May 20, 2013
From the Financial Reporting Network
On May 14, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) issued its updated InternalControl - Integrated Framework (2013) (2013 Framework) and related illustrative documents. The original COSO Framework published in 1992 is widely used by SEC registrants who are accelerated and large accelerated filers to assess the effectiveness of their internal controls over financial reporting.
The 2013 Framework does not represent a wholesale change of the 1992 Framework – it retains the definition of internal control, the COSO cube, including the five components Control Environment, Risk Assessment, Control Activities, Information & Communication, and Monitoring Activities. However, the 2013 Framework considers many changes in business and operating environments and technology during the 20 years since the issuance of the original Framework. The 2013 Framework adds additional structure by codifying fundamental concepts from the 1992 Framework as 17 required principles that are necessary to support the five components for effective internal control. The 2013 Framework also provides example characteristics for each of the 17 principles, called Points of Focus, to assist management in determining whether a principle is present and functioning.
In addition to the 2013 Framework, COSO also issued companion documents, Illustrative Tools for Assessing Effectiveness of a System of Internal Control, and the Internal Control over External Financial Reporting (ICEFR): A Compendium of Approaches and Examples.
COSO stated that users should transition their documentation and assessment of internal controls over financial reporting to the 2013 Framework as soon as is feasible under their particular circumstances. Both the 1992 and the 2013 Frameworks will be available during the transition period through December 15, 2014. After that date, COSO will consider the 1992 Framework as superseded.