COSO ERM Model - AGA Austin Chapter

advertisement
COSO 2013
For Austin AGA
January 2014
Changes are less
than earthshaking
More than 71 percent of internal audit
executives at public companies said they
they expect adoption of the new
framework to be not significant or
somewhat significant; only 22 percent
said they expect implementation to be
moderately or extremely significant.
IIA survey quoted in Compliance Week article: SEC
Drops New Hint: Update to New COSO Framework
by Tammy Whitehouse 11/13
20 YEARS
19922013
Increased stakeholder expectations
for transparency regarding controls
– Sarbanes Oxley
– A-123
–?
19922013
Emphasis on governance
19922013
Reliance on technology
19922013
Complex business models
– Global
– Outsourcing
19922013
Awareness of fraud
9
New structure
Same 5 components
Add 17 principles
And 82 points of focus
COSO Model
Leita Hart-Fanta, CPA, CGFM, CGAP
[email protected]
11
Under RISK ASSESSMENT
COMPONENT
Principle 8 – The organization
considers the potential for fraud in
assessing risks to the achievement
of objectives.
• Points of Focus:
–
–
–
–
Considers various types of fraud
Assesses incentives and pressures
Assesses opportunities
Assesses attitudes and
rationalizations
Quote from the 2013
COSO Executive Summary
When a major deficiency exists with
respect to the presence and
functioning of a component or
relevant principle, or with respect
to the components operating
together in an integrated manner,
the organization cannot conclude
that it has met the requirements for
an effective system of internal
control.
Leita’s version of COSO
Risk Assessment
Control
Activities
Information and
Communication
M
O
N
I
T
O
R
I
N
G
Control
environment
Leita Hart-Fanta, CPA, CGFM, CGAP
[email protected]
14
Which element of the
COSO model?
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
Establish goals and objectives annually
Report frequently to oversight agencies
Send financial data to department heads each
week
Administrative staff in Engineering inspects budget
amendments created by accounting each month
Link risks to the goals and objectives of the
department
Establish an ethics policy
Force users to create new passwords for the
customer application each month
Delegate authority and responsibility in job
descriptions
Reconcile reports to federal grantor to the general
ledger
The same person that opens the mail does not
record the receipt and make the deposit
Put performance measures for each department
on the internet
Leita Hart-Fanta, CPA, CGFM, CGAP
[email protected]
15
COSO ERM Model
Leita Hart-Fanta, CPA, CGFM, CGAP
[email protected]
16
Governance
Enterprise risk
management
Internal
controls
COSO
Integrated auditing
•
•
•
•
•
Compliance
Financial
Operational
Fraud
IT
Download