COSO Internal Control-Integrated Framework

COSO Internal Control-Integrated Framework

COBIT was derived from the COSO Internal Control-Integrated Framework, developed by the Committee of Sponsoring Organizations (COSO) that sponsored the Treadway Commission in 1985 to deal with fraudulent financial activities and reporting. The COSO IC framework, first released in 1992 and last updated in 2013, identifies 17 internal control principles that are grouped into five internal control components as listed here.

Control Environment

1. Demonstrates commitment to integrity and ethical values
2. Exercises oversight responsibilites
3. Extablishes structure, authority, and responsibility
4. Demonstrates commitment to competence
5. Enforces accountability

Risk Assessment

6. Specifies suitable objectives
7. Identifies and analyzes risk
8. Assess fraud risk
9. Identifies and analyzes significant change

Control Activities

10. Selects and develops control activities
11. Selects and develops  general controls over technology
12. Deploys through policies and procedures

Information and Communication

13. Uses relevant, quality information
14. Communication internally
15. Communicates externally

Monitoring activities

16. Conducts ongoing and/or separate evaluations
17. Evaluates and communicates deficiencies

Comments

Popular posts from this blog

OIM 11g R2 PS2 : SOA Approval Workflow Sample

OHS 12c (12.1.3) webgate deployment and configuration

Oracle Identity Manager (OIM) Interview Questions