On May 14, 2013, COSO issued an updated Internal Control-Integrated Framework (Framework) and related illustrative documents. The update replaced COSO's original Framework, which was published in 1992. When it was issued, the COSO Board believed that the continued use of the original Framework during the transition period of May 14, 2013 to December 15, 2014 was appropriate. However, for external reporting subsequent to December 15, 2014, the COSO Board believes the old 1992 framework will be considered superseded and therefore no longer available.
Because the 1992 framework will be superseded prior to the calendar year-end for most public clients, auditors and audit committees should ask public registrants whether they have implemented the new 2013 framework and discuss with them any changes that may result from the update. Although the 1992 framework will be technically superseded by December 14, 2014, the SEC has not officially stated that 2013 COSO is the only acceptable framework for 404(a) purposes for annual filings after that date. Given this, and related SEC comments on the subject, it is our belief that registrants should defend why there are still using the superseded 1992 COSO methodology for the current year-end (December 31, 2014). Additionally, for accelerated and large accelerated filers, both the management and the auditors’ reports should indicate the framework utilized.