COSO Issues Updated Internal Control Framework

By Cydney Posner

Last week, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) issued an updated Internal Control–Integrated Framework (2013 Framework) and related documents. The original framework, published in 1992, is widely identified by public companies as the framework used by management to assess the effectiveness of their internal control over financial reporting. The 2013 Framework was authored by PricewaterhouseCoopers under the direction of the COSO Board. At the same time, COSO issued Illustrative Tools for Assessing Effectiveness of a System of Internal Control and the Internal Control over External Financial Reporting (ICEFR): A Compendium of Approaches and Examples. The Illustrative Tools are designed to provide templates and scenarios that may be useful in applying the 2013 Framework, to "assist users when assessing whether a system of internal control meets the requirements set forth in the updated Framework." The ICEFR Compendium provides practical approaches and examples that illustrate how the components and principles set forth in the 2013 Framework can be applied in preparing external financial statements and, therefore, "is particularly relevant to those who prepare financial statements for external purposes based upon requirements set forth in the updated Framework."

As indicated in the FAQs, the 2013 Framework "builds on what has proven useful in the original version. It retains the core definition of internal control and the five components of internal control – Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring Activities. The requirement that each of the five components is present and functioning for an effective system of internal control remains fundamentally unchanged. The Framework continues to emphasize the importance of management judgment in designing, implementing and conducting internal control, and in assessing its effectiveness. The COSO Board wants the core strengths of the original framework to be preserved and the enhancements and clarifications included in the Framework to ease its use and application. The Framework and related illustrative documents are intended to (i) clarify the requirements of effective internal control, (ii) update the context for applying internal control by reflecting many of the changes in business and operating environments, and (iii) broaden its application by expanding the operations and reporting objectives." For example, "[o]ne of the more significant updates is the formalization of fundamental concepts introduced in the original framework." The 2013 Framework also takes into account changes in the business environment, including evolving technologies, increased complexities and globalization.

COSO believes that, depending on each user's particular circumstances, users should transition to the updated 2013 Framework as soon as is feasible. COSO will continue to make available its original framework during the transition period extending to December 15, 2014, after which time COSO will consider it as superseded by the 2013 Framework. COSO will also continue to make available its Guidance for Smaller Public Companies only until December 15, 2014. COSO recommends that, during the transition period, organizations reporting externally should clearly disclose whether they used the original framework or the 2013 Framework.

For the hardcore among you whose eyes didn't glaze over just reading this email, you can get more of the same in the executive summary at http://www.coso.org/documents/COSO%202013%20ICFR%20Executive_Summary.pdf.

This content is provided for general informational purposes only, and your access or use of the content does not create an attorney-client relationship between you or your organization and Cooley LLP, Cooley (UK) LLP, or any other affiliated practice or entity (collectively referred to as “Cooley”). By accessing this content, you agree that the information provided does not constitute legal or other professional advice. This content is not a substitute for obtaining legal advice from a qualified attorney licensed in your jurisdiction and you should not act or refrain from acting based on this content. This content may be changed without notice. It is not guaranteed to be complete, correct or up to date, and it may not reflect the most current legal developments. Prior results do not guarantee a similar outcome. Do not send any confidential information to Cooley, as we do not have any duty to keep any information you provide to us confidential. This content may be considered Attorney Advertising and is subject to our legal notices.