All COSO articles – Page 2
-
Article
Has the time arrived for a corporate overhaul of ERM?
Corporate approaches to risk management are not keeping pace with the velocity and complexity of risk in today’s business environment. Is it time for an ERM refresh?
-
Article
7 reasons to study COSO’s new Fraud Risk Management Guide
COSO’s new fraud guide is not mandatory but, says Tammy Whitehouse, public companies would be wise to study and consider it anyway because it could eventually become a requirement.
-
Blog
COSO issues new fraud risk management guide
COSO, author of the most widely accepted internal control framework in the United States has released a new guide meant to help companies beef up their fraud risk management. More from Tammy Whitehouse.
-
BlogCAQ: Audit’s role in cyber-security exams
Public company auditors are suggesting that companies voluntarily submit to an independent cyber-security examination separate from the existing financial statement audit. Tammy Whitehouse explores a new process for examining and reporting on a company’s cyber-security risk management.
-
Blog
COSO offers up new ERM framework for review
The Committee of Sponsoring Organizations of the Treadway Commission, or COSO, has unveiled a proposed redraft of its 2004 ERM framework. “We wanted to create a more robust focus on risk in the strategic planning process,” says PwC Partner Dennis Chesley, a lead partner for the revision project. Tammy Whitehouse ...
-
Article
How internal audit can help drive corporate culture
Traditional notions of audit are focused on verifying quantified data, but can audit provide that same benefit in the ether space of business, verifying the presence or absence of intangible characteristics? The internal audit profession is starting to believe it is possible, and its leaders are calling on audit executives ...
-
Blog
COSO ERM update will seek to elevate risk discussions
Image: When COSO unveils the draft update to its Enterprise Risk Management framework (possibly by late April), it will propose companies take risk considerations to the highest level in an entity’s strategy-setting and decision-making processes. The framework update exercise is expected to advance the idea, says COSO Chairman Robert Hirth, ...
-
Blog
COSO Announces Internal Control Certificate Program
The Committee of Sponsoring Organizations of the Treadway Commission is offering an Internal Control Certificate Program that offers financial professionals, including internal auditors and CPAs, the opportunity to earn a professional certificate in the 2013 COSO Internal Control-Integrated Framework. The course includes self-paced learning, a hands-on workshop, and an online ...
-
Article
Cloud Security Is a Challenge for Users and Providers
As more cloud storage providers evolve from consumer-based products to enterprise-grade services, compliance challenges are evolving along with them. Before entering into a service contract, companies must determine whether their data will be safe and all is in compliance with a growing list of regulations and security frameworks. The added ...
-
Blog
COSO Expects First-Quarter Release of ERM Update Draft
Image: COSO expects to publish a draft of its Enterprise Risk Management Integrated Framework in the first quarter of 2016. First released more than a decade ago, COSO opted to make updates in light of modern business conventions and practices. COSO Chairman Bob Hirth says, “It will be ...
-
Article
Frustrating Risk With the Right Internal Control Framework
Image: As cyber-security and IT controls rise up the priority list in corporate audits, a new wrinkle is emerging: numerous frameworks (COSO, NIST, CoBIT) used by numerous parties, all trying to build effective control systems. That could lead to painful detours in mapping controls, if compliance executives don’t plan carefully. ...
-
Blog
Mid-Year Look at Corporate Compliance in 2015
Image: Six months ago Compliance Week Editor Matt Kelly picked six events to watch in corporate compliance for 2015: political risk, Republican activism, confusion over revenue recognition, and more. With the year half over—and in the interests of holding people accountable, including Compliance Week editors—now seems a good time to ...
-
Article
Smaller Companies Struggle Forward on SOX Compliance, System Investments
More grist for smaller reporting companies unhappy with your compliance burdens: A new report finds that although all businesses continue to invest in SOX compliance, smaller companies still report less benefit from the effort. Inside, we look at which parts of compliance are most troublesome for small filers (“If they ...
-
Article
COSO Implementation Gets Gritty
Whether you adopted the new COSO framework for internal control last year or stalled into 2015, a chorus of voices say now is the time for implementation (or even polishing last year’s implementation) once and for all. “This year is the time to adopt,” says KPMG partner David Middendorf. Inside, ...
-
Blog
Compliance Leaders Like Three Lines of Defense
Image: At Compliance Week’s annual conference this week, Jose Tabuena, chief compliance officer for NextHealth, advocated for the three lines of defense model. “I’ve worked with the accounting firms and those working with the COSO framework, and I find three lines of defense easier to explain,” he said. “The board ...
-
Blog
Report: Majority Adopt New COSO Framework
With more than 3,000 filings collected through early April, three-fourths of publicly traded companies have disclosed that they have adopted the 2013 COSO internal control framework, with the rest either remaining on the 1992 framework or not disclosing what framework they followed, according to a study published by Protiviti.
-
Blog
The Logic Behind COSO’s ERM Framework Update
Even as compliance officers are still digesting the updated COSO framework for internal controls, COSO has set its sights on what’s next: an update to its enterprise risk management framework, likely to arrive sometime in 2016 or so. Why ERM? Why now? Inside, Compliance Week columnist Rick Steinberg walks us ...
-
Article
Smarter Assessments of Cyber-Risk
Image: Every compliance and audit executive wants to manage cyber-security risks. That assumes, however, that the whole organization agrees on what a cyber-security risk is. Taxonomies do exist to build a more disciplined approach to cyber-security. Try to take all steps to manage all such risks, and “it’s going to ...
-
Article
COSO Tacks Toward Cyber-Security
As cyber-security works its way onto the corporate board agenda, COSO is suggesting ways that its frameworks for internal control and risk management can be a starting point for companies to anticipate fast-emerging risks. “Just as the board is responsible for enterprise risk management, this is very similar,” says Mike ...
-
Blog
Poll Finds Uncertainty on COSO, Revenue Recognition
Up to one-third of companies may not be implementing the new COSO framework for their 2014 financial reporting, and one-fourth don’t know when they will implement the framework.
- Previous Page
- Page1
- Page2
- Page3
- Next Page