Audit experts at Compliance Week 2014 are warning companies to be careful not to rely too heavily on a gap analysis of internal control when implementing the new updated COSO Internal Control — Integrated Framework this year.
Analyzing internal control gaps under COSO’s 1992 framework compared with the newly revised framework can serve as part of the implementation process, but should not form the entire basis for implementing the updated internal control framework, says Jeanette Franzel, a member of the Public Company Accounting Oversight Board. “There are risks associated with a checklist approach or a gap analysis,” she says. “This should not be a paperwork exercise. This should be a step back so you can take a fresh look at your controls.”
