Coso internal control framework 2017 pdf

Research Paper: COSO Framework

The COSO framework of internal controls is practiced within companies around the world. The objectives of the COSO framework are closely related to its five components. For this week’s activity, please discuss these five components of the COSO framework. Be sure to include each components’ impact on each of the COSO framework objectives. What do you feel an auditor would most be concerned with during an IT audit? Lastly, discuss suggestions for integrating COSO framework compliance into a company in which you are familiar.

Your paper should meet the following requirements:

• Be approximately four to six pages in length, not including the required cover page and reference page.

• Follow APA6 guidelines. Your paper should include an introduction, a body with fully developed content, and a conclusion.

• Support your answers with the readings from the course and at least two scholarly journal articles to support your positions, claims, and observations, in addition to your textbook. The UC Library is a great place to find resources.

• Be clearly and well-written, concise, and logical, using excellent grammar and style techniques. You are being graded in part on the quality of your writing.

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=eb5800fc-c244-4b4d-88b8-038202f12d6b&course_id=… 1/4

%34

%7

SafeAssign Originality Report Spring 2020 - InfoTech Import in Strat Plan (ITS-831-0… • Week 6 Research Paper: COSO Framework

%41Total Score: High risk Vikeshkumar Dipakkumar Desai

Submission UUID: e820677a-7610-9ad7-18b2-99cfcb3c15b2

Total Number of Reports

1 Highest Match

41 % COSO Framework.docx

Average Match

41 % Submitted on

02/16/20 02:54 AM GMT+5:30

Average Word Count

1,404 Highest: COSO Framework.…

%41Attachment 1

Institutional database (8)

Student paper Student paper Student paper

Student paper Student paper Student paper

Student paper Student paper

Internet (3)

squarmilner ijeba protiviti

Top sources (3)

Excluded sources (0)

View Originality Report - Old Design

Word Count: 1,404 COSO Framework.docx

1 2 11

7 4 6

10 3

5 9 8

1 Student paper 2 Student paper 11 Student paper

Running head: COSO FRAMEWORK 1

COSO FRAMEWORK 2

COSO Framework

Name: Vikesh Desai

University of the Cumberland’s

Info Tech Import in Strat Plan (ITS-831-02) Date: February 15, 2020

COSO Framework

In 1985, five largest finance, accounting, and auditing oversight committees in the U.S established the Committee of Sponsoring Organizations (COSO) to patron National Committee on Fraudulent Financial Reporting. The National Committee established a guide to guide tackle internal con- trols, fraud prevention, and enterprise risk, management. This paper focuses on internal controls. The COSO framework expresses internal control as an approach intended to offer practical assurance of objective attainment, including operations efficiency and effectiveness, financial reporting dependability, and pertinent laws and regulations compliance. The COSO framework comprises of five components which affect these objec- tives, the core of internal control. The control environment is the initial constituent. This component encompasses a set of ideals, structures, and processes, offering a footing for the implementation of internal control throughout an organization (Pearlson, Saunders & Galletta, 2019). The board of directors and executives in an organization set the tone with regard to internal control significance in the organization. Senior management reinforces expectations at various organizational levels. Control environment entails organizational ethics and integrity, organizational structure and authority and responsibility assignment, the parameters to empower the board of directors to fulfil its responsibility of governance oversight, and

1

2

2

3

2

4

5

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport?attemptId=eb5800fc-c244-4b4d-88b8-038202f12d6b&course_id=_113940_1&download=true&includeDeleted=true&print=true&force=true
2/17/2020 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=eb5800fc-c244-4b4d-88b8-038202f12d6b&course_id=… 2/4

Source Matches (22)

authority and responsibility assignment, the parameters to empower the board of directors to fulfil its responsibility of governance oversight, and human resource procedures and policies (Pearlson et al., 2019). Control environment is the footing in which an effectual internal control system is built for an organization to function effectually and efficiently, to offer dependable reporting, and conform with all pertinent laws and regulations (Uwadiae, 2015). The right people in the right roles are critical to the success of the control environment component. The second component is risk assessment, which offers a base for establishing how an organization manages risks (Sari, Kosala, Ranti & Supangkat, 2018). Every organization faces various risks, both from internal and external sources. Risk entails the likelihood that an adverse event will take place and will negatively im- pact objective attainment. Risk assessment encompasses an active approach for recognizing and evaluating risks to the success of goals. This com- ponent necessitates management to take into account the effect of probable changes in both external and internal setting and establish actions to manage the impact (Sari et al., 2018). A prerequisite to risk assessment is establishing goals at various organizational levels. An organization stipu- lates goals relating to processes, reporting, and amenability so as to recognize and examine risks to these goals sufficiently. Risk assessment en- ables and organization to effectively identify, analyze, and mitigate risks in the internal process of an organization to facilitate effective and effectual processes, dependable reporting, and complying with all pertinent laws and regulations (Uwadiae, 2015). The third component is control activi- ties. This element comprises actions detailed in procedures, policies, and standards which help an organization to mitigate risks to ensure objective attainment. In simple terms, control activities entail actions for minimization of risks (Janvrin, Payne, Byrnes, Schneider & Curtis, 2012). Control activities are performed at all organizational stages and at different levels of business processes. The need for control activities is established in the process of risk assessment. Control activities are either preventive (actions to deter the occurrence of adverse events) or detective (actions to identi- fy adverse events before they occur) in nature and may entail various manual and automated activities (Janvrin et al., 2012). Control activities en- compass the selection, design, and implementation of control activities that contribute to risk moderation and over the technology environment to achieve the objectives. The better the control activities, the more successful an organization is at achieving the COSO framework objectives. The fourth component is information and communication. Info is needed for an organization to implement responsibilities of internal control to enable the attainment of internal control goals (Pearlson et al., 2019). Management obtains info from both external and internal avenues. Communication, both externally and internally, offers an organization with needed info to implement daily internal control activities, as required to respond to and support the achievement of objectives (Pearlson et al., 2019). Communications allow organizational staff to comprehend obligations of internal con- trol and its significance to the attainment of goals. Information and communication component encompass generation and usage of appropriate, quality info and interior and exterior communication of that information to enable internal control functioning.

6

7

5

7

Having accurate info at the correct time and communicating that information is critical to successful and effectual operations, consistent reporting, and conforming with laws and regulations in this complex business environment (Rae, Sands & Subramaniam, 2017). The fifth and final component is monitoring, which entails ongoing, separate evaluation, or a combination of the two to verify the functioning of the five internal control compo- nents (Rae et al., 2017). Ongoing evaluation is carried out in a real-time basis and is built into the routine operations while separate evaluation is car- ried out periodically. Evaluation findings are examined, and deficiencies communicated. Monitoring addresses how all the five internal control com- ponents are applied and establishes if the internal control is operating efficiently and effectively (Sari et al., 2018). In an IT audit, the auditor would be more concerned about the control activities. According to Hall (2015), IT audit encompasses examination of controls withing IT in- frastructure to establish if controls in place are safeguarding organizational assets and operating effectively to achieve organizational objectives. Control installation is not enough to offer adequate security, but the appropriate installation of effective controls is necessary (Hall, 2015). The audi- tor tests control activities to determine their adequacy and effectiveness. Thus, an auditor in an IT audit would be more concerned about control ac- tivities to determine the ability of the control activities in place to protect organizational information assets and properly communicate information to authorized individuals. Implementing the COSO framework necessitates assessing the five components and the principles against the current in- ternal control system of the organization and adjusting accordingly. This framework is implemented in five stages. The initial phase encompasses plan and scope. In this phase, an implementation team is established, which develops implementation plans and the scope of implementing the framework (Moeller, 2013). The team also evaluated the COSO framework components. The second stage entails assessing and documenting. In this stage, the implementation team assesses the control structure of the organization to determine if it needs COSO framework guidelines. The team also documents existing processes and controls and carries out a gap assessment (Moeller, 2013). The third phase is the implementation of the remediation plan in which the gaps are remediated. The fourth phase entails designing, testing, and reporting of the framework. The fifth and final phase is optimizing the efficacy of the internal controls to ensure that the COSO framework mesh with the organization’s goals and strategies (Moeller, 2013). Also, monitoring is important to ensure the controls remain effective. In conclusion, the COSO framework components lay a footing for comprehensive internal control with an organization through sound management and philosophy, stressing responsibility for control. The risks confronting an organization are recognized and evaluated regularly at all organizational level and control activities put in place to mitigate these risks. Info is vital to risk identification and achieving organizational objectives, and this information is passed down through developed communica- tion avenues in an organization. Monitoring the whole internal control systems essential for it to function effectively and efficiently.

References

Hall, J. A. (2015). Information technology auditing. Cengage Learning. Janvrin, D. J., Payne, E. A., Byrnes, P., Schneider, G. P., & Curtis, M. B. (2012). The updated COSO Internal Control—Integrated Framework: Recommendations and opportunities for future research. Journal of Information

Systems, 26(2), 189-213. Moeller, R. R. (2013). Executive's Guide to COSO Internal Controls: Understanding and Implementing the New Frame- work. John Wiley & Sons. Pearlson, K. E., Saunders, C. S., & Galletta, D. F. (2019). Managing and using information systems: A strategic approach. John Wiley & Sons. Rae, K., Sands, J., & Subramaniam, N. (2017). Associations among the five components within COSO inter- nal control-integrated framework as the underpinning of quality corporate governance. Australasian Accounting, Business and Finance Journal, 11(1), 28-54. Sari, R., Kosala, R., Ranti, B., & Supangkat, S. H. (2018, October). COSO Framework for Warehouse Management Internal Control Evaluation: Enabling Smart Warehouse Systems. In 2018 International Conference on ICT for Smart Society (ICISS) (pp. 1-5). IEEE. Uwadiae, O. (2015).

COSO–An Approach to Internal Control Framework. Delloite, Retrieved from https://www2.deloitte.com/ng/en/pages/audit/articles/financial-re- porting/coso-an-approach-to-internal-control-framework.html

1

4

8 9

1 1 10 1 1

1

11

2/17/2020 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=eb5800fc-c244-4b4d-88b8-038202f12d6b&course_id=… 3/4

Student paper 100%

Student paper 100%

Student paper 100%

Student paper 100%

Student paper 63%

Student paper 66%

squarmilner 76%

Student paper 81%

Student paper 97%

squarmilner 72%

Student paper 77%

Student paper 69%

Student paper 69%

protiviti 89%

ijeba 100%

Student paper 100%

1

Student paper

COSO FRAMEWORK 1

Original source

COSO FRAMEWORK 1

2

Student paper

COSO FRAMEWORK 2

Original source

coso framework 2

2

Student paper

University of the Cumberland’s

Original source

University of Cumberland’s

3

Student paper

February 15, 2020

Original source

February 15, 2020

2

Student paper

In 1985, five largest finance, account- ing, and auditing oversight commit- tees in the U.S established the Com- mittee of Sponsoring Organizations (COSO) to patron National Commit- tee on Fraudulent Financial Reporting.

Original source

Components of the COSO Frame- work The Committee of Sponsoring Organizations of the Treadway Com- mission (COSO) was founded in 1985 by five United States’ largest finance, auditing, and accounting oversight committees

4

Student paper

The COSO framework comprises of five components which affect these objectives, the core of internal control.

Original source

COSO Framework for Internal Con- trols comprises of five components

5

Student paper

Senior management reinforces ex- pectations at various organizational levels.

Original source

Management reinforces expecta- tions at the various levels of the organization

6

Student paper

Every organization faces various risks, both from internal and exter- nal sources.

Original source

Every organization encounters risks from both internal and external sources

7

Student paper

The third component is control activities.

Original source

The third component is to control activities

5

Student paper

Control activities are performed at all organizational stages and at dif- ferent levels of business processes.

Original source

Control activities are performed at all levels of the entity, at various stages within business processes, and over the technology environment

7

Student paper

The fourth component is informa- tion and communication.

Original source

The fourth component is informa- tion and communications

1

Student paper

In an IT audit, the auditor would be more concerned about the control activities.

Original source

Auditor would most be concerned during an IT audit

4

Student paper

The team also evaluated the COSO framework components.

Original source

COSO FRAMEWORK - COMPONENTS

8

Student paper

The updated COSO Internal Control —Integrated Framework:

Original source

The Updated COSO Internal Control Framework

9

Student paper

Executive's Guide to COSO Internal Controls:

Original source

Executive’s Guide to COSO Internal Controls

1

Student paper

John Wiley & Sons.

Original source

John Wiley & Sons

2/17/2020 Originality Report

https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=eb5800fc-c244-4b4d-88b8-038202f12d6b&course_id=… 4/4

Student paper 100%

Student paper 100%

Student paper 100%

Student paper 100%

Student paper 100%

Student paper 96%

1

Student paper

E., Saunders, C. S., & Galletta, D.

Original source

E., Saunders, C S., & Galletta, D

10

Student paper

Managing and using information systems:

Original source

Managing and using information systems

1

Student paper

A strategic approach. John Wiley & Sons. Rae, K., Sands, J., & Subramani- am, N.

Original source

a strategic approach John Wiley & Sons Rae, K., Sands, J., & Subramani- am, N

1

Student paper

Associations among the five compo- nents within COSO internal control- integrated framework as the under- pinning of quality corporate gover- nance. Australasian Accounting, Business and Finance Journal, 11(1), 28-54. Sari, R., Kosala, R., Ranti, B., & Supangkat, S.

Original source

Associations among the five compo- nents within COSO internal control integrated framework as the under- pinning of quality corporate gover- nance Australasian Accounting, Busi- ness and Finance Journal, 11(1), 28- 54 Sari, R., Kosala, R., Ranti, B., & Su- pangkat, S

1

Student paper

COSO Framework for Warehouse Management Internal Control Evalu- ation: Enabling Smart Warehouse Systems. In 2018 International Con- ference on ICT for Smart Society (ICISS) (pp.

Original source

COSO Framework for Warehouse Management Internal Control Evalu- ation Enabling Smart Warehouse Systems In 2018 International Con- ference on ICT for Smart Society (ICISS) (pp

11

Student paper

COSO–An Approach to Internal Con- trol Framework. Delloite, Retrieved from https://www2.deloitte.com/ng/en/pa ges/audit/articles/financial-report- ing/coso-an-approach-to-internal- control-framework.html

Original source

COSO - An Approach to Internal Con- trol Framework https://www2.de- loitte.com/ng/en/pages/audit/arti- cles/financial-reporting/coso-an-ap- proach-to-internal-control- framework.html