Article
Brochure
Executive Resource
Insight Hub
Video
Ext. PublicationCOSO Framework’s 17 Principles of Effective Internal Control
Specific principles for developing and maintaining effective internal controls are listed in Internal Control — Integrated Framework. Originally released in 1992 by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and updated in 2013, the framework lists the following 17 principles that explicitly describe the elements of an effective system of internal controls:
|
Internal Control Component |
Principles |
| Control environment |
1. Demonstrates commitment to integrity and values |
| Risk assessment | 6. Specifies suitable, specific objectives 7. Identifies and analyzes risks 8. Assesses fraud risk 9. Identifies and analyzes significant changes |
| Control activities | 10. Selects and develops control activities that help mitigate risks 11. Selects and develops general controls over technology 12. Bases controls on thorough policies and procedures |
| Information and communication | 13. Uses relevant, high-quality information 14. Communicates internally to support controls 15. Communicates externally |
| Monitoring |
16. Conducts ongoing and/or separate evaluations |
Depending on a company’s facts and circumstances, implementing or making the transition to the framework can take time, so it’s a good idea to begin the process as soon as possible. Companies should begin by familiarizing themselves with the 17 principles and other COSO guidelines. Then, companies can evaluate the current state of their internal control system and develop a plan for correcting any weaknesses.
If your organization has not yet begun using the Integrated Framework, see our introduction, Implementing the COSO Integrated Framework.
If you would like more information about implementing or making the transition to the COSO framework, contact Weaver today.
© 2022
