The COSO framework is based around the following main ideas:
The process of internal control is not an end in itself but is only a way of attaining an end.
Controlling the internal working of a company is done by people and must not be seen purely as some forms and manuals comprising of a company's policies.
Internal control only provides maximum assurance and not complete surety that a company's management is working to their full abilities.
Attainment of goals in several similar categories is what the internal control aims for.
According to the Committee of Sponsoring Organizations of the Treadway Commission internal control is defined as the procedure, introduced and put into action by the executives of a company, which is designed to make available reasonable assurance of the attainment of the following ends:
Competence and usefulness of operations
Trustworthiness and dependability of fiscal reporting
Conformity to concerned rules and regulations
The Five Components:
As recognized by the COSO agenda, the process of internal control enterprises of five interconnected parts. These make up for a highly competent framework for investigating and evaluating the system of internal control that is put to use in a business. These components are listed below:
The first of these components is Control Environment. This deals with setting the character of a business and influencing the control awareness of its staff. All components of internal control are based on this as it serves to regulation and organization to a business. The Control environment component further includes the honor, moral values, operating methods of the management, system for assigning authority and the necessary procedures for organizing and developing the staff in a business association.
Next in line is assessment of risks both internally and externally faced by an organization. For this it is important to meet some objectives like the detection and examination of the risks that are most likely to pose a threat to attaining desired objectives. This is the definition of risk assessment.
Another component is Control Activities. These are the rules and regulations which assist in guaranteeing that the orders of the management are satisfactorily transported out. This works in league with risk assessment that the required measures are being taken to achieve the ends of an organization.
Information and communication is a fourth component of internal control in accordance with COSO. Information systems are liable for all news related to the operation and finances etc of a business that helps in its smooth running. This information should also have an open link with external parties in addition to being broadly available through the organization.
The last in the list of these interrelated components is the monitoring of internal controls. It combines with the monitoring of a system's internal control and pointing out any shortage in its quality making sure it is remedied so the system can be improvedImmobilienmakler Heidelberg Makler Heidelberg Schnell, zuverlässig und kompetent
Source by Maria Umar