the new coso framework
play

The New COSO Framework: Avoiding Deficiencies and Driving Change - PowerPoint PPT Presentation

Aug 14, 2022 •162 likes •577 views

The New COSO Framework: Avoiding Deficiencies and Driving Change Session #308 IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW Speaker Introductions Greg Daniel, CISA, CRMA Kimberley Mobley, CPA, CISA Ryan Isbell, CPA Partner

  2. The New COSO Framework: Avoiding Deficiencies and Driving Change Session #308 IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  3. Speaker Introductions Greg Daniel, CISA, CRMA Kimberley Mobley, CPA, CISA Ryan Isbell, CPA Partner Controller Manager CRC Wholesale Group Johnson Lambert LLP Johnson Lambert LLP kmobley@johnsonlambert.com Risbell@crcins.com gdaniel@johnsonlambert.com IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  4. Presentation Overview  Why update the original framework?  What is changing?  New areas of emphasis  Timing and transition  Impact and opportunities IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  5. Transition Commentary “I continue to question whether all material weaknesses are being properly identified . It is surprisingly rare to see management identify a material weakness in the absence of a material misstatement.” – Brian T. Croteau , Deputy Chief Accountant Office of the Chief Accountant U.S. Securities and Exchange Commission IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  6. Transition Commentary “Unfortunately, over the decades, we’ve seen multiple cycles in which company management and internal and external auditors simply didn’t get it right in the area of internal control, resulting in failures to effectively define, understand, implement, and assess internal control.” – Jeanette M. Franzel , Board Member PCAOB March 26, 2014 IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  7. Background COSO is a joint initiative of five supporting organizations 1992 Original Framework  Established a common internal control model against which companies and organizations may assess their control systems Enhancing the Original Framework  Updates to reflect changes in the business world over the past 20 years IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  8. Why update the original framework? Original COSO’s Internal Control – Integrated Framework (1992 Edition) Framework Articulate principles to Expand focus on Reflect changes in facilitate the operations, compliance Refresh business & operating development and and non-financial Objectives environments assessment of internal reporting objectives control Broadens application: Clarifies requirements: Updated, clarified and Enhancements internal and non- Principles & enhanced framework financial reporting Points of Focus Updated COSO’s Internal Control – Integrated Framework (2013 Edition) Framework IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  9. What is Remaining the Same? The Definition of Internal Control A process , effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations , reporting and compliance . IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  10. What is Remaining the Same?  The three categories of objectives  The five components of internal control  The requirement to consider each of the five components to assess effectiveness  The use of judgment in designing, implementing and evaluating the effectiveness of systems of internal control IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  11. What are the Key Changes? Principles-based approach 5 components of internal control 5 Components 17 principles that must be present and functioning in an effective 17 system of internal control Principles 81 points of focus are typically 81 important characteristics of the Points of Focus 17 principles IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  12. What are the Key Changes? 17 principles are aligned with each of the five components Requirements of COSO principles  Must be present and functioning  Must operate in an integrated manner Added Points of Focus for each principle  Important characteristics of principles  Items management can consider to determine if the principles are present and functioning IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  13. COSO Components & Principles Update articulates principles of effective internal control 1. Demonstrates commitment to integrity and ethical values Control Environment 2. Exercises oversight responsibility 3. Establishes structure, authority and responsibility 4. Demonstrates commitment to competence 5. Enforces accountability Risk Assessment 6. Specifies suitable objectives 7. Identifies and analyzes risk 8. Assesses fraud risk 9. Identifies and analyzes significant change 10.Selects and develops control activities Control Activities 11.Selects and develops general controls over technology 12.Deploys through policies and procedures Information & Communication 13.Uses relevant information 14.Communicates internally 15.Communicates externally Monitoring Activities 16.Conducts ongoing and/or separate evaluations 17.Evaluates and communicates deficiencies IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  14. Points of Focus Control Environment Component Points of focus : Principle 1 : • Sets the tone at the top The organization • Establishes standards of conduct demonstrates a commitment • Evaluates adherence to standards to integrity and ethical values of conduct • Addresses deviations in a timely manner  Some points of focus may not be relevant  May facilitate designing, implementing, and conducting internal control  Not required to separately assess whether points of focus are in place IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  15. New Areas of Emphasis Governance  Enhanced focus on oversight role of the board of directors and its committees  Board independence, skills and expertise  Ensuring competence of personnel  Board oversight of organization structure and reporting lines  Appropriateness of communication with board  Board responsibilities related to evaluating deficiencies and monitoring corrective actions IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  16. New Areas of Emphasis Risk Assessment  Increased focus on risk assessment process, and responding to assessed level of risk  Importance of setting objectives  Involvement of appropriate level of management  Risk response evidenced by changes in control activities  Risk assessment related to fraud (Principle 8)  Assessment of changes to the external and internal business environment IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  17. New Areas of Emphasis Information Technology  14 of the 17 principles include IT considerations  Principle 11 focused on IT general controls  Impact of system changes on internal control effectiveness  Quality of data used to execute controls (Principle 13)  Using relevant information  Segregation of duties  Use of data analytics – continuous monitoring  Information security IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  18. New Areas of Emphasis Outsourced Service Providers (OSPs)  12 of the 17 principles address monitoring of control activities performed by OSPs  Management retains responsibilities for controls  Inventory of OSPs with responsibilities related to key internal controls  SOC1/SOC2 report evaluation  Communication of integrity and ethical behavior requirements  Competence and performance monitoring  Accountability for internal control processes IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  19. Assessing the System of Internal Control To conclude that your system of internal control is effective:  The five components of internal control and all relevant principles must be: • Present and functioning • Operating together in an integrated manner If a relevant principle is not present and functioning, a major deficiency exists in the system of internal control IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  20. Timing and Transition  Transition period: May 14, 2013 – December 15, 2014  2013 framework will supersede original framework at the end of the transition period  During the transition period, entities reporting externally (and their auditors) should disclosure whether the original or updated version of the framework was used IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  21. Transition Commentary “ SEC staff plans to monitor the transition for issuers using the 1992 framework to evaluate whether and if any staff or Commission actions become necessary or appropriate at some point in the future.” – Paul Beswick , (Former) Chief Accountant Office of the Chief Accountant U.S. Securities and Exchange Commission May 30, 2013 IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

  22. Next Steps COSO has developed a plan to help guide the transition: Step 1 Step 2 Step 3 Step 4 Step 5 Develop Conduct Facilitate broad Develop and Drive awareness, preliminary awareness, execute COSO continuous expertise, and impact training and transition plan improvement alignment assessment comprehensive for SOX assessment compliance IASA 87 TH ANNUAL EDUCATIONAL CONFERENCE & BUSINESS SHOW

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

THE COSO INTEGRATED CONTROL CUBE THE COSO I NTEGRATED CONTROL CUBE 1 COSO Definition of I

THE COSO INTEGRATED CONTROL CUBE THE COSO I NTEGRATED CONTROL CUBE 1 COSO Definition of I

THE COSO INTEGRATED CONTROL CUBE THE COSO I NTEGRATED CONTROL CUBE 1 COSO Definition of I nternal Control Internal control is a process, effected by an entitys Board of Directors, management and other personnel, designed to provide

208 views • 16 slides
STANDARDS/COSO 2013 INTEGRATION Benito Ybarra, Chief Audit and Compliance Officer March 2015

STANDARDS/COSO 2013 INTEGRATION Benito Ybarra, Chief Audit and Compliance Officer March 2015

TXDOT AUDIT FRAMEWORK STANDARDS/COSO 2013 INTEGRATION Benito Ybarra, Chief Audit and Compliance Officer March 2015 Texas Transportation Commission Training March 2015 Standards/COSO Considerations International Government Auditing

149 views • 13 slides
Content: 1. Principal task in EGS development 2. A methodology: HEX-S code 3. Example: Coso

Content: 1. Principal task in EGS development 2. A methodology: HEX-S code 3. Example: Coso

A Methodology for the Hydro-mechanical Characterisation of EGS reservoirs Session: Reservoir characterisation during stimulation Content: 1. Principal task in EGS development 2. A methodology: HEX-S code 3. Example: Coso geothermal field,

742 views • 25 slides
Committee of Sponsoring Organizations of the Treadway Commission 11/9/2017 1 COSO was organized

Committee of Sponsoring Organizations of the Treadway Commission 11/9/2017 1 COSO was organized

11/9/2017 Committee of Sponsoring Organizations of the Treadway Commission 11/9/2017 1 COSO was organized in 1985 to sponsor the National Commission on Fraudulent Financial Reporting, an independent private-sector initiative that studied the

299 views • 7 slides
VGFOA Fall Conference October 23, 2014 John Montoro, Presenter Brief overview of internal

VGFOA Fall Conference October 23, 2014 John Montoro, Presenter Brief overview of internal

VGFOA Fall Conference October 23, 2014 John Montoro, Presenter Brief overview of internal control components under the new COSO framework Monitoring of Internal Controls What to do? By Whom? How? Team Competition Team

845 views • 56 slides
Play Framework One Web Framework to rule them all Felix Mller Agenda Yet another web

Play Framework One Web Framework to rule them all Felix Mller Agenda Yet another web

Play Framework One Web Framework to rule them all Felix Mller Agenda Yet another web framework? Introduction for Java devs Demo Summary Yet another web framework? Yet another web framework? Why do we need another web framework?

656 views • 31 slides
GCC VAT Framework 6 member state, GCC Framework expected to be released shortly Minimum turnover

GCC VAT Framework 6 member state, GCC Framework expected to be released shortly Minimum turnover

Are you VAT ready ! VAT Readiness Presentation 17 April 2017 This presentation is intended for MCA Clients only, consent should be obtained from MCA prior to further circulation and distribution. GCC VAT Framework 6 member state, GCC Framework

803 views • 24 slides
A Recareering Framework @fuzzing_panda A Recareering Framework 1. Framework a. Recon b.

A Recareering Framework @fuzzing_panda A Recareering Framework 1. Framework a. Recon b.

A Recareering Framework @fuzzing_panda A Recareering Framework 1. Framework a. Recon b. Vulnerability Analysis c. Exploitation 2. Life Hack 3. A word to the wise history | grep -v infosec history | grep -v infosec How did I recareer into

697 views • 21 slides
April 2009 Wes J. Lloyd 1 Framework Invasiveness Coupling between application code and

April 2009 Wes J. Lloyd 1 Framework Invasiveness Coupling between application code and

April 2009 Wes J. Lloyd 1 Framework Invasiveness Coupling between application code and framework code Use of framework functions/methods Use of framework specific data types Implementation of framework interfaces Extension of

605 views • 39 slides
Northeast Conservation h Framework Framework What is it and why do we need it? National LCC

Northeast Conservation h Framework Framework What is it and why do we need it? National LCC

Northeast Conservation h Framework Framework What is it and why do we need it? National LCC Workshop Denver CO Denver CO March 2012 Northeast Conservation Framework Framework History Context Future Future NA Landscape

635 views • 38 slides
A Linear Logical A Linear Logical A Linear Logical Framework Framework Framework Iliano

A Linear Logical A Linear Logical A Linear Logical Framework Framework Framework Iliano

A Linear Logical A Linear Logical A Linear Logical Framework Framework Framework Iliano Cervesato - Frank Pfenning Department of Computer Science Carnegie Mellon University 11 th IEEE Symposium on Logic in Computer Science New

587 views • 30 slides
DPS framework DNSSEC Policy and Practice Statement framework

DPS framework DNSSEC Policy and Practice Statement framework

DPS framework DNSSEC Policy and Practice Statement framework draft-ietf-dnsop-dnssec-dps-framework-01 !"#$" Authors Fredrik Ljunggren, Kirei AB Anne-Marie Eklund Lwinder, .SE Tomofumi Okubo, VeriSign !"#$" Kirei AB 10

236 views • 10 slides
Request Item 4 PRESENTATION Adopt Resolution authorizing the CEO to execute in substantial form

Request Item 4 PRESENTATION Adopt Resolution authorizing the CEO to execute in substantial form

Item 4 PRESENTATION SILICON VALLEY CLEAN ENERGY Renewable Power Standard Procurement Update: Approval of Resolution Authorizing Execution of Coso Geothermal Power Holdings, Renewable Power Purchase Agreement for Geothermal Electricity Monica

326 views • 9 slides
What is the Logical Framework Approach? 1 LFA - DEFINITION The logical framework approach is an

What is the Logical Framework Approach? 1 LFA - DEFINITION The logical framework approach is an

Correspondence on The Logical Framework Approach Developed for SNV PARTNERS 14-18 July 2008 Supported by SNV Zimbabwe Compiled by: What is the Logical Framework Approach? 1 LFA - DEFINITION The logical framework approach is an

653 views • 34 slides
What is the THRIVE Framework for system change? The THRIVE Framework for system change (Wolpert et

What is the THRIVE Framework for system change? The THRIVE Framework for system change (Wolpert et

What is the THRIVE Framework for system change? The THRIVE Framework for system change (Wolpert et al., 2019) is a conceptual framework for children and young peoples mental health and wellbeing developed by a collaboration of authors from the

633 views • 4 slides
the EU framework programme for research and innovation The Multiannual Financial Framework

the EU framework programme for research and innovation The Multiannual Financial Framework

the EU framework programme for research and innovation The Multiannual Financial Framework 2014-2020: Commissions proposals of 29 June 2011 1. Smart & inclusive growth (491bn) Horizon Education, Competitive Connecting Cohesion

639 views • 19 slides
Welcome! NERC 2019 Compliance and Standards Workshop Embassy Suites by Hilton Minneapolis July 23,

Welcome! NERC 2019 Compliance and Standards Workshop Embassy Suites by Hilton Minneapolis July 23,

Welcome! NERC 2019 Compliance and Standards Workshop Embassy Suites by Hilton Minneapolis July 23, 201 9 RELI ABI LI TY | RESI LI ENCE | SECURI TY NERC Antitrust Compliance Guidelines It is NERCs policy and practice to obey the antitrust

1.82k views • 108 slides
Audit Committee Internal Audit Work Plan Recommendation October 6, 2016 John Mickevice

Audit Committee Internal Audit Work Plan Recommendation October 6, 2016 John Mickevice

APS Internal Audit Department Audit Committee Internal Audit Work Plan Recommendation October 6, 2016 John Mickevice Presentation Overview Overview of Internal Audit at APS Risk Assessment Analysis Factors for APS Projects

334 views • 17 slides
Internal Controls Presented by: Patrick Cowen, CPA, CIA, CISA Why Internal Controls? Prevent

Internal Controls Presented by: Patrick Cowen, CPA, CIA, CISA Why Internal Controls? Prevent

Internal Controls Presented by: Patrick Cowen, CPA, CIA, CISA Why Internal Controls? Prevent and Detect Fraud, Waste and Abuse Motive + Opportunity + Justification = Fraud 2 What Are Internal Controls? Internal Control is a process set by

547 views • 42 slides
Internal Control Integrated Framework January 2013 0 Table of Contents Project

Internal Control Integrated Framework January 2013 0 Table of Contents Project

Internal Control Integrated Framework January 2013 0 Table of Contents Project Overview Updates to Internal Control-Integrated Framework Overview of Internal Control over External Financial Reporting: Compendium of

270 views • 23 slides
2019 Risk & Compliance Conference Office of Internal Audit Objectives Introduce Internal

2019 Risk & Compliance Conference Office of Internal Audit Objectives Introduce Internal

April 4, 2019 2019 Risk & Compliance Conference Office of Internal Audit Objectives Introduce Internal Auditing Identify One Control Enhancement Take- away Avoid Being Boring University of Alabama System Office of

848 views • 16 slides
Organization of financial capacities training - Croatian experience Mirna Juri Central

Organization of financial capacities training - Croatian experience Mirna Juri Central

Organization of financial capacities training - Croatian experience Mirna Juri Central Harmonization Unit Ministry of Finance of the Republic of Croatia the Hague, 6 & 7 November 2018 Topics 1. Introduction State Treasury

693 views • 31 slides
Know Your Customers Who Are Your Rotary club Customers ? How Do Rotary clubs Make Money ?

Know Your Customers Who Are Your Rotary club Customers ? How Do Rotary clubs Make Money ?

Know Your Customers Who Are Your Rotary club Customers ? How Do Rotary clubs Make Money ? Defining Customer /Rotary club Participant Rotarians Rotaractors Interactors RYLArians Rotary Youth Exchange students

309 views • 26 slides
IT Updates Maryland Health Benefit Exchange Board Meeting January 26, 2014 Presented by: Kevin

IT Updates Maryland Health Benefit Exchange Board Meeting January 26, 2014 Presented by: Kevin

IT Updates Maryland Health Benefit Exchange Board Meeting January 26, 2014 Presented by: Kevin Yang CIO, MHBE A service of Maryland Health Benefit Exchange Agenda Key Online Enrollment Statistics HIX Program Management Consumer Experience

349 views • 9 slides

More recommend