Hello everyone, being a long time since I put anythink up here. Does anyone know how their company plans on handling the new COSO Internal Control Framework? Are you guys going to go through the new requirements and see what you are lacking and adjust what you do or what?
I would start with COSO, which issued an executive summary and FAQ document, to get an overview of what has/has not changed. All of the major accounting firms have issued COSO summaries as well, which you can get on their websites. Also check out the IIA’s COSO Resource Center. One of the items there is an article by Stephen McNally called “The 2013 COSO Framework & SOX Compliance.” He outlines a basic approach to understanding the new framework and transitioning to it. I don’t think most companies will need to put in quite as much effort as the article implies, but it’s a structured thought process you should go through.
I am using 2013 as a “dry run” by taking our existing documentation and trying to match each existing control to one of the 73 “points of focus.” The guidance is clear that you don’t have to identify controls for each individual point of focus, only for each of the 17 principles. But I am finding it is a useful exercise. I think it helps identify any significant gaps in controls as well as telling you if you have “controls” that are really just extraneous information (like we do). I can evaluate the controls we currently have to see if they still make sense within the new framework. If there are any points of focus that don’t have a control, I can pinpoint those and better evaluate whether the controls I do have meet the new principles.
How are you getting 73 Points of Focus. The COSO materials have 87 or 75 POFs depending on which document you are using. Principle #6 has 15 POFs in the Illustrative Tools yet the Compendium only lists 3 POFs.
I believe my count came from one of the earlier COSO drafts. I just saw a handout from one of the big consulting firms that said there were 79. The Excel templates of Illustrative Tools that came with the final COSO version have 92, by my count. However you count them, there's a bunch!