Adding Value with COSO: Beyond Compliance - eBook

After a number of major corporate scandals involving companies such as Enron and WorldCom, publicly traded organizations became regulated with the passing of the U.S. Sarbanes-Oxley Act of 2002. Since then, the vast majority of organizations that comply with Sarbanes-Oxley have converted their control documentation to the updated Committee of Sponsoring Organizations of the Treadway Commission’s (COSO’s) Internal Control – Integrated Framework, which was revised in 2013.

While some organizations found implementing the COSO framework to be relatively easy, some found it rather burdensome. Others used it as an opportunity to take a fresh look at internal control over financial reporting and, as a result, gained added assurance. However, COSO did not intend the framework to be used solely for financial controls. It was designed to help organizations effectively develop a system of internal control that would meet the challenges of an ever-changing business and regulatory environment.

The research for this report focused on four organizations that are applying the framework to all three categories of business objectives—operations, reporting, and compliance—in different ways. Some key findings emerged from interviews conducted with the four organizations. Their examples may help readers implement COSO’s framework to improve risk management and control in their organizations.

As an added value to this report, several organizations have generously agreed to share samples of the documentation used in implementing the framework. The COSO Implementation Toolkit lets you customize the samples to meet your organization’s needs and is included in the purchase price of this report.