Preface
INTERNAL CONTROL IS A BASIC management concept that covers all aspects of enterprise operations, from basic accounting processes to production operations to IT systems and more. However, in past years, it was one of those nice-sounding expressions where no one really had a consistent definition about what was meant by effective internal controls. Then, after a series of accounting scandals in the early 1990s, a group of professional accounting and finance organizations, including the American Institute of Certified Public Accountants (AICPA), formed what has become the Committee of Sponsoring Organizations (COSO) to develop a consistent framework to define the concept of internal controls.
After a lengthy period of review and comments as a public exposure document, the initial COSO internal control framework was released in 1992. It is not a formal standard or a set of governmental regulations but a framework outlining the characteristics and concepts of an effective system of internal control for enterprises of all types and sizes. It was soon adapted as a requirement for external auditors in their assessments of financial statement internal controls, and it became a key measure for assuring Sarbanes-Oxley Act (SOx) compliance.
Although this framework has remained unchanged and in effect since its 1992 release, that original framework no longer really reflected some of the massive changes in IT and business systems since then, as well as the more collaborative and international ...
Get Executive's Guide to COSO Internal Controls: Understanding and Implementing the New Framework now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
