This is part 1 of the three-part guide about COSO 2013. To make it easier, you will first learn about the overview of the COSO framework. Then the next steps will be about the mapping template and mapping process.

The following sections will be covered in part 1:

I suggest you watch the video. It’s easier to understand if you are a visual/audio learner. The content below is the same as the video. It’s for those who learn by reading.

 

What is COSO?

COSO stands for Committee of Sponsoring Organizations. It created an internal controls framework in response to the savings and loan scandal eons ago (1990s).

When Sarbanes-Oxley (SOX) became a law, it required that a company adopt credible internal controls framework.  Someone dug out the COSO framework and 99.9% of public companies have adopted it.

In 2013, COSO updated its framework and called it COSO 2013.

COSO 2013 Framework Evolution
COSO 2013 Framework

Due to this change, public companies have until 2015 to adopt COSO 2013.  Most companies, who are going public today, will adopt COSO 2013.  It means that the SOX team must explain or document how the company is meeting COSO 2013 requirements.

The framework was updated in 2013 to address changes in the business, operating, and regulatory environment since its original issuance. The 5 main components of the original model remain the same, but there are now 17 principles underlying the 5 components.

 

What is the difference between 1990s and 2013?

To have a clearer picture of what the framework was in the 1990s versus now, here’s a table showing the differences.

COSO framework 1990 and 2013
COSO Framework 1990 VS 2013

 

COSO 2013 Components and Principles

To achieve effective internal control, the following should be met:

  • Each of the 5 components and 17 principles must be present and functioning.
  • The 5 components must operate together in an integrated manner.
2013 COSO  5 components and 17 principles
COSO 2013 Components and Principles

 

COSO 2013 Points of Focus

After learning about the 17 principles in COSO 2013, there’s also what we call Points of Focus.

  • Each of the 17 Principles is supported by 4 to 6 Points of Focus (POF).
  • Each POF is intended to help a company design, implement, conduct, and assess whether the principles are present and functioning.
  • Companies are required to show that each of the 17 Principles is addressed, but NOT all Points of Focus are present and functioning.

 
Summary
You can easily go back to the sections of this tutorial by clicking on the links below.

Interested in part 2 of this blog series? Go to COSO 2013 Mapping Template.

 

watch video in youtube

 

If you found this post helpful and
want to receive the next segment
sign up for blog