book

Executive's Guide to COSO Internal Controls: Understanding and Implementing the New Framework

Name: Executive's Guide to COSO Internal Controls: Understanding and Implementing the New Framework
Author: Robert R. Moeller
ISBN: 9781118626412

by Robert R. Moeller

December 2013

Intermediate to advanced

304 pages

10h 44m

English

Wiley

Read now

Unlock full access

Cover
Series
Title Page
Copyright
Preface
Chapter 1: Importance of the COSO Internal Control Framework
THE IMPORTANCE OF ENTERPRISE INTERNAL CONTROLSWHAT ARE ENTERPRISE INTERNAL CONTROLS?UNDERSTANDING THE COSO INTERNAL CONTROL FRAMEWORK: HOW TO USE THIS BOOK
Chapter 2: How We Got Here: Internal Control Background
EARLY DEFINITIONS OF INTERNAL CONTROLS: FOREIGN CORRUPT PRACTICES ACT OF 1977THE FCPA AND INTERNAL CONTROLS TODAYEVENTS LEADING UP TO THE TREADWAY COMMISSIONEARLIER AICPA AUDITING STANDARDS: SAS NOS. 55 AND 78THE TREADWAY COMMITTEE REPORTTHE ORIGINAL COSO INTERNAL CONTROL FRAMEWORKTHE SARBANES-OXLEY ACT AND INTERNAL ACCOUNTING CONTROLSNOTES
Chapter 3: COSO Internal Controls: The New Revised Framework
UNDERSTANDING INTERNAL CONTROLSREVISED FRAMEWORK BUSINESS AND OPERATING ENVIRONMENT CHANGESTHE REVISED COSO INTERNAL CONTROL FRAMEWORKCOSO INTERNAL CONTROL PRINCIPLESCOSO OBJECTIVES AND BUSINESS OPERATIONSSOURCES FOR MORE INFORMATION
Chapter 4: COSO Internal Control Components: Control Environment
IMPORTANCE OF THE CONTROL ENVIRONMENTCONTROL ENVIRONMENT PRINCIPLE 1: INTEGRITY AND ETHICAL VALUESCONTROL ENVIRONMENT PRINCIPLE 2: ROLE OF THE BOARD OF DIRECTORSCONTROL ENVIRONMENT PRINCIPLE 3: THE NEED FOR AUTHORITY AND RESPONSIBILITYCONTROL ENVIRONMENT PRINCIPLE 4: HUMAN RESOURCE STRENGTHSCONTROL ENVIRONMENT PRINCIPLE 5: INDIVIDUAL INTERNAL CONTROL RESPONSIBILITIESCOSO CONTROL ENVIRONMENT IN PERSPECTIVE
Chapter 5: COSO Internal Control Components: Risk Assessment
RISK ASSESSMENT COMPONENT PRINCIPLESRISK IDENTIFICATION AND ANALYSISRISK RESPONSE STRATEGIESFRAUD RISK ANALYSISCOSO RISK ASSESSMENT AND THE REVISED INTERNAL CONTROL FRAMEWORKNOTES

Chapter 6: COSO Internal Control Components: Control Activities
COSO CONTROL ACTIVITY PRINCIPLESCOSO CONTROL ACTIVITIES TODAY
Chapter 7: COSO Internal Control Components: Information and Communication
INFORMATION AND COMMUNICATIONS: WHAT HAS CHANGED?INFORMATION AND COMMUNICATION PRINCIPLE 1: USE OF RELEVANT INFORMATIONINFORMATION AND COMMUNICATION PRINCIPLE 2: INTERNAL COMMUNICATIONSINFORMATION AND COMMUNICATION PRINCIPLE 3: EXTERNAL COMMUNICATIONSTHE IMPORTANCE OF COSO INFORMATION AND COMMUNICATIONNOTES
Chapter 8: COSO Internal Control Components: Monitoring Activities
IMPORTANCE OF COSO MONITORING INTERNAL CONTROL ACTIVITIESCOSO MONITORING PRINCIPLE 1: CONDUCT ONGOING AND SEPARATE EVALUATIONSCOSO MONITORING PRINCIPLE 2: EVALUATE AND COMMUNICATE DEFICIENCIESCOSO INTERNAL CONTROL MONITORING IN PERSPECTIVENOTE
Chapter 9: COSO Internal Control GRC Operations Controls
COSO OPERATIONS OBJECTIVESPLANNING AND BUDGETING OPERATIONS CONTROLSIT SYSTEMS OPERATIONS CONTROLSOPERATIONS PROCEDURE CONTROLS AND SERVICE CATALOGSIMPORTANCE OF COSO OPERATIONS CONTROLSNOTE
Chapter 10: COSO Reporting Processes
COSO REPORTING OBJECTIVESCOSO EXTERNAL FINANCIAL REPORTING CONTROLSCOSO INTERNAL FINANCIAL REPORTING CONTROLSCOSO EXTERNAL NONFINANCIAL REPORTING CONTROLSCOSO INTERNAL NONFINANCIAL REPORTING CONTROLSIMPORTANCE OF COSO REPORTING CONTROLSNOTE
Chapter 11: COSO Legal, Regulatory, and Compliance Objectives
IMPORTANCE OF ENTERPRISE COMPLIANCE CONTROLSREGULATORY COMPLIANCE CONTROL ISSUESINTERNAL CONTROLS AND LEGAL ISSUESCOMPLIANCE WITH PROFESSIONAL AND OTHER STANDARDS
Chapter 12: Internal Control Entity and Organizational GRC Relationships
INTERNAL CONTROLS FROM AN ORGANIZATIONAL GRC PERSPECTIVEENTERPRISE GOVERNANCE OVERALL CONCEPTSBUSINESS ENTITY–LEVEL INTERNAL CONTROLSDIVISIONAL AND FUNCTIONAL UNIT INTERNAL CONTROLSDEPARTMENT- AND UNIT-LEVEL INTERNAL CONTROLSORGANIZATION AND GRC CONTROLS IN PERSPECTIVENOTE
Chapter 13: COSO, Service Management, and Effective IT Controls
IMPORTANCE OF IT GENERAL CONTROLSIT GOVERNANCE GENERAL CONTROLSIT MANAGEMENT GENERAL CONTROLSCLIENT-SERVER AND SMALLER SYSTEMS GENERAL IT CONTROLSITIL SERVICE MANAGEMENT BEST PRACTICESSERVICE DELIVERY BEST PRACTICESNOTES
Chapter 14: Cloud Computing, Virtualization, and Wireless Networks
INTERNAL CONTROLS FOR IT WIRELESS NETWORKSCLOUD COMPUTING AND COSO INTERNAL CONTROLSSTORAGE MANAGEMENT VIRTUALIZATIONCOSO INTERNAL CONTROLS AND NEWER TECHNOLOGIESNOTE
Chapter 15: Another Framework: COSO ERM
ERM DEFINITIONS AND THE ERM PORTFOLIO VIEW OF RISKTHE COSO ERM FRAMEWORK MODELOTHER DIMENSIONS OF THE ERM FRAMEWORKCOSO ERM AND THE REVISED INTERNAL CONTROL FRAMEWORKNOTES
Chapter 16: Understanding and Using COBIT
AN EXECUTIVE’S INTRODUCTION TO COBITUSING COBIT TO ASSESS ENTERPRISE INTERNAL CONTROLSMAPPING COBIT TO COSO INTERNAL CONTROLSNOTES
Chapter 17: ISO Internal Control and Risk Management Standards
BACKGROUND AND IMPORTANCE OF ISO STANDARDS IN A GLOBAL COMMERCE WORLDISO STANDARDS OVERVIEWISO STANDARDS AND THE COSO INTERNAL CONTROL FRAMEWORKNOTES
Chapter 18: COSO Internal Controls in the Board Room
BOARD DECISIONS AND INTERNAL CONTROL PROCESSESBOARD ORGANIZATION AND GOVERNANCE RULESCORPORATE CHARTERS AND THE BOARD COMMITTEE STRUCTURETHE AUDIT COMMITTEE AND MANAGING INTERNAL CONTROLSBOARD MEMBER INTERNAL CONTROL KNOWLEDGE REQUIREMENTSCOSO INTERNAL CONTROLS AND CORPORATE GOVERNANCENOTES
Chapter 19: Service Organization Control Reports and COSO Internal Controls
IMPORTANCE OF SERVICE ORGANIZATION INTERNAL CONTROLSEARLY STEPS TO GAIN ASSURANCE: SAS 70SERVICE ORGANIZATION CONTROL (SOC) REPORTSRIGHT-TO-AUDIT CLAUSESINTERNAL CONTROL LIMITATIONS
Chapter 20: Implementing the Revised COSO Internal Control Framework
UNDERSTANDING WHAT IS NEW IN THE 2013 FRAMEWORKTRANSITIONING TO THE NEW COSO GUIDANCESTEPS TO BEGIN IMPLEMENTING THE NEW COSO INTERNAL CONTROL FRAMEWORK
Index

Content preview from Executive's Guide to COSO Internal Controls: Understanding and Implementing the New Framework

CHAPTER 15

Another Framework: COSO ERM

THE ORIGINAL 1992 RELEASE OF the COSO internal control framework almost immediately pointed to other related areas where consistent definitions and internal controls guidance were lacking. One of these was risk management, a concept that had been receiving multiple and sometimes inconsistent definitions and interpretations by various industry groups. This was prior to the 2002-era SOx rules, when some public accounting firms began to call themselves risk management professionals, although many did not appear to have a clear understanding of what was meant by risk management. To try to develop a consistent enterprise risk management definition, COSO contracted with the same developers of the original COSO internal control framework, PricewaterhouseCoopers, to develop a common consistent definition for risk management. The result was the COSO enterprise risk management or COSO ERM framework released in 2004.

This chapter introduces COSO ERM and explains how to use this framework as a supplement to understanding and working with the new, revised version of the COSO internal control framework, as discussed in previous chapters. On first inspection, COSO ERM almost looks and feels like the COSO internal control framework. When it was first released not that many years after the original 1992 COSO internal control framework, many professionals viewed it as almost a new version or some form of supplement to the COSO internal controls. However, it ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

IT Governance: Implementing Frameworks and Standards for the Corporate Governance of IT

Publisher Resources

ISBN: 9781118813812Purchase book

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Executive's Guide to COSO Internal Controls: Understanding and Implementing the New Framework

by Robert R. Moeller

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.