The Committee of Sponsoring Organizations of the Treadway Commission (COSO) released their updated framework for assessing and reporting on the design and operating effectiveness of internal controls in May of this year. Have you adopted COSO’s new framework and adapted your policyIQ structure to accommodate it? The original integrated framework published by COSO and followed by the majority of public companies subject to the Sarbanes-Oxley Act was released in 1992. The foundation and guidance of the 1992 framework is considered valid and will continue to be made available until the committee (COSO) officially replaces it on December 15, 2014.
So, the clock is ticking.
RGP has helped a number of clients to adopt the new COSO framework and to use our in-house GRC application, policyIQ, to manage the documentation and processes associated with compliance. The process starts with seventeen principles that were introduced with the original framework, but were only highlighted and explicitly called out this year with the release of the new framework. Refer to COSO’s 2013 Internal Control—Integrated Framework for a detailed list and explanation of the seventeen principles.
Plan to transition – we can guide you
Our professional consultants can certainly help you with methodology including the assessment and development (or verification) of controls, as well as testing to ensure that the principles are met. Here are some simple steps you can take to plainly demonstrate consideration and alignment with the seventeen principles within policyIQ:
1. We recommend establishing an independent template for capturing them in your policyIQ site.
2. You may also wish to establish a separate Folder structure to easily trace each principle and related controls back to their associated COSO component.
Combining these steps with your ability to link related controls, tests and deficiencies will allow you to build reports illustrating those relationships and to present a complete picture of where you are meeting and, perhaps more importantly, where you are deficient in meeting the COSO principles.
Take 15 minutes today to set up your site—we can help!
If you have any questions or would like some help with implementation of the new COSO integrated framework or with documentation, reach out to us and we’ll put you in touch with the appropriate contact.