COSO ERM framework

COSO, the "Committee Of Sponsoring Organizations of the Treadway Commission" is a United States based nonprofit commission that was established in 1992 with a mission of providing guidance to executive management and governance units on varied and significant aspects of organizational governance, business ethics, internal control, enterprise risk management, fraud, and financial reporting. With COSO's internal control model, any company can evaluate the efficacy of their control systems.

Unlike any other risk management framework, COSO ERM framework delineates essential components, proposes a common language, and provides clear direction and guidance for enterprise risk management.

COSO and Enterprise Risk Management
As defined by the COSO framework, ERM is ". a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risks to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives."

Key Concepts of COSO
The COSO framework contains some key concepts such as:
  • Internal control is a process.
  • It is not a mere policy or form but a process that can be affected people at the entry level of a system
  • Only reasonable assurance not an absolute assurance can be expected of COSO ERM
  • It strives to achieve the set objectives in one or more separate but overlapping categories.
Five Interrelated Components of COSO
As per the COSO framework, ERM consists of five interrelated components. These are:

Control Environment - Control environment refers to the solidarity and moral values of a company which includes its code of conduct, involvement of the Board of Directors and other actions that defines the character of the company

Risk Assessment - A process needed to be done by the management to identify the potential risk components that could fetch falsified financial statements and craft means to address those risks

Control Activities - Control activities can themselves be considered as "the internal controls." The activities include segregation of duties, account reconciliations and information processing controls that protect assets and enable an organization to prepare reliable financial statements on time.

Information and Communication - This important component involves internal and external reporting procedure and also assessment of the technology environment.

Monitoring - This component affirms that internal control is being monitored over time to assessing the quality of a company's internal control and also recommends necessary actions to address the risks of the organization.

Want to learn more about COSO ERM framework? CO webinars are a great way to understand more about COSO ERM framework. These industry leading and world class webinars are conducted by leading experts and professionals with years of experience in the field of COSO ERM framework. These webinars are easily available as on demand recordings and CDs at very affordable prices. So what are you waiting for? If you want to provide world class training to your employees on COSO ERM framework, CO webinars are the way to go!

Control Activities Component of COSO at the Entity Level
This COSO training will provide an in depth look at the Control Activities Component of COSO at the Entity Level.
More Info
Leveraging 2009 COSO Monitoring Guidance for SOX
This COSO Monitoring Guidance webinar/training will cover the overview of why this guidance was issued, what the benefits offered by COSO in this new 2009 Guidance and Will demonstrate practical tips you can leverage today to lower your SOX compliance costs.
More Info
Risk Assessment Component of the COSO Internal Control Framework
This COSO training will provide an overview of the materials available from ISACA (Information Systems Audit and Control Association) which are the key to building a set of comprehensive General IT Controls to meet SOX requirements.
More Info
COSO 2009 Monitoring Guidance - Learn Key Concepts for Operational and Financial Statement Controls
This COSO 2009 Monitoring Guidance training will discuss the concepts offered in the three volumes proposed in New 2009 COSO Guidance for intended to promote monitoring program.
More Info
Internal Audit and Risk Mitigation - Effective and practical use of the COSO and COBiT methodologies
This Internal audit training is to align the audit risk assessment, audit ecosystem, audit plan, and audit engagements with the larger organization's strategy, vision, and values.
More Info