Chapter 3 described the revised COSO internal control framework. A key component of that framework is COSO’s 17 internal control principles, guidance to help managers and internal auditors better understand and utilize COSO internal controls. These principles are a new concept that was not included in the original COSO framework, and they are helpful for internal auditors in their reviews and understandings of COSO internal controls. This chapter will introduce these COSO internal control principles and why they are important for management and internal auditors in building effective internal controls.

Rather different from COSO, the Institute of Internal Auditors (IIA) has established a set of 12 core principles that describe internal audit effectiveness to support the principles in their standards and code of ethics, both discussed in Chapter 9. They are a key component in their International Professional Practices Framework (IPPF). These principles, both for COSO internal controls and for the IIA’s IPPF, represent key goals or talking points that internal auditors should use in planning, performing, and evaluating their internal control reviews.

4.1 COSO Internal Control Framework Principles

The COSO internal control framework, introduced in Chapter 3, is supported by 17 principles. For some managers who have looked at the COSO three-dimensional framework and walked away confused, these principles supply more guidance and ...