Scribd
Upload
94 views

COSO Framework: A. Physical Control Activity

The COSO framework defines internal control as a process implemented by management and personnel to ensure effectiveness of operations, reliability of financial reporting, and compliance with laws and regulations. The COSO framework identifies 5 components of an effective internal control system: control environment, risk assessment, control activities, information and communication, and monitoring. These components provide a structure for organizations to design, implement and monitor internal controls.

Uploaded by

Manu aggarwal
Copyright
© © All Rights Reserved
94 views

COSO Framework: A. Physical Control Activity

The COSO framework defines internal control as a process implemented by management and personnel to ensure effectiveness of operations, reliability of financial reporting, and compliance with laws and regulations. The COSO framework identifies 5 components of an effective internal control system: control environment, risk assessment, control activities, information and communication, and monitoring. These components provide a structure for organizations to design, implement and monitor internal controls.

Uploaded by

Manu aggarwal
Copyright
© © All Rights Reserved
You are on page 1/ 1

COSO framework

The Committee of Sponsoring organization (COSO) developed a model which talks


about internal control measures and effectiveness of systems and it was known as
COSO framework.
COSO model defines that internal control is a process which is affected by
management and personnel. Internal controls are measure to check-

 Effectiveness of operations
 Reliability of financial reporting
 Financial statements are in conformity with the applicable laws and standards

Components of COSO Framework


There are five components which talks about how to achieve sound internal control
system-

1.Control environment

There must be a control environment in an organization. No organization can establish


control system if the managers or board of directors are corrupt and unethical. Integrity
and values should be part of organization culture. There are key areas auditor should
analyze while initializing audit:-

 Organizational Structure
 Assignment of authority and responsibility
 Departmental Policies and procedures
 Integrity, competence of management
SAS- 109 defines that Auditor should understand the entity, its structure, control systems,
risk of material misstatement whether due to error or fraud.
2.Risk assessment

The organization need to identify and assessthe risk. The risks occurred due to internal
environment of organization can be managed.

For e.g. Implementation of new software- here risk could be inadequate knowledge,
resistance for change by people employed. This risk can be managed by giving
sufficient training to employees and periodical review.

Risk occurred due to external environment can be managed by doing proper planning
and applying adequate procedures to analyze the effect on the organization.

For e.g. Increase in the tax rate of textile industry

3.Control activities
These are policies and procedures to ensure that assets are safe, financial statements
are free from any material risks. It deals with actions that need to be taken to manage
risk.
These are broadly divided in two categories:-

A. Physical Control Activity-

 Duties of each individual should be defined


 Supervision
 Authorized transaction should be processed
 Accounting records should be safe and access control should be defined

B. IT control Activity-

These controls related with IT-


 Network control
 Data backups in order to ensure business continuity
 Encrypted data

4.Information and Communication:-

The accounting information system consists the records which are used to prepare
financial statements. All financial information should be well recognized in the reports
in order to take correct operating decisions.
It is very important to record and identify all transaction in timely manner.

SAS-109 requires that Auditor should gain knowledge regarding the effectiveness of
accounting information system. All the material transactions has been recorded in the
financial reports.

5. Monitoring
The organization should ensure that all the designed internal controls and systems are
working effectively. The management should monitor all the activities and gather
evidence related to any discrepancy. Management should adopt corrective measure for
any deficiency detected in internal control system.

Conclusion
Hence, COSO set process to achieve internal control efficiency and monitoring of
the controls.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy