Presentation is loading. Please wait.

Presentation is loading. Please wait.

Transitioning to the COSO 2013 Update.  Released on May 14, 2013  Designed to build upon the foundation of the 1992 Framework  Will supersede the 1992.

Similar presentations


Presentation on theme: "Transitioning to the COSO 2013 Update.  Released on May 14, 2013  Designed to build upon the foundation of the 1992 Framework  Will supersede the 1992."— Presentation transcript:

1 Transitioning to the COSO 2013 Update

2  Released on May 14, 2013  Designed to build upon the foundation of the 1992 Framework  Will supersede the 1992 Framework after December 15, 2014

3  Changes in technology since 1992  Changes in the nature of governance  Changes in organizational relationships and structures  Clarifies impact of judgment on internal control  Changes in reporting requirements and regulation  The need to integrate other areas of COSO guidance issued since 1992 (e.g., ERM, ICFR for Small Business)

4  A principles-based guideline for the development of an organization’s internal control structure  A systematic approach to the evaluation of internal controls  A collection of examples and scenarios helpful in understanding and designing internal controls  A workable structure (Framework) useful as the foundational basis of assigning responsibility, authority and accountability throughout an organization for the achievement of objectives

5  A checklist

6 "COSO recognizes that checklists offer structure, but they should not replace an assessment that considers the unique objectives and risks of an organization." Larry Rittenberg, Chair Emeritus of COSO - COSO Internal Control – Integrated Framework, Turning Principles into Positive Action

7  A checklist  A system of regulatory requirements

8 SEC Chief Accountant Paul Beswick in a 2013 speech to the Center for Audit Quality's SEC Regulations Committee, stated: The "SEC staff plans to monitor the transition for issuers using the 1992 framework to evaluate whether and if any staff or Commission actions become necessary or appropriate at some point in the future. However, at this time, I'll simply refer users of the COSO framework to the statements COSO has made about their new framework and their thoughts about transition." Compliance Week, SEC Drops New Hint: Update to New COSO Framework, November 12, 2013

9  A checklist  A system of regulatory requirements  A prescriptive system of “do’s” and “don’ts”

10 "While the framework remains the foundation for internal control, COSO recognized that as organizations had to adapt to changes in the environment, globalization, interaction, and communication, control activities should be amenable to those changes.... The framework stops short of specifying the exact control activities that should be implemented by an organization but says that controls should be adequate to address risks.“ Larry Rittenberg, Chair Emeritus of COSO - COSO Internal Control – Integrated Framework, Turning Principles into Positive Action

11  A checklist  A system of regulatory requirements  A prescriptive system of “do’s” and “don’ts”  Limited to Internal Control Over Financial Reporting (“ICFR”)

12  The internal control framework should be conceptual and amenable to changes that occur over time  Internal control is a process designed to support the achievement of an organization's objectives  Internal control applies equally to compliance activities and to operations, not just financial reporting objectives  The responsibility for effective implementation of internal control resides with everyone in the organization, not just the finance function

13  The definition of internal control as: "A process, affected by an entity's board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories: effectiveness and efficiencies of operations, reliability of reporting, compliance with applicable laws and regulations."  The five components of internal control  The use of judgment in evaluating the effectiveness of internal control

14  Expands scope of reporting objectives and related principles  Emphasis on the relationship between risk assessment, internal control and the achievement of objectives  Emphasis on the integrated nature of internal control  Defines principles key to designing, implementing and evaluating internal control  Expands emphasis on operational and compliance controls  Updates guidance on controls related to Technology, organizational relationships and controls monitoring  Includes considerations related to outsourced service providers (OSPs)

15  Explicitly addresses fraud risk  Fundamental concepts introduced in the 1992 framework specifically defined into 17 principles  Includes 87 points of focus related to the 17 principles, and representing specific characteristics of those principles

16 1)Integrity and Ethical Values 2)Independence and Oversight 3)Authority and Responsibility 4)Competency 5)Accountability 1)Clearly Defined Objectives 2)Risk Identification and Analysis 3)Fraud Risk Assessment 4)Changes to Controls Identified and Assessed 1)Risks Mitigated with Controls 2)Technology Controls Support Objectives 3)Policies and Procedures 1)Quality Information Supporting Internal Control 2)Internally Communicates Information to Support Internal Control 3)Externally Communicates about Internal Control 1)Internal Control Evaluated 2)Control Deficiencies Communicated to Responsible Parties

17 ICFR – only one part of one of the three areas of internal control

18  Internal control structure must address all three areas of internal control in an integrated fashion  All five components must be present and functioning in an integrated fashion  All seventeen principles must be identified as present and functioning toward the achievement of objectives  Objectives must be defined, communicated and supported with internal controls  Internal control structure and responsibility must be communicated through policies that set standards and procedures that define activities

19  Adoption of updated Framework  Evaluation of current structure  Modification of structure, as needed  Documentation  Disclosure

20  Evaluation of internal control structure  Evaluation of existing documentation  Documentation of policies and procedures, wherever none existed  Identification and documentation of objectives  Linking of objectives to policies and procedures, control standards and internal controls  Evaluation of current test plans, revising as needed  Implementation of eGRC platform

21  COSO www.COSO.orgwww.COSO.org  The Institute of Internal Auditors www.theiia.org www.theiia.org  American Institute of CPAs www.aicpa.orgwww.aicpa.org  American Accounting Association www.aaahq.org www.aaahq.org  Financial Executives International www.financialexecutives.org www.financialexecutives.org  Institute of Management Accountants www.imanet.org www.imanet.org

22  COSO Internal Control – Integrated Framework, Executive Summary (free download from COSO website)  COSO Internal Control – Integrated Framework, Turning Principles Into Positive Action, Larry Rittenberg, PhD, CIA, CPA (available from the IIA)  The Updated COSO Internal Control Framework, Frequently Asked Questions, 3 rd Edition, Protiviti

23 Tim Staggs tstaggs@healthcarerealty.com


Download ppt "Transitioning to the COSO 2013 Update.  Released on May 14, 2013  Designed to build upon the foundation of the 1992 Framework  Will supersede the 1992."

Similar presentations


Ads by Google