Skip to main content

Search

COSO Framework’s 17 Principles of Effective Internal Control

Article
3 minute read
September 13, 2022

Specific principles for developing and maintaining effective internal controls are listed in Internal Control — Integrated Framework. Originally released in 1992 by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and updated in 2013, the framework lists the following 17 principles that explicitly describe the elements of an effective system of internal controls:

Internal Control Component

Principles

Control environment

1. Demonstrates commitment to integrity and values
2. Demonstrates independence and exercises oversight responsibility
3. Establishes structure, authority and responsibility
4. Demonstrates commitment to attracting, developing and retaining competent staff
5. Enforces accountability

Risk assessment 6. Specifies suitable, specific objectives
7. Identifies and analyzes risks
8. Assesses fraud risk
9. Identifies and analyzes significant changes
Control activities 10. Selects and develops control activities that help mitigate risks
11. Selects and develops general controls over technology
12. Bases controls on thorough policies and procedures
Information and communication 13. Uses relevant, high-quality information
14. Communicates internally to support controls
15. Communicates externally
Monitoring

16. Conducts ongoing and/or separate evaluations
17. Evaluates and communicates deficiencies

Depending on a company’s facts and circumstances, implementing or making the transition to the framework can take time, so it’s a good idea to begin the process as soon as possible. Companies should begin by familiarizing themselves with the 17 principles and other COSO guidelines. Then, companies can evaluate the current state of their internal control system and develop a plan for correcting any weaknesses.

If your organization has not yet begun using the Integrated Framework, see our introduction, Implementing the COSO Integrated Framework.

If you would like more information about implementing or making the transition to the COSO framework, contact Weaver today.

© 2022