First Reference company logo

Inside Internal Controls

News and discussion on implementing risk management

machine cogs image

COSO

COSO ERM Exposure Draft

This last week, COSO published an Exposure Draft of its ERM Framework Update, freshly entitled Enterprise Risk Management – Aligning Risk with Strategy and Objectives. The COSO update is a significant moment for all risk practitioners. So I strongly recommend that everybody take the time to review and give careful consideration to the draft.

 

, , , , ,

Have your provided comments on the COSO ERM draft?

Have your provided comments on the COSO ERM draft? Please share your views on this important document. I submitted my comments some time ago. I realize that some of you prefer the ISO 31000:2009 global standard on risk management. But let’s recognize that nearly half of the risk management functions around the world are
influenced by if not using the COSO framework.

 

, , , , , , , ,

Using internal control to prevent fraud

Anti-fraud controls mainly apply to the general area of accounting (purchasing, revenue, payroll, banking and treasury, inventory, assets, etc.), but they will also involve many specific areas of operations, such as sales, payments, expenses, receivables, travel, suppliers, taxes, promotions and much more.

 

, , , , , , , , , , , , , ,

Internal control system: How is your accountability?

coso-updated-framework

In COSO’s updated Internal Control – Integrated Framework, one of the 17 principles they present is that the organization holds individuals accountable for their internal control responsibilities in the pursuit of objectives. Have you considered how your control system enforces accountability?

 

, , , , , , , , , , , , , , , , , , , , , , ,

Why should I monitor IT effectiveness and how do I do it?

The two definitive studies by COSO identify monitoring as a critical component of internal control and risk management. Monitoring refers to both ongoing monitoring processes to ensure that a system functions as it is supposed to (including management and review aspects), as well as ad hoc special studies and audits to review the system…

 

, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

What makes good risk management?

You have a risk management process, even if you don’t think about it. Maybe it’s an informal and verbal process, but the type of business you accept and how you deliver products and services is closely tied to your business strategy and the risk management process it requires.

 

, , , , , , , , ,