This is part 2 of the three-part blog guide about the COSO 2013. In this guide, you will learn about the purpose of COSO Mapping, the Mapping template created by A2Q2, and the components and other sections of the Mapping Template.

The following will be covered in part 2:

I suggest you watch the video. It’s easier to understand if you are a visual/audio learner. The content below is the same as the video. It’s for those who learn by reading.

 

COSO Mapping and Template

For a company to confirm that the 17 principles and 5 components (discussed in COSO 2013 Part 1 – Framework Overview) are present and functioning, these principles must be mapped to relevant SOX key controls that are operating effectively.

At A2Q2, we have created a COSO mapping template where a company can match key SOX controls to each component, principle, and point of focus. The template clearly shows if a gap exists.

Below is how the COSO Mapping template looks like.

COSO mapping template from A2Q2
COSO Mapping template
  1. Components, Principles, and Points of Focus are listed in Columns across the top
  2. Identified Key Controls are listed down one column with each control in its own row
  3. A summary count row calculates the number of controls that were identified as mapped to a POF or Principle once the mapping is filled out

 

Mapping Template Components

  • Control Environment Component
Control Environment Component
Control Environment Component
  • Risk Assessment Component
COSO mapping template for Risk Assessment Component
Risk Assessment Component
  • Control Activity Component
COSO mapping template for Control Activity Component
Control Activity Component
  • Information and Communication Component
COSO mapping template for Information and Communication Component
Information and Communication Component
  • Monitoring Activities Component
COSO mapping template for Monitoring Activities Component
Monitoring Activities Component

 

Mapping Template Principles & Point of Focus

Notice the numbers “1” and “17” below that represents all 17 principles mapped to a component.

COSO mapping template 17 principles
COSO mapping template principles numbers “1” and “17” that represents all 17 principles mapped to a component

Each Principle generally has 4 to 6 Points of Focus, which are important characteristics of the Principles and help the user determine if their identified Control matches the Principle.

Below the summary description of the Points of Focus, you’ll see a more detailed description, which can be used to help the user map to specific controls.

summary description of the Points of Focus mapping template
Summary Description of the Points of Focus

Let’s have this as an example for the Point of Focus.

Principle #1:

  • The Organization demonstrates a commitment to integrity and ethical values.

Points of Focus:

  • Sets the Tone at the Top
  • Establishes Standard of Conduct
  • Evaluates adherence to Standards of Conduct
  • Addresses deviations in a timely manner

 
Summary
You can easily go back to the sections of this tutorial by clicking on the links below.

Interested in part 3 of this blog series? Go to COSO 2013 Mapping Process.

 

watch video in youtube

 

If you found this post helpful and
want to receive the next segment
sign up for blog