Archive for the ‘Documents’ Category
COSO Resources
Committee of Sponsoring Organizations
http://www.coso.org/resources.htm
Attached is an interesting document about COSO
THE FIVE KEY COMPONENTS OF INTERNAL CONTROL
COSO’s report outlines 26 fundamental principles associated with the five key components of internal control:
1) control environment,
2) risk assessment,
3) control activities,
4) information and communication, and
5) monitoring.
The report systematically defines the principles associated with each of these components, examines their attributes, lists a variety of approaches that smaller companies can take to achieve them, and includes real-world examples of effective ways to evidence their effectiveness.
CONTROL ENVIRONMENT
Because the control environment represents an organization’s first line of defense to mitigate the risks of financial reporting errors, a strong tone at the top plays a pivotal role. Research continues to prove that companies perform better and last longer when top management makes a commitment to strong internal control and clearly conveys this through their actions. COSO discovered that, while a commitment to a board of directors with outside members helps mitigate the risk of management override, smaller companies often don’t add qualified, outside personnel to their board. Why? The report asserts that dominating shareholders are often reluctant to share control with or be challenged by other parties. COSO believes that the advantages of having effective outside board members generally exceed the additional expense of directors’ and officers’ liability insurance, and this can significantly add to the long-term value of the company. COSO also recommends that the audit committee primarily be composed of independent board members. The most efficient and cost-effective way to implement and assess internal control over financial reporting is to build control-consciousness throughout the organization’s culture.
RISK ASSESSMENT
According to COSO, the major principles related to the achievement of control objectives at the risk assessment level are
1) the importance of financial reporting objectives;
2) the identification and analysis of financial reporting risks; and
3) the assessment of fraud risk.
Although smaller companies are more likely to have a more informal, less structured risk assessment process, the basic concepts of this internal control component should exist in every organization.
CONTROL ACTIVITIES
Control activities occur throughout the organization, at all levels and in all functions. In smaller businesses, control activities reflect their organizational characteristics, which include greater concentration of decision-making authority, wider spans of control, and shorter channels of communication. Smaller companies can provide controls to mitigate risks through a combination of methods, including oversight controls applied by management, segregation of duties, and independent reconciliations. Smaller businesses also can prepare and maintain a level of documentation that allows for the effective transition of job responsibilities, policies, and procedures.
INFORMATION AND COMMUNICATION
Regardless of size, all businesses must identify, capture, and communicate pertinent information in a form and timeframe that enables people to carry out their responsibilities. Building sound management practices into information and communication processes affordably puts internal control over financial reporting in place. Information systems and internal communication in smaller organizations are likely to be less formal than in large ones, but they play equally significant roles. The use of information technology can help small businesses standardize controls. Also, their information systems typically will identify and report on relevant external events, activities, and conditions. And, thanks to the greater visibility and availability of their CEO, smaller businesses may more easily achieve effective internal communication than larger businesses.
MONITORING
Effective monitoring comprises 1) ongoing monitoring, 2) separate evaluations, and 3) reporting deficiencies. As a key component of the small-business control structure, monitoring confirms that all five components are in place, properly designed, and functioning effectively. Smaller businesses can reduce the cost and effort of monitoring by building it into processes. Ongoing monitoring activities of smaller companies are more likely to be hands-on and involve the CEO and other key managers. Furthermore, highly effective ongoing monitoring activities may offset the lack of separate evaluations of internal control systems commonly found in smaller businesses. Smaller businesses also can take advantage of the ease of communicating “red flags” to the right person.
COSO’S PRINCIPLES OF INTERNAL CONTROL
1. Integrity and Ethical Values
2. Importance of Board of Directors
3. Management’s Philosophy and Operating Style
4. Organizational Structure
5. Commitment to Financial Reporting Competencies
6. Authority and Responsibility
7. Human Resources
8. Importance of Financial Reporting Objectives
9. Identification and Analysis of Financial Reporting Risks
10. Assessment of Fraud Risk
11. Elements of a Control Activity
12. Control Activities Linked to Risk Assessment
13. Selection and Development of Control Activities
14. Information Technology
15. Information Needs
16. Information Control
17. Management Communication
18. Upstream Communication
19. Board Communication
20. Communication with Outside Parties
21. Ongoing Monitoring
22. Separate Evaluations
23. Reporting Deficiencies
24. Management Roles
25. Board and Audit Committees
26. Other Personnel
References
The Institute of Internal Auditors
Communications & PR
Sarbanes Oxley
It is my understanding that we are supposed to bring a copy of Sarbanes Oxley to class. It is 66 pages long and not very fun to read.
MGT 521 – Week 5 Learning Team Log
I will create the team log for this week and upload it to this post for review.
MGT 521 – Week 4 Learning Team Log
According to the instructor there is no log required for this week.
