The Committee of Sponsoring Organizations of the Treadway Commission (COSO) released the Internal Control-Integrated Framework (the Framework) on May 14, 2013. The Framework is replacing the original Internal Control–Integrated Framework issued in 1992. The Framework transition period will be extended through December 15, 2014, allowing companies time to review and adopt the updated Framework. The goal in updating the Framework is to enhance the relevance and ease of use in today’s global environment with further complex and technology driven advances.
The Framework is keeping the five core components of internal control: control environment, risk assessment, control activities, information and communication, and monitoring; and enhancing them with seventeen principles which all relate to an effective system of internal control for various forms of reporting. The updated Framework also includes three categories of objectives: operations, reporting, and compliance. This expansion addresses the needs of financial users and key stakeholder requirements. In addition, the focus will not only be on external reporting, but also will include internal reporting, financial subcategories, and non-financial subcategories.
In addition to issuing the updated Framework, COSO is also making available Illustrative Tools: Assessing Effectiveness of a System of Internal Control and Internal Control over External Financial Reporting: A Compendium of Approaches and Examples. These additional documents are meant to provide guidance to help illustrate the principles in the Framework and how they can be applied.
These enhancements to the updated Framework will assist companies in achieving a solid internal control framework that mitigates risk to acceptable levels and attaining their objectives in an ever-changing business and regulatory environment. The updated Framework is not believed to impose a higher threshold or new burdens to realize an effective internal control framework.