Transitioning to the COSO 2013 Update.  Released on May 14, 2013  Designed to build upon the foundation of the 1992 Framework  Will supersede the 1992.

Slides:



Advertisements
Similar presentations
Internal Control Integrated Framework
Advertisements

Internal Control–Integrated Framework
Federal Audit Executive Council (FAEC) June 2012 Bi-Monthly Meeting Heather I. Keister Doris G. Yanger June 14, 2012 Green Book Update.
Chapter 10 Accounting Information Systems and Internal Controls
Development of internal control: methodology and responsibility
Internal Control.
Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.
Government Auditing Standards
Office of the Secretary of Defense – Comptroller Financial Improvement and Audit Readiness Directorate Unclassified 17 September 2014 GAO Revised “Green.
What’s New in Government Internal Control Standards?
INTERNAL CONTROL. INTERNAL CONTROL DEFINED  INTERNAL CONTROL IS A PROCESS - EFFECTED BY AN ENTITY'S BOARD OF DIRECTORS, MANAGEMENT, AND OTHER PERSONNEL.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Expanded Version of COSO a presentation by Steve Wadleigh Expanded Version of COSO a presentation by Steve Wadleigh Standards for Internal Control in the.
Auditing A Risk-Based Approach To Conducting A Quality Audit
18- 1 © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. Chapter 18 Integrated Audits of Internal Control (For Public Companies Under Sarbanes-Oxley.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Sarbanes-Oxley Project Summary of COSO Framework Presented by Larry Dillehay & Scott Reitan Parkfield Group LLC.
INTERNAL CONTROL OVER FINANCIAL REPORTING
COSO Framework Update IIA Columbus Chapter May 17, 2013
Chicagoland IASA Spring Conference
Internal Auditing and Outsourcing
Internal Control and Control Self-Assessment
Central Piedmont Community College Internal Audit.
D-1 McGraw-Hill/Irwin ©2005 by the McGraw-Hill Companies, Inc. All rights reserved. Module D Internal, Governmental, and Fraud Audits “I predict that audit.
An Accountant’s Look at the Changing Horizons within SOX 404 Presented to Colorado Bar Association’s Securities Law Group Presented by Bill Evert Hein.
New Auditing Standards Laurie Ball, CPA Swenson Advisors, LLP (Murrieta) Audit Director Accounting Day May 12, 2008.
Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
INTERNAL CONTROL OVER FINANCIAL REPORTING
Implementation Issues of Sarbanes-Oxley CASE Presentation September 23, 2004 By Denise Farnan.
Chapter Three IT Risks and Controls.
Internal controls. Session objectives Define Internal Controls To understand components of Internal Controls, control environment and types of controls.
Chapter 5 Internal Control over Financial Reporting
Monitoring Internal Control Systems Johann Rieser Senior Auditor, Ministry of Finance, Vienna.
Introduction In 1992, the Committee Of Sponsoring Organizations of the Treadway Commission (COSO) published Internal Control-Integrated Framework (1992.
Internal Control in a Financial Statement Audit
Learning Objectives LO5 Illustrate how business risk analysis is used to assess the risk of material misstatement at the financial statement level and.
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
5-1 McGraw-Hill/Irwin ©2007 by the McGraw-Hill Companies, Inc. All rights reserved. Chapter 5 Internal Control Evaluation: Assessing Control Risk.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
Chapter 9: Introduction to Internal Control Systems
An Update of COSO’s Internal Control–Integrated Framework
A Guide for Management. Overview Benefits of entity-level controls Nature of entity-level controls Types of entity-level controls, control objectives,
Internal Control Systems
S5: Internal controls. What is Internal Control Internal control is a process Internal control is a process Internal control is effected by people Internal.
International Security Management Standards. BS ISO/IEC 17799:2005 BS ISO/IEC 27001:2005 First edition – ISO/IEC 17799:2000 Second edition ISO/IEC 17799:2005.
Internal Control Chapter 7. McGraw-Hill/Irwin © 2006 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition.
Control and Security Frameworks Chapter Three Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc
Chapter 5 Evaluating the Integrity and Effectiveness of the Client’s Control Systems.
#327 – Legal and Regulatory Risk: Silent and Possibly Deadly Deborah Frazer, CPA CISA CISSP Senior Director, Internal Audit PalmSource, Inc.
AUDIT STAFF TRAINING WORKSHOP 13 TH – 14 TH NOVEMBER 2014, HILTON HOTEL NAIROBI AUDIT PLANNING 1.
Internal Control. McGraw-Hill/Irwin © 2004 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition A process...designed.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.
Internal Control Chapter 7. McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, Inc., All Rights Reserved. 7-2 Summary of Internal Control Definition.
Modern Auditing: Assurance Services and the Integrity of Financial Reporting, 8th Edition William C. Boynton California Polytechnic State University at.
PEM PAL IA COP Internal Control Working Group COSO Principles
Internal control objectives
Office of Internal Audits
A Framework for Control
Building the Foundation of Compliance
Internal Control–Integrated Framework
Building the Foundation of Compliance
COSO Internal Control s Framework
Internal control - the IA perspective
Internal Controls Policies and Procedures
An Update of COSO’s Internal Control–Integrated Framework
An overview of Internal Controls Structure & Mechanism
Presentation transcript:

Transitioning to the COSO 2013 Update

 Released on May 14, 2013  Designed to build upon the foundation of the 1992 Framework  Will supersede the 1992 Framework after December 15, 2014

 Changes in technology since 1992  Changes in the nature of governance  Changes in organizational relationships and structures  Clarifies impact of judgment on internal control  Changes in reporting requirements and regulation  The need to integrate other areas of COSO guidance issued since 1992 (e.g., ERM, ICFR for Small Business)

 A principles-based guideline for the development of an organization’s internal control structure  A systematic approach to the evaluation of internal controls  A collection of examples and scenarios helpful in understanding and designing internal controls  A workable structure (Framework) useful as the foundational basis of assigning responsibility, authority and accountability throughout an organization for the achievement of objectives

 A checklist

"COSO recognizes that checklists offer structure, but they should not replace an assessment that considers the unique objectives and risks of an organization." Larry Rittenberg, Chair Emeritus of COSO - COSO Internal Control – Integrated Framework, Turning Principles into Positive Action

 A checklist  A system of regulatory requirements

SEC Chief Accountant Paul Beswick in a 2013 speech to the Center for Audit Quality's SEC Regulations Committee, stated: The "SEC staff plans to monitor the transition for issuers using the 1992 framework to evaluate whether and if any staff or Commission actions become necessary or appropriate at some point in the future. However, at this time, I'll simply refer users of the COSO framework to the statements COSO has made about their new framework and their thoughts about transition." Compliance Week, SEC Drops New Hint: Update to New COSO Framework, November 12, 2013

 A checklist  A system of regulatory requirements  A prescriptive system of “do’s” and “don’ts”

"While the framework remains the foundation for internal control, COSO recognized that as organizations had to adapt to changes in the environment, globalization, interaction, and communication, control activities should be amenable to those changes.... The framework stops short of specifying the exact control activities that should be implemented by an organization but says that controls should be adequate to address risks.“ Larry Rittenberg, Chair Emeritus of COSO - COSO Internal Control – Integrated Framework, Turning Principles into Positive Action

 A checklist  A system of regulatory requirements  A prescriptive system of “do’s” and “don’ts”  Limited to Internal Control Over Financial Reporting (“ICFR”)

 The internal control framework should be conceptual and amenable to changes that occur over time  Internal control is a process designed to support the achievement of an organization's objectives  Internal control applies equally to compliance activities and to operations, not just financial reporting objectives  The responsibility for effective implementation of internal control resides with everyone in the organization, not just the finance function

 The definition of internal control as: "A process, affected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: effectiveness and efficiencies of operations, reliability of reporting, compliance with applicable laws and regulations."  The five components of internal control  The use of judgment in evaluating the effectiveness of internal control

 Expands scope of reporting objectives and related principles  Emphasis on the relationship between risk assessment, internal control and the achievement of objectives  Emphasis on the integrated nature of internal control  Defines principles key to designing, implementing and evaluating internal control  Expands emphasis on operational and compliance controls  Updates guidance on controls related to Technology, organizational relationships and controls monitoring  Includes considerations related to outsourced service providers (OSPs)

 Explicitly addresses fraud risk  Fundamental concepts introduced in the 1992 framework specifically defined into 17 principles  Includes 87 points of focus related to the 17 principles, and representing specific characteristics of those principles

1)Integrity and Ethical Values 2)Independence and Oversight 3)Authority and Responsibility 4)Competency 5)Accountability 1)Clearly Defined Objectives 2)Risk Identification and Analysis 3)Fraud Risk Assessment 4)Changes to Controls Identified and Assessed 1)Risks Mitigated with Controls 2)Technology Controls Support Objectives 3)Policies and Procedures 1)Quality Information Supporting Internal Control 2)Internally Communicates Information to Support Internal Control 3)Externally Communicates about Internal Control 1)Internal Control Evaluated 2)Control Deficiencies Communicated to Responsible Parties

ICFR – only one part of one of the three areas of internal control

 Internal control structure must address all three areas of internal control in an integrated fashion  All five components must be present and functioning in an integrated fashion  All seventeen principles must be identified as present and functioning toward the achievement of objectives  Objectives must be defined, communicated and supported with internal controls  Internal control structure and responsibility must be communicated through policies that set standards and procedures that define activities

 Adoption of updated Framework  Evaluation of current structure  Modification of structure, as needed  Documentation  Disclosure

 Evaluation of internal control structure  Evaluation of existing documentation  Documentation of policies and procedures, wherever none existed  Identification and documentation of objectives  Linking of objectives to policies and procedures, control standards and internal controls  Evaluation of current test plans, revising as needed  Implementation of eGRC platform

 COSO  The Institute of Internal Auditors  American Institute of CPAs  American Accounting Association  Financial Executives International  Institute of Management Accountants

 COSO Internal Control – Integrated Framework, Executive Summary (free download from COSO website)  COSO Internal Control – Integrated Framework, Turning Principles Into Positive Action, Larry Rittenberg, PhD, CIA, CPA (available from the IIA)  The Updated COSO Internal Control Framework, Frequently Asked Questions, 3 rd Edition, Protiviti

Tim Staggs