct, or similar
7. Human Resources Policies and Practices
8. Continuous training for staff
9. Clearly defined authority and responsibility, among others.

Risk Assessment:

Corporate culture facing business risks


2. The business objectives are clearly defined (in general and by areas).
3. Use of expert/external to assess business risks.
4. Preparation of annual strategic plan.
5. Preparation of SWOT analysis in general and by functional areas, among others.

Control Activities

1.- Manual of policies and procedures (if not general, please list the areas).
2.-Policies and/or procedures (if there are none for everything, please list by areas).
3.-Graphic representation of processes and activities.
4.-Segregation of functions (operational and accounting).
5.- Appropriate levels of authorization for activities.
6.-Appropriate documents and records (consider points 4 and 5).
7.- Physical controls over assets and records (security and preservation).
8.-Performance reviews.
9.- There are different types of controls for the areas.

Information and Communication Systems


1.- There is an information system for all operations
The system allows for the efficient and appropriate recording of transactions.
3.-The data processing by the system is agile and secure.
The system does not allow the duplication of information.
5.-Reports are generated according to the users' needs.
6.-The reports are reliable and timely.
There are defined levels and/or channels for the management of information.
Monitoring
1.- The internal audit function exists in the company.
The information from different sources is evaluated.
Responsibilities are established for the findings.
4.- The detected weaknesses are monitored (action plans).
5.- The existing monitoring controls are functional.

4- What is the basis of the components of internal control and what does it provide.

In 1992, the COSO committee presented a first document that marks a new point of
part of the study and implementation of internal control in organizations, given its
standardization in internal control processes. Known as the integrated COSO framework or
case 1.

In 2004, the committee published a second document called Corporate Risk Management.
integrated framework or COSO 2 model.

In 2013, the latest version of the COSO model was published, which uses 17 principles as a basis for
the 5 components. They are as follows:

Control environment:

The organization demonstrates a commitment to integrity and ethical values.


The board of directors exercises its responsibility for supervising internal control.
3. Establish the structure, responsibility, and authority.
4. Demonstrate commitment to professional competence.
5. Strengthen responsibility.

You might also like