COSO 2013 Control Activity

It’s been more than 20 years since the Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its Internal Control—Integrated Framework (the original framework). The new framework will become effective in December 2014. Professionals must first obtain a basic understanding of the concepts, principles and potential impact, including changes from the 1992 framework and the key COSO components and related principles.

COSO 2013 maintains the same five components previously identified within the 1992 framework.  These include:

• Control Environment
• Risk Assessment
• Control Activities
• Information & Communication
• Monitoring

This course is designed to focus on the Control Activity component and the three separate principles that support this component. 

Control Activity is named as the third component within COSO 2013. Control Activities are actions defined through policies and procedures that help ensure management directives to mitigate risks to the achievement of objectives are carried out.  Control activities are performed at all levels of the organization and at various stages of business processes and technology. 

• The organization selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to acceptable levels.         
• The organization selects and develops general control activities over technology to support the achievement of objectives.     
• The organization deploys control activities through policies that establish what is expected and procedures that put policies into place.

Management and the external auditors must understand each of these principles and be able to adequately support that they exist, are appropriately designed and functioning.  In addition, the components must effectively work in combination to provide for a positive attestation to internal controls.

The course dissects the three principles and important concepts that companies need to understand and support in order to provide that the principles are in place and functioning.  We also discuss concepts related to mapping the principles to controls within the organization.

“Citations of information on the COSO framework, principles and points of focus mentioned through this course are directly worded from the COSO literature and relayed here with the permission of COSO.org as a training mechanism related to their framework. The full document of the Framework can be found at COSO.org”