COSO is a framework for internal control to protect against fraud. COSO is supported by five supporting organizations: the Institute of Management Accountants (IMA), the American Accounting Association (AAA), the American Institute of Certified Public Accountants (AICPA), the Institute of Internal Auditors (IIA), and Financial Executives International (FEI).
In Coral, we have a 6-phase Methodology, to help you achieve COSO implementation.
This phase involves determining key business objectives, that will drive the COSO framework implementation.
This phase involves performing gap analysis on COSO – 17 requirements as well as defining risk and control matrix for areas that have opportunities for fraud.
This phase involves our methodology that involves distribution of objectives, risks, and control responsibility to internal stakeholders. This also includes nomination of key roles such as risk and compliance officer – who will drive the ongoing compliance. Each business function has control framework.
This phase involves tracking the client risks, documentation and self-declarations till all internal controls are adequately implemented.
This phase involves measuring internal control changes on a scale of 0-100%. This gives assurance to internal stakeholders that the processes implemented are adequate (or at risk). If there are deviations or risks identified, they are treated. We have a structured methodology for implementation.
Internal audit involved an independent verification of risk and control implementation as a project and an assurance of the ongoing program.