What is the COSO Framework?

  • Enables organizations to develop systems of internal control
  • Supports sound governance of the organization
  • Defines what constitutes a system of internal control
  • Demonstrates how to apply internal control effectively


In May 2013, an update to the 1992 COSO Framework was released.


Why did COSO update the Framework?

Changes in the business environment since 1992 were taken into consideration including:
  • Expectations for governance oversight, globalization of markets and operations
  • Increased complexities of business, laws and regulations
  • Increased reliance on technology
  • Changes to expectations relating to preventing and detecting fraud


What has changed?

The 1992 version used “fundamental concepts”. These concepts are now specifically part of the framework as the 17 Principles.

  • The 17 Principles are associated with the 5 components and provide clarity in designing and implementing a system of internal control.
  • Each principle has related “points of focus” to assist in the correct application of the principles into the internal control framework.


An effective internal control system includes:
  • All 17 Principles – Present & Functioning
  • The five components operating together in an integrated manner

Start now by mapping your existing controls to the 17 Principles and Points of Focus.
The sooner you start, the sooner you can take advantage of this opportunity to improve the efficiency and effectiveness of your internal control environment.