COSO stands for the Committee of Sponsoring Organizations of the Treadway Commission. It is a joint initiative of the five private sector organizations dedicated to providing thought leadership through the development of frameworks and guidance on enterprise risk management, internal control and fraud deterrence. COSO was organized in 1985 to sponsor the National Commission on Fraudulent Financial Reporting, an initiative to study fraudulent financial reporting. COSO’s website can be accessed at www.coso.org.
While COSO has published much guidance, perhaps they are best known for their two frameworks pertaining to controls and enterprise risk. COSO’s Internal Control – Integrated Framework first came out in 1992 and was revised in 2013. Their Enterprise Risk Management – Integrated Framework was originally published in 2004 and updated in 2017 through a publication entitled Enterprise Risk Management – Integrating with Strategy and Performance.
The two COSO frameworks complement each other, with neither superseding the other. The Internal Control–Integrated Framework remains the most widely used control framework in North America. This framework is the one we use for advising on the design, implementation and assessment of the effectiveness of internal control, including financial statements. We also advise and help organizations implement enterprise risk management (ERM) programs leveraging the Enterprise Risk Management – Integrating with Strategy and Performance framework.
The two COSO frameworks complement each other, with neither superseding the other. The Internal Control–Integrated Framework remains the most widely used control framework in North America. This framework is the one we use for advising on the design, implementation and assessment of the effectiveness of internal control, including financial statements. We also advise and help organizations implement enterprise risk management (ERM) programs leveraging the Enterprise Risk Management – Integrating with Strategy and Performance framework.
While the frameworks can be very helpful in reaching objectives and maximizing shareholder value, one must keep in mind that they are simply a starting point that requires great judgement. These should not be viewed as checklists or from a one-size-fits-all mentality. Rather they are meant to offer guidance and examples for an ever-increasing fast pace of change and growing complexity to business environments. Ultimately, these are tools to support sound decision making. We provide education, advice and support with respect to both COSO frameworks.