Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.
Accounting & Auditing Update

The "Accounting & Auditing Update" is written by Tammy Whitehouse, a veteran business writer who has been a regular contributor to Compliance Week since 2005. Her work has also appeared in industry journals and periodicals including Journal of Business Strategy, Strategy & Leadership, Compensation & Benefits Review, Inc, Buyside, and myriad others. Whitehouse welcomes questions and comments from readers; she can be reached via e-mail at twhitehouse@complianceweek.com.
21 results found, filtered by:
-
Accounting & Auditing Update Blog
Auditors May Disclose Framework Choice in Reports
Tammy Whitehouse | September 5, 2014
Companies choosing to stick with the old COSO internal control framework this year might find a mention of that fact by auditors in the audit report. Deloitte says just as companies are required to disclose what framework they are following, “it would be appropriate” for auditors to disclose too. Deloitte says it has observed that most companies are moving forward adopting the 2013 framework this year in accordance with COSO’s guidance on moving away from the 1992 framework to the new version. More inside.
-
Accounting & Auditing Update Blog
CAQ: Audit’s role in cyber-security exams
Tammy Whitehouse | September 15, 2016
Public company auditors are suggesting that companies voluntarily submit to an independent cyber-security examination separate from the existing financial statement audit. Tammy Whitehouse explores a new process for examining and reporting on a company’s cyber-security risk management.
-
Accounting & Auditing Update Blog
Compliance Leaders Like the Three Lines of Defense
Tammy Whitehouse | May 18, 2015
At Compliance Week’s annual conference this week, Jose Tabuena, chief compliance officer for NextHealth, advocated for the three lines of defense model. “I’ve worked with the accounting firms and those working with the COSO framework, and I find three lines of defense easier to explain,” he said. “The board may have limited time, and you have to explain a lot in that limited time. I don’t think the COSO cube does it.” More inside.
-
Accounting & Auditing Update Blog
COSO appoints new chair, may consider internal control guidance
Tammy Whitehouse | February 1, 2018
As new leadership takes the helm at COSO, the board is considering whether it can help sort out ongoing tension over public company internal control reporting.
-
Accounting & Auditing Update Blog
COSO ERM update will seek to elevate risk discussions
Tammy Whitehouse | February 23, 2016
When COSO unveils the draft update to its Enterprise Risk Management framework (possibly by late April), it will propose companies take risk considerations to the highest level in an entity’s strategy-setting and decision-making processes. The framework update exercise is expected to advance the idea, says COSO Chairman Robert Hirth, that risk should be governed and controlled within companies much the way internal controls are governed under COSO’s Internal Control – Integrated Framework.
-
Accounting & Auditing Update Blog
COSO Expects First-Quarter Release of ERM Update Draft
Tammy Whitehouse | October 19, 2015
COSO expects to publish a draft of its Enterprise Risk Management Integrated Framework in the first quarter of 2016. First released more than a decade ago, COSO opted to make updates in light of modern business conventions and practices. COSO Chairman Bob Hirth says, “It will be a more structured document, much like the updated internal control framework.” Details inside.
-
Accounting & Auditing Update Blog
COSO issues new fraud risk management guide
Tammy Whitehouse | September 28, 2016
COSO, author of the most widely accepted internal control framework in the United States has released a new guide meant to help companies beef up their fraud risk management. More from Tammy Whitehouse.
-
Accounting & Auditing Update Blog
COSO Launches Project to Update ERM Framework
Tammy Whitehouse | October 21, 2014
Now that its internal control framework is updated, the Committee of Sponsoring Organizations is gearing up to revise its enterprise risk management framework in a similar manner. “We’ve come to the preliminary conclusion that there’s probably been enough change from when the framework was issued in 2004 that we should start a questioning process just like we did with the internal control framework,” says COSO Chairman Robert Hirth. More inside.
-
Accounting & Auditing Update Blog
COSO offers up new ERM framework for review
Tammy Whitehouse | June 14, 2016
The Committee of Sponsoring Organizations of the Treadway Commission, or COSO, has unveiled a proposed redraft of its 2004 ERM framework. “We wanted to create a more robust focus on risk in the strategic planning process,” says PwC Partner Dennis Chesley, a lead partner for the revision project. Tammy Whitehouse reports.
-
Accounting & Auditing Update Blog
COSO publishes ERM examples to show case studies
Tammy Whitehouse | June 27, 2018
COSO has published an addendum to its ERM framework to illustrate examples of how to apply the framework to real situations.
-
Accounting & Auditing Update Blog
COSO publishes final version of updated ERM framework
Tammy Whitehouse | September 6, 2017
COSO has released its newly revised enterprise risk management framework, giving companies a new tool to consider in building out their ERM approaches.
-
Accounting & Auditing Update Blog
COSO Guidance Ties Frameworks to Cyber-Security Risks
Tammy Whitehouse | January 15, 2015
COSO is urging companies to look at its framework with not just financial controls in mind, but cyber-security as well. A paper from the Committee details how the five components of internal control apply to the assessment of cyber-risks, with discussion on how the principles underlying the risk assessment, control activities, and information and communication components can be leveraged.
-
Accounting & Auditing Update Blog
COSO, IAASB form ties to sustainability reporting
Tammy Whitehouse | January 31, 2018
Sustainability reporting is breaking new ground in attaching itself to traditional financial reporting after an advocate has formed some new relationships.
-
Accounting & Auditing Update Blog
ERM for ESG risks: Companies have new guidance to ponder
Tammy Whitehouse | February 16, 2018
COSO is looking for feedback on draft guidance regarding how its ERM framework can be used to manage risks in environment, social, and governance areas.
-
Accounting & Auditing Update Blog
IT Experts Offer Updated Guidance on IT Controls
Tammy Whitehouse | December 5, 2014
Companies struggling with information technology controls may gain tips from ISACA’s new guidance on scoping and assessment ideas for IT-related aspects of the COSO framework. “This latest guide will help professionals align with these changes in the industry,” said Ken Vander Wal, former ISACA president.
-
Accounting & Auditing Update Blog
New study shows low levels of comprehensive ERM
Tammy Whitehouse | March 27, 2018
Formalized, comprehensive approaches to ERM are not terribly baked into corporate practices, according to a recent study by the accounting profession.
-
Accounting & Auditing Update Blog
Poll Finds Uncertainty on COSO, Revenue Recognition
Tammy Whitehouse | January 21, 2015
Up to one-third of companies may not be implementing the new COSO framework for their 2014 financial reporting, and one-fourth don’t know when they will implement the framework.
-
Accounting & Auditing Update Blog
Report: Majority Adopt New COSO Control Framework
Tammy Whitehouse | April 13, 2015
With more than 3,000 filings collected through early April, three-fourths of publicly traded companies have disclosed that they have adopted the 2013 COSO internal control framework, with the rest either remaining on the 1992 framework or not disclosing what framework they followed, according to a study published by Protiviti.
-
Accounting & Auditing Update Blog
SEC settles with 4 companies over prolonged control lapses
Tammy Whitehouse | January 30, 2019
Apparently thumbing their noses at internal control requirements, four public companies have now settled charges with the SEC over prolonged failures to maintain ICFR.
-
Accounting & Auditing Update Blog
Two big holdouts still follow 1992 COSO framework
Tammy Whitehouse | December 9, 2018
A handful of holdouts are still disclosing they comply with SOX internal control reporting requirements by following a defunct COSO framework.
-
Accounting & Auditing Update Blog
With attest tool to come, AICPA issues cyber-reporting framework
Tammy Whitehouse | April 27, 2017
The accounting profession is getting some new tools to deploy in their growing involvement with addressing cyber-risk.
Displaying 21 results