#91 | COSO 2013 Part 1 – Framework Overview
This is part 1 of the three-part guide about COSO 2013. To make it easier, you will first learn about the overview of the COSO framework. Then the next steps will be about the mapping template and mapping process.
The following sections will be covered in part 1:
- What is COSO?
- Difference between COSO 1990s and 2013
- COSO 2013 Components and Principles
- COSO 2013 Points of Focus
I suggest you watch the video. It’s easier to understand if you are a visual/audio learner. The content below is the same as the video. It’s for those who learn by reading.
What is COSO?
COSO stands for Committee of Sponsoring Organizations. It created an internal controls framework in response to the savings and loan scandal eons ago (1990s).
When Sarbanes-Oxley (SOX) became a law, it required that a company adopt credible internal controls framework. Someone dug out the COSO framework and 99.9% of public companies have adopted it.
In 2013, COSO updated its framework and called it COSO 2013.
Due to this change, public companies have until 2015 to adopt COSO 2013. Most companies, who are going public today, will adopt COSO 2013. It means that the SOX team must explain or document how the company is meeting COSO 2013 requirements.
The framework was updated in 2013 to address changes in the business, operating, and regulatory environment since its original issuance. The 5 main components of the original model remain the same, but there are now 17 principles underlying the 5 components.
What is the difference between 1990s and 2013?
To have a clearer picture of what the framework was in the 1990s versus now, here’s a table showing the differences.
COSO 2013 Components and Principles
To achieve effective internal control, the following should be met:
- Each of the 5 components and 17 principles must be present and functioning.
- The 5 components must operate together in an integrated manner.
COSO 2013 Points of Focus
After learning about the 17 principles in COSO 2013, there’s also what we call Points of Focus.
- Each of the 17 Principles is supported by 4 to 6 Points of Focus (POF).
- Each POF is intended to help a company design, implement, conduct, and assess whether the principles are present and functioning.
- Companies are required to show that each of the 17 Principles is addressed, but NOT all Points of Focus are present and functioning.
Summary
You can easily go back to the sections of this tutorial by clicking on the links below.
- What is COSO?
- Difference between COSO 1990s and 2013
- COSO 2013 Components and Principles
- COSO 2013 Points of Focus
Interested in part 2 of this blog series? Go to COSO 2013 Mapping Template.
Leave a Reply