Committee of Sponsoring Organizations of the Treadway Commission
The COSO ( Committee of Sponsoring Organizations of the Treadway Commission ) is a voluntary private-sector organization in the U.S., which should help, effective internal controls and good corporate governance to improve financial reporting by ethical behavior qualitatively.
COSO was formed as a platform for the " National Commission on Fraudulent Financial Reporting " ( Treadway Commission ) in 1985 and is supported by the five major U.S. organizations for control in the finance and accounting: IIA, AICPA, FEI, IMA and AAA.
The COSO model (1992/ 94) (COSO I)
COSO 1992, a day recognized by the SEC standard for internal controls, the COSO model published. This control model is used for documentation, analysis and design of the internal control system, it is divided into three areas:
- Operational risks
- Financial reporting
- Compliance
Special recognition has the COSO internal control system model found by the U.S. regulations, according to which listed companies to their accounting-related ICS annually review and report here as well as of a certain size have to examine the system by the auditor ( Sarbanes -Oxley Act ).
The components of the internal control system according to the COSO model are:
- Control environment
- Risk assessment
- Control activities
- Information and Communication
- Monitoring
The COSO ERM Framework ( 2004) ( COSO II)
In 2004, COSO issued an amendment to its original model, the COSO ERM - Enterprise Risk Management Framework published. The COSO ERM adds additional elements:
- Internal control environment
- Objective
- Event ID
- Risk assessment
- Risk response
- Control activities
- Information and Communication
- Monitoring
The COSO Guidance on internal control over financial reporting for smaller public companies (2006)
The published in July 2006 Guide ( German summary; PDF; 376 kB) complements the COSO Internal Control framework model of 1994, to facilitate its application, in particular for small and medium businesses.
The guide describes 20 basic principles and a process, consisting of the components of the COSO control model.
- Control environment Integrity and ethical values
- Management
- Management philosophy and style
- Organizational structure
- Financial Reporting Competencies
- Authority and Responsibility
- Staffing
- Objectives of financial reporting
- Financial reporting risks
- Risk of criminal acts
- Integration with risk management
- Selection and implementation of control activities
- Regulations and procedures
- Information Technology
- Information for financial reporting
- Information on Internal Controls
- Internal Communication
- External Communications
- Ongoing and Separate Evaluations
- Weaknesses of the reporting
Other control models
CoCo was published in 1995 of the CICA as a more management-oriented, general control model.
CobiT is also the first time in 1995 posted to control model for IT management, in which the principles of the COSO control concepts have been incorporated.
Swell
Further reading
Christian Brünger: Successful risk management with COSO ERM: Recommendations for the design and implementation in practice, Berlin 2009, ISBN 978-3-503-11439-9
Julia C. Helbeck: Internal Control System in Practice - An Implementation Guide to managing operational risks in business processes, Saarbrücken 2008, ISBN 978-3-8364-6881-7; A practical example of the implementation of the COSO model.