An Important Reminder From COSO
Norman Marks, CRMA, CPA, was a chief audit executive and chief risk officer at major global corporations for more than 20 years. The views expressed in this blog are his personal views and may not represent those of The IIA.
The updated COSO Internal Control–Integrated Framework can be used as a reminder that the root cause of most corporate problems comes either from issues relating to integrity or competence. In other words, the root cause is usually people.
The Control Environment component includes important Principles around both integrity and competence.
i recommend that organizations consider these Principles as high risk unless they can demonstrate through the actions they have taken to treat the risks (I.e., controls) that the risks are at acceptable levels.
Unfortunately, the tools available to test integrity and competence are rude and not always conclusive. But if we take the approach that we have to demonstrate they are at acceptable levels, rather than demonstrate they are not, I think we can go a long way.
What do you think?
Posted on May 30, 2013 by Norman Marks
Share This Article: