COSO
July 3, 2019 Apolone Gentles, JD, CPA,CGA, FCCA, Bsc (Hons) Accounting Systems and Controls, Business and Legal Issues, Corporate Governance, Finance and Accounting, Leadership and Management,
If the most serious internal control violation is a failure to implement internal controls in the first place, the failure to monitor existing internal controls is a close contender. Identify where in the organization effective monitoring occurs and leverage those successes.
Committee of Sponsoring Organization of the Treadway Commission, COSO, Exception Reports, IIA, internal audit, Internal Control Monitoring, Internal Control Override, Internal Controls, Lines of Defense, monitoring, Ongoing Evaluations, Process Deficiencies, Separate Evaluations
July 25, 2018 Norman D. Marks, CPA, CRMA Business and Legal Issues, Corporate Administration, Finance and Accounting, IT, Privacy and Security, Leadership and Management, Sales, Marketing and Operations
This article discusses consolidated risk exposure and different risk management tools.
consolidated risk exposure, COSO, COSO Enterprise Risk Management Framework, enterprise risk management, risk management tools
December 15, 2016 Occasional Contributors Business and Legal Issues, Corporate Administration, Corporate Governance, Finance and Accounting, Financial Compliance / Planning / Management, Leadership and Management
This last week, COSO published an Exposure Draft of its ERM Framework Update, freshly entitled Enterprise Risk Management – Aligning Risk with Strategy and Objectives. The COSO update is a significant moment for all risk practitioners. So I strongly recommend that everybody take the time to review and give careful consideration to the draft.
COSO, Enterprise Risk Management – Aligning Risk with Strategy and Objectives, ERM Framework Update, Exposure Draft, risk management, risk practitioners
September 7, 2016 Occasional Contributors Accounting Systems and Controls, Business and Legal Issues, Corporate Administration, Corporate Administration and Legal Matters, Corporate Governance, Finance and Accounting, Fraud and Corruption, IT, Privacy and Security, Leadership and Management, Not for Profit
Have your provided comments on the COSO ERM draft? Please share your views on this important document. I submitted my comments some time ago. I realize that some of you prefer the ISO 31000:2009 global standard on risk management. But let’s recognize that nearly half of the risk management functions around the world are
influenced by if not using the COSO framework.
Committee of Sponsoring Organizations of the Treadway Commission, COSO, COSO ERM draft, COSO framework, Enterprise Risk Management – Integrated Framework, Enterprise Risk Management — Aligning Risk with Strategy and Performance, ERM Framework Update, ISO 31000:2009 global standard, risk management
March 2, 2015 Jeffrey Sherman Accounting Systems and Controls, Business and Legal Issues, Corporate Administration, Corporate Governance, Environmental Issues, Finance and Accounting, Leadership and Management, Sales, Marketing and Operations
Sustainability is a characteristic of a process or condition that can be maintained at a particular level for an indefinite period. In the context of a corporation or other organization, we can consider sustainability in two broad ways…
business ethics, Control and sustainability, control-based approach, corporate social responsibility, COSO, CSR, environmental social governance, ESG, internal control, Internal Control: Integrated Framework, legal compliance, monitoring, multiple stakeholders, sustainability
June 2, 2014 Jeffrey Sherman Accounting Systems and Controls, Accounts payable and receivable, Backup and Disaster Planning, Board of Directors, Process and Responsibilities, Budgeting and Auditing, Business and Legal Issues, Corporate Administration, Corporate Administration and Legal Matters, Corporate Governance, Finance and Accounting, Financial Compliance / Planning / Management, Financial Management, Fraud and Corruption, IT, Privacy and Security, Network, Systems and Data Security, Not for Profit, Payroll and Personnel Management, Records Management and Retention, Systems and Data Management
Anti-fraud controls mainly apply to the general area of accounting (purchasing, revenue, payroll, banking and treasury, inventory, assets, etc.), but they will also involve many specific areas of operations, such as sales, payments, expenses, receivables, travel, suppliers, taxes, promotions and much more.
anti-fraud controls, COSO, employee fraud, external fraud, fapp, Finance and Accounting PolicyPro, fraud, fraud and misconduct, fraud risk, fraudulent reporting, internal fraud, legal compliance, managing risk, record keeping, risk management
May 5, 2014 Jeffrey Sherman Accounting Systems and Controls, Business and Legal Issues, Corporate Administration, Corporate Administration and Legal Matters, Corporate Governance, Finance and Accounting, Fraud and Corruption, Leadership and Management, Not for Profit
In COSO’s updated Internal Control – Integrated Framework, one of the 17 principles they present is that the organization holds individuals accountable for their internal control responsibilities in the pursuit of objectives. Have you considered how your control system enforces accountability?
accountability, achieving objectives, authorities, board of directors, corrective action, COSO, disciplinary action, ethical conduct, evaluating performance, excessive pressures, holding individuals accountable, ICIF, Internal Control: Integrated Framework, Internal Controls, legal compliance, performance evaluation, performance incentives, performance measures, performance rewards, points of focus, responsibilities, responsible business conduct, standards of conduct, structures
February 3, 2014 Jeffrey Sherman Corporate Governance, Finance and Accounting
Over the past half century, a great deal of literature has appeared in Canada and the United States about how to design, document and assess internal controls. First Reference has built upon the most current internal control authorities to provide organizations with practical tools for designing and evaluating controls.
analytical auditing, audits, Canadian Professional Engagement Manual, control design matrix, control procedures, COSO, CPEM, document and evaluate internal controls, evaluating controls, evaluating internal control, external auditors, fapp, Finance and Accounting PolicyPro, formal risk management process, ICIF, Internal Control: Integrated Framework, legal compliance, managing risk, Multilateral Instrument 52-109, PolicyPro, risk, risk assessment, Risk assessment tools for effective internal controls, risk control strategy, risk factors, risk identification, risk management, Sarbanes-Oxley, Sarbanes-Oxley Act
September 3, 2013 Jeffrey Sherman Corporate Governance, IT, Privacy and Security
The two definitive studies by COSO identify monitoring as a critical component of internal control and risk management. Monitoring refers to both ongoing monitoring processes to ensure that a system functions as it is supposed to (including management and review aspects), as well as ad hoc special studies and audits to review the system…
acquisition, applications, audits, continuous improvement, COSO, customer focus, divestiture, effectiveness reviews, Enterprise Risk Management – Integrated Framework, external customers, Human Resources, ICIF, implementation plans, information technology, internal control, Internal Control: Integrated Framework, internal customers, International Organization for Standardization, ISO, IT assets, IT governance, IT resources, leadership, metrics, monitoring, monitoring processes, over-utilization of resources, QMS, quality management system, Quality management systems Fundamentals and vocabulary, Quality management systems guidelines for performance improvements, resource capacity, risk management, service-level agreements, under-utilization of resources
June 4, 2012 Jeffrey Sherman Corporate Governance, Finance and Accounting
You have a risk management process, even if you don’t think about it. Maybe it’s an informal and verbal process, but the type of business you accept and how you deliver products and services is closely tied to your business strategy and the risk management process it requires.
control activities, COSO, Enterprise Risk Management – Integrated Framework, formal risk management process, information and communication, insurance, risk analysis, risk management, risk monitoring, risk response
