COSO Integrated Framework
Definition
A framework for internal control published by the Committee of Sponsoring Organizations of the Treadway Commission, defining five interrelated components: control environment, risk assessment, control activities, information and communication, and monitoring activities. The 2013 update formalised 17 principles within the five components and is the version currently in use.
Related terms
- COBIT
- Control Objectives for Information and Related Technologies, published by ISACA. A governance and management framework for enterprise IT that defines IT-specific control...
- Control environment
- The first and foundational component of the COSO framework. It encompasses the board's oversight, management's philosophy and operating style, organisational structure, commitment...
- Detective control
- A control designed to identify an error or irregularity after it has occurred. Examples include bank reconciliations, exception reports, variance analysis, and...
- IT general controls (ITGCs)
- Controls over the IT environment that support the reliable operation of application controls. Key categories include access management, change management, computer operations,...
- Preventive control
- A control designed to stop an error or fraudulent act before it occurs. Examples include segregation of duties, mandatory authorisation limits, access...
Explained in
- Internal Control Frameworks and Control DesignA framework for internal control published by the Committee of Sponsoring Organizations of the Treadway Commission, defining five interrelated components: cont...