Sunday, January 17, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Risk

Tips for Those Who Missed the December COSO Deadline

by Timothy O'Hara
February 3, 2015
in Risk
Tips for Those Who Missed the December COSO Deadline

The Wall Street Journal reported in November that smaller companies were slow to adopt new rules for internal controls put in place by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) – the 2013 Internal Control Integrated Framework.

The framework was designed to help organizations implement internal controls in response to changes in business and operating environments since the issuance of the original framework in 1992. The framework also broadens requirements for the application of internal controls, clarifying what constitutes an effective internal control, defined by COSO as “a process, effected by an entity’s Board of Directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting and compliance.”

Now, for companies large and small, time is up: the deadline to map to the new rules was December 15.

While, technically, the rules are not requirements, they do constitute a “suitable framework” to comply with Sarbanes Oxley (SOX) provisions for internal control and financial reporting, providing meaningful standards for auditing with little room for deviation. As a result of the “suitable framework” language, adopting the COSO framework allows publicly traded companies in the United States to effectively kill two birds with one stone, integrating the best practices provided by the COSO framework while also complying with the regulatory requirements of SOX.

If you’re an executive at a publicly run company and you’ve just now discovered this lapse, you might be feeling overwhelmed as you run through the scenarios and begin planning how you’ll get your business up to par. You may want to consider engaging a partner – someone who has implemented this framework before.

For those seeking guidance, here are six tips to consider – before the Securities and Exchange Commission (SEC) comes knocking at your door:

  1. Get up to speed. Assess the situation and obtain the information you’ll need to ensure everyone on your team knows what they need to know. If necessary, find a third-party partner who can help.
  2. Design an implementation plan. Identify who, what, when, where, how and why for all of the integral steps you’ll need to comply with the new rules.
  3. Assess to determine control gaps. COSO’s guidance includes 17 principles across five components of internal controls: control environment, risk assessment, control activities, information and communication and monitoring. You’ll want to align your control activities with the COSO principles and remediate any design controls that fall short.
  4. Validate all data sources.
  5. Follow through – and integrate across your enterprise. Complete your plan, identifying the resources you’ll need, the tests you’ll want to conduct and a realistic and concrete timeline to implement.
  6. Test your controls for operating effectiveness. Do your controls monitor what you intend them to?
  7. Communicate your results. Ensure leadership and all other parties are aware of the process and the need for improved data integrity overall.

Missing the COSO deadline was a mistake, sure, but you still have time before the SEC starts looking at companies still operating under the 1992 guidelines. Follow these steps and you’ll quickly move toward compliance.


Tags: COSO
Previous Post

Compliance Training Goes Global

Next Post

Franchising and Liability Under the FCPA

Timothy O'Hara

backgroundTimothy O’Hara is an account executive, CPA and ICCS with Infogix, Inc., a pioneer in data integrity and analytics solutions that unites predictive analytics with comprehensive data controls and protection. As an advocate for his clients, Tim helps them maximize their return on investment through data integrity and data analytics solutions. These solutions improve the efficiency and effectiveness of their processes, information content and systems. His clients include Fortune 500 and mid-sized companies in various industries including telecommunications, media, government, financial services, manufacturing, retail, business services and consumer goods. The foundation of his experience is his CPA and ICCS Risk Certification where he mastered transaction processing (Order-To-Cash, Purchase-to-Pay, etc.), financial reporting, business information exchanges (B2B, B2C, B2G, G2G) and fraud. Tim used these skills, knowledge and his passion for helping people to enable his clients to transform their operations over time. Tim is continuing his learning in business analytics, social media, and forensic accounting. Tim received his B.S in Accounting from the University of Scranton. Tim has lectured and published articles on Big Data, Data Warehouse Testing and Monitoring, and Information Risk Audit and Control.  

Related Posts

green city papercut on recycled paper background

Managing the Climate Risk Mandate

January 7, 2021
digital rain on abstract binary city

Has Your Organization Assessed Its Digital Readiness?

January 5, 2021
red party hat, champagne flute and laptop

Legal Risks with Virtual Holiday Work Parties

December 18, 2020
robot hand pushing dominoes in a line

Risk Management and AI: A Regulatory Path Forward

December 11, 2020
Next Post
Franchising and Liability Under the FCPA

Franchising and Liability Under the FCPA

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management culture of ethics cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence fcpa enforcement actions financial crime GDPR GRC HIPAA information security internal audit KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights