Scribd
Upload
300 views

COSO Framework Components and Related Principles: Exhibit

The document outlines the components and principles of the COSO framework for internal control. The five components are control environment, risk assessment, control activities, information and communication, and monitoring. Some key principles include establishing integrity and ethical values, oversight by the board of directors, identifying and analyzing financial reporting risks, selecting control activities considering their effectiveness and cost, ongoing monitoring processes, and management exercising responsibility for internal control over financial reporting.

Uploaded by

Rajat Mathur
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
300 views

COSO Framework Components and Related Principles: Exhibit

The document outlines the components and principles of the COSO framework for internal control. The five components are control environment, risk assessment, control activities, information and communication, and monitoring. Some key principles include establishing integrity and ethical values, oversight by the board of directors, identifying and analyzing financial reporting risks, selecting control activities considering their effectiveness and cost, ongoing monitoring processes, and management exercising responsibility for internal control over financial reporting.

Uploaded by

Rajat Mathur
Copyright
© Attribution Non-Commercial (BY-NC)
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

EXHIBIT COSO Framework Components and Related Principles

Component Control Environment Principle 1. Integrity and ethical values. Sound integrity and ethical values, particularly of top management, are developed and set the standard of conduct for financial reporting. 2. Importance of board of directors. The board of directors understands and exercises oversight responsibility related to financial reporting and related internal control. 3. Managements philosophy and operating style. Managements philosophy and operating style support achieving effective internal control over financial reporting. 4. Organizational structure. The companys organizational structure supports effective internal control over financial reporting. 5. Commitment to financial reporting competencies. The company retains individuals competent in financial reporting and related oversight roles. 6. Authority and responsibility. Management and employees are assigned appropriate levels of authority and responsibility to facilitate effective internal control over financial reporting. 7. Human resources. Human resource policies and practices are designed and implemented to facilitate effective internal control over financial reporting. 8. Importance of financial reporting objectives. A precondition to risk assessment is the establishment of objectives for reliable financial reporting. 9. Identification and analysis of financial reporting risks. The company identifies and analyzes risks to the achievement of financial reporting objectives as a basis for determining how the risks should be managed. 10. Assessment of fraud risk. The potential for material misstatement due to fraud is explicitly considered in assessing risks to the achievement of financial reporting objectives. 11. Elements of a control activity. Policies and procedures that enable management directives to be carried out are established and communicated throughout the company, at all levels and across all functions. 12. Control activities linked to risk assessment. Actions are taken to address risks to the achievement of financial reporting objectives. 13. Selection and development of control activities. Control activities are selected and developed considering their cost and their potential effectiveness in mitigating risks to the achievement of financial reporting objectives. 14. Information technology. Information technology controls, where applicable, are designed and implemented to support achievement of financial reporting objectives. 15. Information needs. Information is identified, captured, and used at all levels of a company to support the achievement of financial reporting objectives. 16. Information control. Information relevant to financial reporting is identified, captured, processed, and distributed within the parameters established by the companys control processes to support the achievement of financial reporting objectives. 17. Management communication. All personnel, particularly those in roles affecting financial reporting, receive a clear message from top management that both internal control over financial reporting and individual control responsibilities must be taken seriously. 18. Upstream communication. Company personnel have an effective and nonretributive method to communicate significant information upstream in a company. 19. Board communication. Communication exists between management and the board of directors so that both have relevant information to fulfill their roles with respect to governance and financial reporting objectives. 20. Communication with outside parties. Matters affecting the achievement of financial reporting objectives are communicated with outside parties. 21. Ongoing monitoring. Ongoing monitoring processes enable management to determine whether internal control over financial reporting is present and functioning. 22. Separate evaluations. Separate evaluations of all five internal control components enable management to determine the effectiveness of internal control over financial reporting. 23. Reporting deficiencies. Internal control deficiencies are identified and communicated in a timely manner to those parties responsible for taking corrective action, and to management and the board as appropriate. 24. Management roles. Management exercises responsibility and ownership for internal control over financial reporting. 25. Board and audit committees. The board of directors performs its oversight responsibilities relating to the achievement of effective internal control over financial reporting. 26. Other personnel. All company staff accept responsibility for actions that directly or indirectly impact financial reporting.

Risk Assessment

Control Activities

Information and Communication

Monitoring

Roles and Responsibilities

You might also like