Corporate Internal Controls with COSO
Internal Control Integrated Framework
Enterprise Risk Management
Enterprise Risk Management
ERM improved risk reporting
“Highlights the importance of considering risk in both the strategy-setting process and in driving performance highlights the importance of considering risk in both the strategy-setting process and in driving performance”
COSO Committee for Sponsoring Organizations
Aimed at creating Methodologies that hinder fraud in the internal control systems of companies traded on global stock exchanges.
Focuses on a restructuring of financial systems dedicated to ‘internal controls’, for all businesses, more applied in financial systems such as banks and insurance companies.
“We assist large companies in the planning, implementation, optimization, testing, and continuous improvement of internal control systems”
“Internal Control” means The Ability to Regulate
Integrating with Strategy and Performance
There are different risks for each control environment, that is, failures that can bring many losses.
In the same way that a pilot can cause a crash by a mistake/failure or a simply wrong decision, so can the board of a company.
A simple mistake in perspective for not being aligned with your line of business can lead to flawed decisions causing even the failure of a large company causing losses to shareholders and employees.
Errors need to be evaluated, measured and visualized to be managed as well as avoid.
Join our Internal Audit Community
Project Step by Step
Determination of Objectives
This phase involves determining key business objectives, that will drive the COSO framework implementation.
This phase involves performing gap analysis on COSO – 17 requirements as well as defining risk and control matrix for areas that have opportunities for fraud.
Control Design and documentation
This phase involves our methodology that involves the distribution of objectives, risks, and control responsibility to internal stakeholders. This also includes the nomination of key roles such as risk and compliance officer – who will drive the ongoing compliance. Each business function has a control framework
This phase involves tracking the client risks, documentation, and self-declarations till all internal controls are adequately implemented
This phase involves measuring internal control changes on a scale of 0-100%. This gives assurance to internal stakeholders that the processes implemented are adequate (or at risk). If there are deviations or risks identified, they are treated. We have a structured methodology for implementation
The internal audit involved an independent verification of risk and control implementation as a project and assurance of the ongoing program