The 2013 COSO Framework
Changes in the business environment including a greater reliance on technology, a focus on risk management, expanding regulatory compliance and more stringent reporting requirements have significantly impacted the way businesses operate. Companies must now satisfy higher expectations of regulators and stakeholders, and stronger internal control practices must be developed to help grow and protect the organization.
In May 2013, COSO released its updated Internal Control - Integrated Framework to help address how organizations establish and implement their internal controls in today’s evolving environment. Three EisnerAmper professionals recently co-authored an article on the subject, “Revised COSO Framework Provides Tools to Assess Internal Controls” (published in NACD Directorship Magazine) to help executives and board members better understand the changes. The revised framework’s most significant changes are discussed in detail including:
- greater focus on the control environment component,
- communication within an organization, and
- key action items to consider for board and senior management.
The updated COSO framework is intended to provide greater confidence in the board’s oversight of internal controls and achievement of the entity objectives. This confidence is further enhanced by a stronger risk management and internal audit function. All of the components, operating together, provide an ideal foundation for “reasonable assurance.”