COSO Framework and Internal Controls Overview
Verified Quizzes + Top-Scoring Assignments | A+
Guaranteed| 100% correct
Internal control - Process to provide reasonable assurance that organizational objectives
are being met/achieved.
Organizational objectives - Include quality of data, effectiveness and efficiency of
operations, and compliance with applicable laws and regulations.
Effectiveness of internal control - Is at a point in time and depends on an understanding
by employees of their roles.
Stakeholders - Defined as shareholders, customers, suppliers, employees, and creditors
who use financial reports to make decisions.
Foreign Corrupt Practices Act (FCPA) of 1977 - Established criminal liability for bribery of
foreign officials by any US company and provisions for record keeping and internal controls.
Sarbanes-Oxley Act of 2002 (SOX) - Established to protect investors by providing more
transparency of corporate disclosures.
Section 302 of SOX - Requires CEO and CFO to certify that the organization has internal
controls and that the financial statements are free from misstatement.
Section 404 of SOX - Outlines management and external auditors' responsibilities with
testing of internal controls.
External auditors - Need to comply with SAS and PCAOB auditing standards.
SAS 94 - Requires auditors to obtain an understanding of internal controls sufficient to
plan the audit.
PCAOB AS #2201 - Guidance over how to identify and audit key controls, detecting
material misstatement, and material disclosures.
COSO Internal Control - Integrated Framework - Defined internal control as a process that
assists with the achievement of objectives.
COSO 2013 update - Added 17 principles to further define and explain the components
while considering the effects of changes in the organizational environment.
Verified Quizzes + Top-Scoring Assignments | A+
Guaranteed| 100% correct
Internal control - Process to provide reasonable assurance that organizational objectives
are being met/achieved.
Organizational objectives - Include quality of data, effectiveness and efficiency of
operations, and compliance with applicable laws and regulations.
Effectiveness of internal control - Is at a point in time and depends on an understanding
by employees of their roles.
Stakeholders - Defined as shareholders, customers, suppliers, employees, and creditors
who use financial reports to make decisions.
Foreign Corrupt Practices Act (FCPA) of 1977 - Established criminal liability for bribery of
foreign officials by any US company and provisions for record keeping and internal controls.
Sarbanes-Oxley Act of 2002 (SOX) - Established to protect investors by providing more
transparency of corporate disclosures.
Section 302 of SOX - Requires CEO and CFO to certify that the organization has internal
controls and that the financial statements are free from misstatement.
Section 404 of SOX - Outlines management and external auditors' responsibilities with
testing of internal controls.
External auditors - Need to comply with SAS and PCAOB auditing standards.
SAS 94 - Requires auditors to obtain an understanding of internal controls sufficient to
plan the audit.
PCAOB AS #2201 - Guidance over how to identify and audit key controls, detecting
material misstatement, and material disclosures.
COSO Internal Control - Integrated Framework - Defined internal control as a process that
assists with the achievement of objectives.
COSO 2013 update - Added 17 principles to further define and explain the components
while considering the effects of changes in the organizational environment.
