COSO - An Internal Control Framework - PowerPoint PPT Presentation

About This Presentation
Title:

COSO - An Internal Control Framework

Description:

Title: Title goes here Author: MPaul Last modified by: Veldhouse, Tescia Created Date: 4/8/2003 7:54:27 PM Document presentation format: Custom Company – PowerPoint PPT presentation

Number of Views:187
Avg rating:3.0/5.0
Slides: 23
Provided by: mpa103
Category:

less

Transcript and Presenter's Notes

Title: COSO - An Internal Control Framework


1
COSO - An Internal Control Framework
CONTROLLING RISKS - REACHING GOALS
Prepared by Michael Paul, CGFM
2
COSO - An Internal Control Framework
  • landmark report commissioned by the Committee on
    Sponsoring Organizations of the Treadway
    Commission (COSO).
  • Basis of State Comptrollers guidance for chapter
    647.

3
Why Internal Control?
  • Managers need to meet objectives of their unit
  • Risks exist to meeting those objectives
  • Controls minimize those risks
  • Managers, not accountants, are ultimately
    responsible for this.

4
OBJECTIVES, RISKS, CONTROLS
  • Compliance with laws, regulations, policy and
    procedures
  • Accomplishment of mission
  • Reliability of information
  • Efficient and effective use of resources
  • Safeguarding of assets

5
OBJECTIVES, RISKS, CONTROLS
  • Compliance
  • Reliability
  • Accomplishment of mission
  • Efficiency and effectiveness
  • Safeguarding of assets
  • COSO combines into
  • Effectiveness and efficiency of operations

6
OBJECTIVES, RISKS, CONTROLS
  • Define the risks
  • Evaluate each risk
  • likelihood
  • cost of loss
  • duration and its side effects
  • Prioritize

7
OBJECTIVES, RISKS, CONTROLS
  • We have risk
  • We have identified it
  • Measured it
  • Prioritized it
  • How to diminish it? ACTION

8
Control worksheet(example)
9
COSO 5 Control Elements
INTERNAL
  • 1. C ontrol Activities
  • 2. R isk Assessment
  • 3. I nformation communication
  • 4. M onitoring
  • 5. Control E nvironment
  • INTERNAL CONTROLS

CONTROLS
10
To create ICs
  • PPR Objectives CARES- Compliance with rules,
    Accomplishment of mission, Reliability of
    information, Efficiency, Safeguarding assets
  • Risk Define, Evaluate, Prioritize, Diminish
  • Controls CRIMES- Control activities, Risk
    Assessment, Information Communication,
    Monitoring, Control Environment
  • Across each function and units

11
The COSO NET
12
ENVIRONMENT
  • Integrity Ethical values
  • Commitment to Competence
  • Board participation
  • Management style
  • Organizational structure
  • Assignment of authority and responsibility
  • Human resources practices

13
RISK
  • Changes in operating environment
  • New personnel
  • New Information systems
  • Rapid growth
  • New technology,
  • New services, activities
  • Restructurings
  • New accounting procedures or rules

14
RISK
RISK OF PROBLEM GOING UNDETECTED
15
Control Risk Events
  • Management and auditors thoroughly brainstorm
    scenarios of what could go wrong in each process.
    (fraud, waste, abuse, errors, etc.)
  • Do these before you create controls
  • or try to assess if they are effective

16
ACTIVITIESHard controls
  • Periodic counts and reconciliation of records to
    assets action on variances
  • Physical controls over access to assets and
    records
  • Reports of budget or prior period vs. actual
  • EDP requires checks of accuracy, completeness and
    authorization of transaction
  • Activities not the whole picture
  • Transactions only as authorized by management
  • All transactions are recorded for reporting
    accountability
  • Segregation of
  • Authorization
  • Asset Custody
  • Record keeping

17
MONITORING
  • 3 ways
  • Normal routine actions
  • Internal auditors
  • External audits and reviews

18
INFORMATION COMMUNICATION
  • Enable us to capture exchange info to conduct,
    manage and control operations
  • Accounting system GL and sub-ledgers
  • Training supervision
  • Procedure manuals
  • Feedback Fraud Hot lines

19
Benefits of COSO
  • Big Picture - organization wide, efficiency, etc.
  • Soft Controls as well - trust, management style,
    understanding of procedures, etc.
  • Better Quality
  • Controls integrated with the rest of the business
  • Balance of cost vs. benefit

20
CAVEATS...
  • Dont go wild. COSO is one way to approach IC.
  • Use it as new controls are added or as questions
    arise
  • COSO is a mind-set. Keep these ideas in mind as
    controls are addressed
  • COSO is used wholesale mostly in large corporate
    settings with internal audit departments, able to
    do a business-wide Control Self-Assessment.

21
So
  • Dont worry, be happy?....
  • Or
  • an ounce of prevention is worth a pound of cure

22
COSO
  • AICPA This landmark report was commissioned by
    the Committee on Sponsoring Organizations of the
    Treadway Commission (COSO). It establishes a
    common definition of internal control that
    services the needs of different parties for
    assessing and improving their control systems.
  • COSO's groundbreaking report includes
  • Executive Summary
  • Framework
  • Reporting to External Parties
  • Evaluation Tools
  • The Addendum to Reporting to External Parties is
    also included. It
  • "encourages management that reports to external
    parties on controls over financial reporting to
    also cover controls over safeguarding of assets
    against unauthorized acquisition, use, or
    disposition."
  • It defines such controls and provides a suggested
    form of report.
  • Five Evaluation Tools are now available on disk,
    one for each of the internal control components
    identified in Integrated Framework for Internal
    Control. Columnar MS Word templates contain
    internal control risks, objectives, components
    and elements with spaces and columns for
    management or other evaluators to record their
    assessments, observations and conclusions.
  • Everyone in your firm or company who works with
    internal controls should have his or her own
    copy.
  • https//www.cpa2biz.com/CS2000/Products/CPA2BIZ/Pu
    blications/Sub1/InternalControl-IntegratedFra
    mework.htm
Write a Comment
User Comments (0)
About PowerShow.com