This is the last part of the quick guide about COSO 2013. In this part, you will learn the steps involved in the mapping process and the considerations to look at during the mapping process.

I suggest you watch the video. It’s easier to understand if you are a visual/audio learner. The content below is the same as the video. It’s for those who learn by reading.

 

Steps in COSO Mapping

Here’s the four-step procedure for COSO Mapping

  • Step 1: Identify Controls.
     
    Identify relevant key controls that are in place and input into the Control Activity column.
COSO mapping process step 1
Step 1 – Identify Controls. See Control Activity column to identify relevant controls
  • Step 2: Compare control to each Point of Focus
     
    Determine if the control maps to a specific Point of Focus and mark the box with a check mark if applicable.
COSO mapping process step 2
Step 2 – Compare control to each Point of Focus
  • Step 3: Review Summary Count
     
    Once all relevant key controls have been mapped to either a Point of Focus or Principle, verify that all POFs or Principles have a control mapped to them via the Summary Count rows.

COSO mapping process step 3
Step 3 – Review Summary Count
  • Step 4: Evaluation of Gaps
COSO mapping process 17 step 4
Step 4 – Evaluation of Gaps

 

Mapping Considerations

When doing the mapping, there are four things you need to consider.

  1. The new framework does not require that every Point of Focus be mapped to a control. Only Principles are required to be mapped to a control.
  2. Consider adding improvements or implementing new controls to meet the full objective of the Principle if there is a gap within a Point of Focus.
  3. Ensure controls used in mapping are designed and are operating effectively (i.e. pass SOX testing).
  4. Major deficiencies exist when management determines that a component and one or more principles are not present and functioning.

 
Summary
Easily go back to the sections of this tutorial by clicking on the links below.

If you want to refresh yourself in the first two parts of this COSO guide, just go to:

 

watch video in youtube

 

If you found this post helpful and
want to receive the next segment
sign up for blog