Coso and It's Components

What is Internal Control?

Internal control is a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:

1. Efficiency and effectiveness of operations

2. Reliability of financial reporting

3. Compliance with applicable laws and regulations

Explain the 5 COSO components and describe their relationship.

Control environment

1. is organization’s culture with respect to importance of IC

2. provides discipline/ structure

3. sets tone of organization, influencing the control consciousness of its people

4. basis for any IC system & other 4 components

5. includes various quality factors: integrity and ethical values, commitment to competence, boards of directors/ audit committee, Management’s philosophy and operating style, organizational structure, assignment of authority and responsibility, human resource policies and practices

Risk Assessment

1. identification/ analysis of relevant risks to assure achievement of objectives

2. focus on establishing such measures that residual risk is reduced to an acceptable level:

1. step: control problem avoidance

2. step: implement preventive measures

3. step: implement detective measures

 1&2&3 decision should be based on cost-benefit analysis (cost not higher > benefits)

3. tool for decisions if risk is acceptable or not: risk map = likelihood/ impact

4. no one-time activity; perform permanently to address organizational/ environmental changes

5. Precondition to risk assessment: establishment of objectives  enables management to identify measurement criteria for performance with focus on critical success factors

Control Activities

1. Policies/ procedures that help ensure management directives are carried out

2. help ensure necessary actions are taken to address risks to achievement of the entity’s objectives

3. measures:

1. preventive measures focus on avoiding...