Professional Documents
Culture Documents
COSO
COSO
COSO
About COSO
Mission
The Committee of Sponsoring Organizations (COSO) mission is to provide thought
leadership through the development of comprehensive frameworks and guidance on
enterprise risk management, internal control and fraud deterrence designed to
improve organizational performance and governance and to reduce the extent of
fraud in organizations.
Vission
History
COSO was organized in 1985 to sponsor the National Commission on Fraudulent
Financial Reporting, an independent private-sector initiative that studied the causal
factors that can lead to fraudulent financial reporting. It also developed
recommendations for public companies and their independent auditors, for the SEC
and other regulators, and for educational institutions
The National Commission was sponsored jointly by five major professional
associations headquartered in the United States: the American Accounting
Association (AAA), the American Institute of Certified Public Accountants (AICPA),
Financial Executives International (FEI), The Institute of Internal Auditors (IIA), and the
National Association of Accountants (now the Institute of Management Accountants
[IMA]). Wholly independent of each of the sponsoring organizations, the Commission
included representatives from industry, public accounting, investment firms, and the
New York Stock Exchange.
COSOs goal is to provide thought leadership dealing with three interrelated subjects:
enterprise risk management (ERM), internal control, and fraud deterrence.
Control
Environment
Risk Assessment
Control Activities
Information &
Communication
Monitoring
Activities
Demonstrates
commitment to integrity
and ethical values
Specifi es suitable
objectives
Uses relevant
information
Conducts ongoing
and/or separate
evaluations
Exercise oversight
responsibility
Communicates internally
Evaluates and
communicates defi
ciencies
Establishes structure,
authority and
responsibility
Communicates
externally
Demonstrates
commitment to
competence
Enforces accountability
Conclusion
The Model can be useful for clarifying how responsibilities regarding
risk and control might be coordinated across an organization.
The responsibilities of each of the groups (or lines) are:
1. Own and manage risk and control (front line operating
management).
2. Monitor risk and control in support of management (risk,
control, and compliance functions put in place by management).
3. Provide independent assurance to the board and senior
management concerning the effectiveness of management of risk
and control (internal audit).
The Model can be used in conjunction with the COSO Internal
Control Integrated Framework to help ensure individuals within
each line of defense understand the full extent of their
responsibilities regarding risk and control, and how their duties fit
into the organizations overall risk and control structure.