The Coso Internal Control Framework

1271 WordsDec 9, 20156 Pages
The COSO Internal Control Framework The framework describes internal control as a process designed to provide reasonable assurance regarding the achievement of objectives in the following categories: • Effectiveness and efficiency of operations • Reliability of financial reporting • Compliance with applicable laws and regulations COSO goes on to state that the internal controls of an organization can be depicted graphically using a pyramid (Appendix A). The pyramid is comprised of five different layers representing the overall internal control system. Additionally, COSO depicts the components of internal control as they relate to the organizations objectives listed above (Appendix B). The “control environment” layer represents the foundation of the pyramid. COSO cites the control environment of the organization as the foundation of any internal control structure. The control environment reflects the overall attitude or actions of the board of directors, management, and others concerning the importance of internal controls in the organization. This overall attitude of upper management sends a message to the rest of the organization referred to as the “tone at the top.”For example, if upper management stresses high-quality products, a strong positive message is sent to the organization. This would create a strong internal control environment. On the other hand, if upper management has a reputation of looking the other way regarding policy violations, a negative message is
Open Document