O'Reilly logo

Internal Control Audit and Compliance: Documentation and Testing Under the New COSO Framework by Lynford Graham

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

CHAPTER THREE

The Risk Assessment Component

AMONG THE FIVE components in the COSO Framework, the one most often discussed first is the control environment (CE) component. This is because from a controls performance perspective, if this component is ineffective, most of the other components could be negatively affected. For example, if the entity operates in an environment devoid of ethical values and honesty and management has a tendency to override controls, it is unlikely that specific controls over transactions can be considered as effective. An ineffective control environment effectively trumps the lower-level controls. However, we explore the CE component in the next chapter.

A reason to discuss the risk assessment (RA) component first is because the task of scoping the assessment project and the RA component have so much in common. Indeed, from a planning and project perspective, the other components, including the CE, drive off of the identification and assessment of risks. From a project process, and not a hierarchical controls perspective, the RA tasks need to precede much of the other controls assessment and testing since the object is to do three things:

  1. Identify risks to achieving organizational (and financial reporting) objectives.
  2. Assess the design of controls that mitigate these risks.
  3. Assess whether the controls are effective.

While these three objectives are all important to the entity, the second and third points rely on the effective identification and assessment ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required