OPERATIONS AUDIT: DISCUSSION ASSIGNMENT WEEK 4

Control Frameworks

Business processes need to be well controlled. The purpose of this week's lecture is to explain how control may be achieved, and how to assess whether this is so. We will do this by introducing a number of internal control paradigms, or frameworks. In covering these matters we will, of course, need to explain what is understood by the phrase “internal control”. “Internal control” as an expression is distinctive from “external control”, the latter being control exercised over the business from outside by owners and other stakeholders. “Internal control” is the control exercised within the business by management and overseen by the board. It also includes the control of activities that have been outsourced (Chambers & Rand).

CONCEPT OF INTERNAL CONTROL

Internal control comprises the plan of organization and the co-ordinate methods and measures adopted within a business to safeguard its assets, check the accuracy and reliability of its accounting data, promote operational efficiency, and encourage adherence to prescribed managerial policies.

AICPA distinguished between accounting and administrative control, largely for pragmatic reasons as they needed to provide a focus on the controls most relevant to their members engaged as external auditors. Internal Accounting Control comprises the plan of the organization and the procedures and records that are concerned with the safeguards of assets and the reliability of financial records. Internal Administrative Control includes, but is not limited to, the plan of organization and the procedures and records that are concerned with the decision processes leading to management’s authorization of transactions. Such authorization is a management function directly associated with the responsibility for achieving the objectives of the organization and is the starting point for establishing accounting controls of transactions.

DISCUSSION ASSIGNMENT

WHAT IS THE BEST INTERNAL CONTROL (IC) FRAMEWORK AND WHY IS IT THE MOST EFFECTIVE FOR YOU AND TO AN ORGANIZATION?

Please provide your answers with a minimum of 200 words and a maximum of 500 words through this page link. Please observe proper citation and use APA format 7th edition.

FOLLOW THESE INSTRUCTIONS:

(1) INDICATE YOUR FULL NAME AND STUDENT NUMBER at the end of your post

(2) IF YOUR POST IS MORE THAN 300 WORDS, PLEASE SPLIT IT INTO TWO OR THREE POSTS

(3) REPLY TO AT LEAST THREE of your classmates' perspectives to RISK ASSESSMENT and RISK MANAGEMENT.

The cut-off date in posting to this discussion forum is until November 10, 2021 11:55PM Philippine Time.

NOTE: Do not create a new question in the eRTU Discussion Forum. Please answer directly through this discussion link posted by Prof. Markie Grabillo.

Comments

Mark Raven R. DizonNovember 4, 2021 at 5:40 AM
WHAT IS THE BEST INTERNAL CONTROL (IC) FRAMEWORK AND WHY IS IT THE MOST EFFECTIVE FOR YOU AND TO AN ORGANIZATION?

The best internal control (IC) framework is “Internal Administrative Control”, internal controls are policies and procedures a business follows in its operations. Administrative controls include determining the segregation of duties among departments and employees, deciding which departments are authorized to conduct particular activities and developing independent verification systems. The latter means that the departments oversee one another's activities, providing a system of checks and balances. Accounting departments set different types of internal controls. These controls include policies and procedures that protect a company's finances and financial records. Other controls determined by the accounting department provide for financial review and appraisal, in the form of auditing and evaluation of the company's finances. Documents used for keeping financial records, such as invoices and time cards, are another control the accounting department determines. (Gary A. Porter and Curt L. Norton 2014) "Financial Accounting: The Impact on Decision Makers."
It is not limited to, the plan of organization and the procedures and records that are concerned with the decision processes leading to management’s authorization of transactions. Such authorization is a management function directly associated with the responsibility for achieving the objectives of the organization and is the starting point for establishing accounting controls of transactions. (Jajodia, S., McGregor, G. W., List, W., & Strous, L. A. 2013). Integrity and internal control in information systems: Volume 1: Increasing the confidence in information systems. Springer.

DIZON, MARK RAVEN R.
2019-107007
ReplyDelete
Replies
Mark Raven R. DizonNovember 4, 2021 at 5:40 AM
In my opinion, “Internal Administrative Control” is best for organization because it focuses with the decision making related to company’s transactions. Its purpose is to achieve organization’s objectives and establishing accounting controls for transactions.
A properly designed system of internal controls aims to ensure the integrity of assets, allows for reliable accounting information and financial reporting, enhances efficiency within an organization, and provides guidelines and possible consequences for dealing with breaches. (Franklin, M., Graybeal, P., & Cooper, D. 2019). Principles of accounting volume 1 - Financial accounting.
References:
https://smallbusiness.chron.com/differences-between-administrative-accounting-30634.html
https://markgrabillo.blogspot.com/2021/10/operations-audit-discussion-assignment_11.html
https://opentextbc.ca

DIZON, MARK RAVEN R.
2019-107007
ReplyDelete
Replies
Christian CasalNovember 4, 2021 at 1:11 PM
The COSO Internal Control Framework is the best internal control framework in terms of effectiveness for the organization. This organization possesses five characteristics that aid the organization in the achievement of its objectives. Take command of your surroundings first. Having policies, procedures, and discipline in place makes it much easier for the control environment to get around problems related to internal control. The Risk Assessment is the second step. A particular type of risk exists for every firm. Organizations can use the characteristics of COSO to identify specific industry risks as well as risks to the enterprise as a whole. Control activities are the third type of activity to mention. It is important to follow particular procedures to guarantee that the organization has taken the appropriate preventive measures in response to the risk that was encountered. In the fourth category, we have information and communication technologies. It assists the company in ensuring that everyone in the various sectors is up to date on the current flow in all directions, which is beneficial. The last one is in charge of keeping an eye on the situation. Companies can use the COSO internal control framework to constantly monitor internal control and fix any abnormalities as soon as they occur. Aside from that, the COSO framework assists organizations in ensuring that their assets are protected from fraud and that their operations are efficient and successful. For financial reporting, this framework assists the organization in making sure that their financial reporting is timely, transparent and dependable.

Reference:

Dunkelberger (2019). How Can The COSO Framework Improve Your Organization’s Internal Controls. Retrieved November 5, 2021, from https://www.ispartnersllc.com/blog/how-coso-framework-improve-internal-controls/

CASAL, CHRISTIAN T.
CBET-01-503A
ReplyDelete
Replies
Jennalyn BatjerNovember 4, 2021 at 10:39 PM
Internal control aids organizations in achieving essential goals and maintaining and improving performance. The best internal control framework is the COSO Framework. The Internal Control—Integrated Framework from COSO helps organizations to design internal control systems that adapt to changing business and operating environments, minimize risks to acceptable levels, and support sound decision making and governance. Committee of Sponsoring Organizations (COSO) framework developed for evaluating internal controls. This model has become the widely acknowledged framework for internal control, and it is widely recognized as the standard by which firms judge the efficiency of their internal control systems. According to the COSO model, internal control is "a procedure carried out by an entity's board of directors, management, and other staff to provide reasonable assurance of the attainment of objectives."

The following five components of an effective internal control system work together to help an organization achieve its mission, strategies, and related business goals: Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring. Through direct leadership, common values, and a culture that emphasizes accountability for control, these components work to lay the groundwork for strong internal control within the organization. The company's numerous risks are identified and reviewed on a regular basis at all levels and across all functions. Control operations and other methods are planned ahead of time to handle and minimize major threats. Information crucial to recognizing risks and fulfilling business objectives is disseminated throughout the organization via established channels. The entire internal control system is constantly monitored, and faults are promptly remedied (Protiviti KnowledgeLeader, 2020).

References:
Internal Control - Integrated Framework. (2013). Committee of Sponsoring Organizations of the Treadway Commission (COSO). https://na.theiia.org/standards-guidance/topics/documents/executive_summary.pdf

Protiviti KnowledgeLeader. (2020, March 12). Five Components of the COSO Framework You Need to Know. https://info.knowledgeleader.com/bid/161685/what-are-the-five-components-of-the-coso-framework

Batjer, Jennalyn P.
2019-101439
ReplyDelete
Replies
UnknownNovember 4, 2021 at 10:39 PM
All businesses must have controls in place to reduce risk and ensure accurate financial reporting. Management implements systems, practices, and strategies to assure the company's quality and productivity, the integrity of evaluation of financial reporting, and compliance with regulations and laws. The most effective internal control framework for me is the COSO framework. I have read that it is regarded the best practice, and as a result, majority of companies have adopted it. Companies can be more optimistic that their internal control systems can mitigate risks to an acceptable level owing to the said framework.

Internal control objectives are divided into three categories under the COSO framework: operations, reporting, and compliance (Snook, 2019). Safeguarding the organization's assets from fraud are examples of operations objectives that focus on the efficiency of daily operations; reporting objectives that relate to the organization's reporting practices' openness, timeliness, and dependability is the objective of reporting; and conforming to rules and regulations that the organization must follow are known as compliance objectives. When it comes to creating an internal control system, the COSO framework is an excellent starting point. It is also effective because of its flexible and comprehensive system in order to apply to a wide range of sectors and processes.

References:

Snook, A. (2019). COSO Framework: What it is and How to Use it. https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/

LEYCO, PATRICIA DENISE P. (2019-101438)
ReplyDelete
Replies
Angelika D. FranciaNovember 4, 2021 at 10:44 PM
The COSO framework is the most effective internal control framework among them all. However, if it is for the IT audit industry, the COBIT framework is the ideal option because it is developed for IT governance and management. Furthermore, the CMMI framework is widely utilized in project management, process evaluation, and performance improvement environments.
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) internal control framework that businesses most commonly utilize to maintain an efficient and effective financial statement control environment. This framework is made up of five components that are further subdivided into 17 principles. The concepts are further broken down into 87 areas of emphasis to give thorough assistance to managers when establishing or redesigning internal controls for audit risk assessments and risk management (Auditboard, 2021).
The framework emphasizes the significance of management judgment in planning, implementing, and carrying out internal control, as well as evaluating the success of an internal control system. Simultaneously, the Framework incorporates changes and clarifications designed to make usage and application easier. It helps businesses to design and manage internal control systems in an effective and efficient manner, increasing the possibility of accomplishing the entity's objectives and adapting to changes in the business and operating environments (Internal Control-Integrated Framework, 2013).

References:
Auditboard. (2021). Auditing with COSO, COBIT, and ISO Control Frameworks. https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/
Internal Control - Integrated Framework. (2013). Committee of Sponsoring Organizations of the Treadway Commission (COSO).https://na.theiia.org/standardsguidance/topics/documents/executive_summary.pdf

-FRANCIA, ANGELIKA D. (2019-101440)
ReplyDelete
Replies
Leila Lauren CarlosNovember 5, 2021 at 12:17 AM
For me, the best Internal Control Framework is the COSO Framework. Internal control is a continuous process that is handled and influenced by management and a brand's board of directors, according to this framework. Internal control, when utilized correctly, can assist ensure operational success, increase efficiencies, and even keep a company in conformity with regulations and laws. COSO is divided into five main categories to make implementation easier and to ensure that nothing is overlooked.

The components listed below help an organization achieve its goals and mission by allowing it to better achieve its specified objectives in a healthy and effective system.

1. Control Environment- an organization’s leadership, mission, goals, and expected outcomes are all included in this section. This key component includes your ethics policy and commitment to honesty, as well as your commitment to excellence and the structure of your hierarchy.
Its control environment may comprise the management team and Board of Directors, the HR department and how they engage with employees, and even its internal regulations, depending on the firm. The organization can run more efficiently and with less strife and risk if its control environment is healthy. This crucial COSO Framework component requires the appropriate people in the right roles to succeed.

2. Risk Assessment and Management- What are the challenges that a company's brand faces? This crucial COSO component identifies and addresses dangers and vulnerabilities, allowing them to fully comprehend the risks. Risk assessment is a thorough examination of the company's goals, methods, and, most importantly, where and how things could go wrong.
They may face threats from outside sources, ranging from cyber assaults and data theft to the loss of valuable information, formulas, and processes, depending on their company model and industry. They may also be subject to severe compliancy and regulatory risk; brands in the healthcare, manufacturing, and development industries all face unique hazards.

-----to be continued
ReplyDelete
Replies
Rhea Lyn MendozaNovember 5, 2021 at 5:59 AM
An internal control framework is a systematic source of audit guidelines that organizes and categorizes presumptive controls or control systems. A well-functioning internal control process provides users with reasonable assurance that a company's performance reports are accurate and that they can be relied on to make sound decisions. Some organizations, such as the COSO internal control framework, create control frameworks for general purposes, whereas others are more specific. The most widely adopted internal control framework is the COSO framework. The internal control framework developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) that corporations most commonly use to run an efficient and effective internal control environment. This internal control framework, which is made up of five COSO components and 17 principles, is used by many organizations to ensure compliance with the audit requirements. (AuditBoard, 2021) These internal control framework principles refer to the elements to be considered in order for the entity's internal control scheme to be considered effective. To achieve an effective overall system of internal control at the entity as a whole, controls must adequately meet the five COSO components and principles.

Furthermore, the COSO internal control framework is shared by all system and organizational control reports used by service organizations to provide user entities with information about their control environment over the services provided that ensures the accomplishment of their service commitments and system requirements.
I believe that this framework was designed and created to provide effective leadership on internal control, fraud prevention, and enterprise risk management through the development of comprehensive frameworks and guidance. It’s primary goal is to enhance and identify and oversight areas of improvement while reducing the extent of the risk of fraud.

Reference:
AuditBoard. (2021, March 03). Auditing with COSO, COBIT, and ISO Control Frameworks. Accessed October 29, 2021, from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/

-MENDOZA, RHEA LYN B. (2019-101819)
ReplyDelete
Replies
Loneil NeriNovember 5, 2021 at 9:09 AM
An internal control framework is a structure guide that organize and categorizes expected controls or control topics (AUDITBOARD, 2021). An organization uses control framework in risk assessment and management as the basis for creating effective internal control processes to minimize or mitigate the risk. COSO (Committee of Sponsoring Organizations) framework is the most popular framework among the corporations and other organizations. And it might be also the most effective internal control framework. Because it provides broad and detailed representation than other framework, that assessed the three primary activities and sources of risk within the organization namely operations, financial reporting, and compliance. COSO internal control framework explain that there are five essential components of internal control, such as Control environment, Risk Assessment, Control activities, Information and communication, and Monitoring. Through this framework, the organizations will have a systematic guide from identifying until mitigating the risk to monitoring that it will not emerge again to threaten the entity to achieve its objectives. As well as, COSO framework as the baseline of designed internal control processes gives assurance to auditors and audit committee for organization’s efficient and effective operations, reliable financial reporting, and compliance with the law and regulations. Which does not necessary for the entity to provides additional work to achieve those objectives. COSO framework provides discipline in the organizations and its members. Also, includes how should the organization respond correctly to the identified threat. It creates policy to achieve the business objectives and what are the necessary procedures to establish that policy. Ensuring that relevant information of the organizations is received by the right people during designated period. And the board of directors undertake the responsibility on monitoring the effectiveness of internal control system in this framework (Chambers & Rand, 2010).

References:

AUDITBOARD. (2021, November 4). AuditBoard. Retrieved November 5, 2021, from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/?fbclid=IwAR1_0CSDj2RvtukRopviiAshaMk6ZJQPbInajnhMRZxKg4i1eZem25IkvDw#:%7E:text=The%20COSO%20framework%20is%20the,effective%20financial%20statement%20control%20environment

Chambers, A., & Rand, G. (2010). The Operational Auditing Handbook: Auditing Business and IT Processes (2nd ed.). Wiley. Pp 118-128

Neri, Loneil Bert L. | 2019-105281
ReplyDelete
Replies
RheabelleNovember 5, 2021 at 10:08 AM
This comment has been removed by the author.
ReplyDelete
Replies
RheabelleNovember 5, 2021 at 10:10 AM
1/2
Many Internal control frameworks are being developed by different auditors and risk control experts such as COCO Framework, COBIT Framework, GTAG Framework, ISO Framework, ITIL Framework, CMMI Framework, and lastly the COSO Framework which aims for the three objectives of internal control which includes (1) effectiveness and efficiency operations, (2) Reliability of Financial Reporting, and (3) compliance with applicable laws and regulations. Among the aforementioned frameworks, I believe that the best internal control framework that was developed at this time is the COSO Framework (Committee of Sponsoring Organizations of the Treadway Commission Framework) which I perceived to be the best guideline in evaluating internal control in an organization. Obviously, by looking at the COSO framework, it was presented in a cube figure that’s why it is called “COSO cube” because it shows the relationship between all the parts of an effective internal control system. Wherein, the columns are the three objective categories (operations, reporting, and compliance). The rows consist of the five components (Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring Activities. While in the third dimension of the cube represents the organizational structure (Entity Level, Division, Operating Unit, Function).
ReplyDelete
Replies
RheabelleNovember 5, 2021 at 10:11 AM
2/2
Basically, looking at the cube for the first time is a bit confusing for a layman but when you try to understand every detail of it especially as an internal auditor, you will then understand how its cube parts are interrelated with each other and how it is useful in assessing risk management and controls. In addition to that, according to the Knowledge Leader Blog, “COSO cube has been adopted as the generally accepted framework for internal control and is widely recognized as the definitive standard against which organizations measure the effectiveness of their systems of internal control.” This means that COSO framework is a worthy option in modifying systems of internal control because it manages the loopholes of risks by simply analyzing the cube.

References:
Snook, A. (2019), COSO Framework: What it is and How to Use it, https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/

Protiviti KnowledgeLeader (2020), Knowledge Leader Blog: Five Components of the COSO Framework You Need to Know, https://info.knowledgeleader.com/bid/161685/what-are-the-five-components-of-the-coso-framework

ESCRITOR, RHEABELLE: 2019-106337
ReplyDelete
Replies
Erika MagtibayNovember 5, 2021 at 7:10 PM
1/2

In my opinion and further study of all the internal frameworks out there, COSO is the best and most useful framework. The COSO (Committee of Sponsoring Organization) Framework is a set of guidelines for establishing, implementing, and assessing internal controls in organizations, as well as for managing enterprise risk. It was written for the Internal Control Integrated Framework, or ICIF, which is widely used in the US. The first version of the COSO framework was created in 1992, and the most recent version was launched in 2013. To comprehend the framework, you must first comprehend what it encompasses. Internal control according to the COSO focuses on fulfilling operational, reporting, and compliance goals. It is the most effective for me and for an organization to use because of its internal control system components. Those components are, control environment, risk assessment, control activities, information and communication, and last but not the least is monitoring. Let’s discuss further why those five components make this framework more effective. First, the control environment is a set of standards, methods, and structures that serve as the foundation for the implementation of internal controls within a company. Second is the risk assessment which is very important in internal control as this has the ability to establish objectives and determine their suitability for your business and the process for weighing risks versus risk tolerances.

Erika Y. Magtibay
2019-105480
ReplyDelete
Replies
Erika MagtibayNovember 5, 2021 at 7:12 PM
This comment has been removed by the author.
ReplyDelete
Replies
Patricia Lynn D. GuamosNovember 5, 2021 at 7:52 PM
An organized guide that collects and categorizes expected controls is known as an internal control framework. Some organizations create control frameworks for general objectives, such as the COSO Framework, while others, such as the COBIT Framework, are more focused. When a company employs a control framework effectively, management creates internal control processes that use the framework as a foundation. This assists the company in developing control methods that produce and sustain value while minimizing risk. The COSO framework is the most effective internal control structure in my perspective. The COSO framework teaches that an internal control system has five components. First, the control environment is the collection of standards, processes, and structures that serve as the foundation for implementing internal controls throughout the business. This encompasses company ethical beliefs, organizational structure, dedication to hiring competent people, and human resource policies. Following that, risk assessment entails the organization's examination of the risks caused by internal and external changes, the capacity to set targets and decide their acceptability for your business, and the procedure for comparing risks vs. risk tolerances. Control activities are the duties and activities that contribute to achieving the company's internal control objectives. Verifications and approvals, business performance, and assessments are examples of such actions. These two are identified as crucial components of any internal control system by the information and communication component. COSO emphasizes the need for relevant and high-quality information in regulating functions. A solid system necessitates internal communications stressing the importance of control responsibilities and clear expectations with external partners. Finally, it is just as crucial to monitor your internal controls as it is to develop them. Use continuous assessments incorporated in business processes and standalone evaluations regularly, the frequency of which will vary based on the amount of risk, system efficacy, and regulatory requirements.

(2021). Auditing with COSO, COBIT, and ISO Control Frameworks. AuditBoard. Time Retrieved 7:16PM.
https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/
Ann Snook (2019). COSO Framework: What it is and How to Use it. i-Sight Time. Retrieved 11:03PM.
https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/

GUAMOS, PATRICIA LYNN D. 2019-103828
ReplyDelete
Replies
Lexter M. TandayuNovember 5, 2021 at 11:24 PM
This comment has been removed by the author.
ReplyDelete
Replies
Hans Theo ValenzuelaNovember 6, 2021 at 2:22 AM
It depends but primarily COSO is used all around. COBIT stands for Control Objectives for Information and Related Technology. It is a framework created by the ISACA (Information Systems Audit and Control Association) for IT governance and management. It was designed to be a supportive tool for managers—and allows bridging the crucial gap between technical issues, business risks, and control requirements. COBIT is a thoroughly recognized guideline that can be applied to any organization in any industry. Overall, COBIT ensures quality, control, and reliability of information systems in an organization, which is also the most important aspect of every modern business (Simplilearn, 2021) while the Capability Maturity Model Integration (CMMI) is a process and behavioral model that helps organizations streamline process improvement and encourage productive, efficient behaviors that decrease risks in software, product, and service development (White, 2021).
What is COSO? According to Snook (2019), The original COSO framework was developed in 1992, with the most recent version published in 2013. To understand the framework, you must understand what it covers. According to COSO, internal control:
• Focuses on achieving objectives in operations, reporting and/or compliance
• Is an ongoing process
• Depends on people’s actions, not merely written policies and procedures
• Provides assurance senior management of security to a reasonable degree
• Can be adapted to the needs of the whole organization as well as each department, unit or process
The COSO Framework is more widely used because it holds more grounds and does not hold a specialization unlike COBIT. More companies and business entities will use this more because of this.

Sources:
Simplilearn (2021, October) Understanding What is COBIT and COBIT Framework
https://www.simplilearn.com/what-is-cobit-significance-and-framework-rar309-article

White S, (2021, June) What is CMMI? A model for optimizing development processes
https://www.cio.com/article/2437864/process-improvement-capability-maturity-model-integration-cmmi-definition-and-solutions.html
Snook A, (2019, November) Coso Framework: What Is It and How to Use It
https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/
Hans Theo Ezequiel N. Valenzuela (2020-110421)
ReplyDelete
Replies
Lexter M. TandayuNovember 6, 2021 at 4:12 AM
An internal control framework is a structured guide that organizes and categorizes expected controls or control topics (AuditBoard, 2021). Basically, this is the baseline of an organization in developing, implementing, and assessing control processes. With a variety of frameworks available, management can opt to choose which frameworks to use. However, there is a constraint in choosing internal control framework - that is to consider if the framework chosen is suitable and applicable in terms of attaining the objectives of an organization. Though, these internal control frameworks have the same objectives and are designed to help organizations place an effective system of internal controls while minimizing risks. It is still important to choose what's best for the organization.
There are numerous internal control frameworks, it can be for general or specific purposes. But if there is the best among these frameworks, I consider the COSO Internal Control-Integrated Framework. It is the first Internal control framework considered as the original framework that was released in 1992 by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Aside from being the broadly accepted and widely used Internal control framework up until now around the world, I consider it as a compact. The reason is based on the "rubik cube" model of COSO's internal control, whereas you can see the direct relationship that exist between objectives, components and the organizational structure of the entity (Internal Control - Integrated Framework, 2013). Also, they are the one who introduced the five essential components of internal control which includes (1) Control environment; (2) Risk assessment; (3) Control activities; (4) Information and communication; and (5) Monitoring, that must be in place and must be functioning well; together with the 17 principles that represents the fundamental concepts which are associated in each component to achieve an effective internal control. In conclusion, this framework enables organizations to effectively and efficiently develop systems of internal control that adapt to changing business and operating environments, mitigate risks to acceptable levels, and support sound decision making and governance of the organization (Internal Control - Integrated Framework, 2013).

REFERENCES:

AuditBoard. (2021, March 03). Auditing with COSO, COBIT, and ISO Control Frameworks. Retrieved November 06, 2021, from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/

Internal Control - Integrated Framework. (2013). Committee of Sponsoring Organizations of the Treadway Commission (COSO). Accessed November 06, 2021, from https://www.coso.org/documents/990025p-executive-summary-final-may20.pdf

Tandayu, Lexter M. (2019-106755)
ReplyDelete
Replies
Dayola, Charls Daniel L.November 6, 2021 at 4:14 AM
In my opinion, the best internal control framework is the COSO framework for the reason that I found COSO framework divides internal control objectives into three categories: operations, reporting and compliance. Wherein operations objectives such as performance goals and securing the organization’s assets against fraud, focus on the effectiveness and efficiency of your business operations. Reporting objectives, including both internal and external financial reporting as well as non-financial reporting, relate to transparency, timeliness and reliability of the organization’s reporting habits. And at last compliance objectives are internal control goals based around adhering to laws and regulations that the organization must comply with. The most amazing feature of this framework is that COSO recognizes that, while its framework could help us design a fraud-deterring system of internal controls, it’s not without limitations. For example, even the strongest system can’t prevent human error, bad judgement and external events that are beyond your control. The proper execution of the COSO framework is dependent on the ability to establish, formal control environment so I seems to me that it is an artificial intelligence ; however, the framework provides minimal implementation guidance.” Small businesses and startups may feel overwhelmed and unsupported, leading them to use a model with a more detailed framework instead. The framework is intentionally broad in order to apply to a wide array of industries and processes. This feature can be problematic, though, for “more complex businesses (e.g., those with varied operations and complex data systems)”. And also the governing body of this framework, the COSO board develops guidance documents that help organizations with risk assessment, internal controls and fraud prevention.
References:
Internal Control—Integrated Framework (Framework), © [2013] Committee of Sponsoring Organizations of the Treadway Commission (COSO).

Dayola, Charls Daniel L.
2019-107001
ReplyDelete
Replies
Jerick E. GuasinNovember 6, 2021 at 7:35 AM
As per Audit Board (2021), in the context of internal control, an internal control framework is a systematic guide that collects and categorizes anticipated controls or control themes. COSO (Committee of Sponsoring Groups) is the most often used framework by businesses and other organizations. An organization's risk assessment and management operations are built on a control framework, which serves as the foundation for developing successful internal control processes that limit or mitigate risk. According to the COSO internal control structure, internal control consists of five critical components: Control Environment, Risk Assessment, Control Actions, Information and Communication, and Monitoring. Through this framework, companies will have a systematic approach to risk identification, mitigation, and monitoring to ensure that the risk does not resurface to jeopardize the entity's ability to fulfill its goals.

COSO emphasizes need for appropriate and elevated information for control tasks. A robust system requires both internal communication emphasizing the critical nature of control duties and unambiguous transmission of expectations with external providers. Hence as emphasized in 2013 by the Internal Control-Integrated Framework, the management judgment is critical to the development, implementation, and evaluation of an internal control system, according to the framework. Additionally, the Framework has been updated and clarified to make it more user-friendly. An effective and efficient internal control system design and management may help firms achieve their goals and adapt more easily to changes in their business and operational environments.

To sum things up, COSO's Internal Control-Integrated Framework is something I'm interested in. In 1992, the Committee of Sponsoring Organizations of the Treadway Commission produced the first Internal control framework that is considered the original framework (COSO). Beyond the fact that it is the most widely-accepted and widely-used framework for internal control to date, I see it as a compact agreement.

References:

AuditBoard. (2021, March 03). Auditing with COSO, COBIT, and ISO Control Frameworks. Retrieved November 06, 2021, from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/

Internal Control - Integrated Framework. (2013). Committee of Sponsoring Organizations of the Treadway Commission (COSO). https://na.theiia.org/standardsguidance/topics/documents/executive_summary.pdf

Jerick E. Guasin ; 2019-105702 (CBET-01-503A)
ReplyDelete
Replies
Rhea Mae YugaNovember 6, 2021 at 10:19 PM
The Internal Control Framework is an integrated system of plans and processes. It's a way to build on one another so that your goals are met. It was created as a way of identifying any faults within organizations and taking action to fix these faults; most importantly through identifying root causes for why organizations fail or succeed at what they do. For me COSO is the most effective internal control framework, aside from being famous among other frameworks, COSO (Committee of Sponsoring Organization) is a procedural framework that focuses on the effectiveness of internal control to the organization. Internal controls are improved, allowing the business to better mitigate risks and have the data needed to make sound decisions. It also improved cybersecurity, putting businesses on the proper track in facing and controlling the alarming amount of cyberattacks. Furthermore, when a business effectively implements this framework, it will be able to optimize operations, build more efficient internal controls, and manage compliance expenses, resulting in significant cost savings. COSO was adopted by different organization that makes it more effective since it is a joint initiative by different standardization bodies. Through this it ensures compliance with regulations and laws and prevent companies from fraud or theft from within.

References:

Half, R. (2015, March 25). The Benefits of Adopting the COSO 2013 Framework — Even If You Aren't Required to. Retrieved from Robert Half Talent Solutions: https://www.roberthalf.com/blog/management-tips/the-benefits-of-adopting-the-coso-2013-framework-even-if-you-arent-required-to

Yuga, Rhea Mae D. (2019-103574)

ReplyDelete
Replies
Stephanie BalaysocheNovember 6, 2021 at 10:19 PM
According to the definition given by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), internal control is a process, affected by an entity's board of directors or trustees, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in different categories such as effectiveness and efficiency of operations, reliability of financial reporting and compliance with applicable laws and regulations. The responsibility of creating and implementing the appropriate system of internal controls is normally given to the management. However, to successfully execute those internal controls introduced by the management, employees and staff of the company are required to follow and apply those practices in their work. Aside from that, the purpose of internal control is to achieve the objectives of the organization such as prevention of frauds, irregularities and unexpected errors, and guarantee that corrective measures are properly taken. As we all know about internal control, the next thing to find out is the internal control framework. Based on the website of Auditboard, the internal control framework is a structured guide that organizes and categorizes expected controls or control topics. The management can select various frameworks in particular situations. There are so many available frameworks existing right now and each one of them is truly helpful to achieve the goals of the company. However, in my personal view, the most effective framework for the organization is the COSO framework.

BALAYSOCHE, STEPHANIE (2019-101856)
ReplyDelete
Replies
UnknownNovember 6, 2021 at 10:21 PM
In 2013, COSO introduced a new internal control framework with some revisions and new updates related to the 1992 version. The main purpose of the update is to provide more relevancy in a dynamic and complex business environment. Furthermore, it is widely adopted by many companies as the new version of the framework gives essential benefits to the organization. This framework is most commonly applied by several corporations to produce an efficient and effective control environment within their organization. In fact, the organization can gain a lot of advantages by using this framework compared to other existing ones. The COSO framework contains three main objectives. The first is operational objectives. It aims to focus on the efficiency and effectiveness of the operation of the business such as the financial and operational activities. The next objective is reporting. It emphasizes both internal and external financial reporting. It includes transparency, credibility, regulations and the policies of the company. The last objective is about compliance. It promotes strict adherence to laws and regulations necessary to comply with the continuous operation of the organization. Apart from those objectives, the COSO framework enhances the overall cybersecurity of the organization. To sum up, the COSO framework is indeed an effective one to use to establish a strong internal control in the organization. It even allows to minimize risks and produce data that will serve as a necessary factor for the decision-making. In addition, it assesses how to further improve the effectiveness and efficiency of the overall operations of the organization.

References:
Auditing with COSO, COBIT, and ISO control frameworks. (2021, March 3). AuditBoard. https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/#:%7E:text=The%20COSO%20framework%20is%20the,effective%20financial%20statement%20control%20environment.

Plaster, G. A. (2019, October 22). The COSO internal control framework and your company’s internal control processes. Baker Tilly. https://www.bakertilly.com/insights/the-coso-internal-control-framework-and-your-companys

What are internal controls? (n.d.). WIU. http://www.wiu.edu/internal_auditing/internal_controls/

BALAYSOCHE, STEPHANIE (2019-101856)
ReplyDelete
Replies
Airon Nicole JadraqueNovember 6, 2021 at 10:44 PM
In my opinion it would definitely be the COSO framework. According to the Auditboard site, the COSO framework is the most commonly used internal control framework. The Committee of Sponsoring Organizations of the Treadway Commission (COSO) internal control framework that corporations most frequently use to run an efficient and effective financial statement control environment.

Additionally, according to COSO in the article of Snook (2019), it is stated there that COSO focuses on achieving objectives in operations, reporting and/or compliance; it is an ongoing process; it depends on people’s actions, not merely written policies and procedures; it provides assurance senior management of security to a reasonable degree; and it can be adapted to the needs of the whole organization as well as each department, unit or process.

With that being said, I reckon that COSO is what I think for me the most effective and best for the welfare of the organization or firm. It has the best setup for me because it is well-organized and well-thought-out as it has multiple objectives divided into three categories which also in its "COSO cube",everything is elaborated very well and it considers so many factors or relationships between all the parts of an effective internal control system. It also guarantees that its framework should help everyone to design and have a fraud-deterring system of internal controls. In conclusion, COSO may not be a perfect framework as it has its limitations and flaws as well, however this type of framework has been proven effective and efficient.

References:
Auditing with COSO, COBIT, and ISO Control Frameworks. Auditboard. Retrieved November 07, 2021 from
https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/#:~:text=The%20COSO%20framework%20is%20the,effective%20financial%20statement%20control%20environment.

Snook, A. (2019). COSO Framework: What it is and How to Use it. i-Sight. https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/

AIRON NICOLE T. JADRAQUE
2019-101826
ReplyDelete
Replies
UnknownNovember 7, 2021 at 3:09 AM
Every organization exists to achieve some goals, but there are numerous risks that can prevent those goals from being met. As a result, establishing and implementing appropriate internal controls is critical for businesses of all sizes. Internal controls are the mechanisms, rules, and procedures put in place by a company to ensure the accuracy of financial and accounting information, promote accountability, and prevent fraud. Aside from complying with laws and regulations and preventing employees from stealing assets or committing fraud, internal controls can help improve operational efficiency by improving the accuracy and timeliness of financial reporting.

Internal controls cannot always prevent fraud, especially if it is carried out by top management, but they can aid in the detection of fraudulent activity in most cases. Internal controls can help ensure that financial statements are prepared on time and accurately, and that any assertions made in the completed financial statements are addressed.

Even if internal controls are in place, human error can still occur. However, with the right internal controls in place, it's more likely that any mistakes will be discovered fast and fixed swiftly. Businesses of any size will be able to fulfill three main business objectives by establishing and effectively administering internal controls: accurate financial reporting, compliance with all relevant legislation, and successful operations.

Among the different internal control frameworks developed by different auditors and risk control experts, COSO’s Internal Control—Integrated Framework (Framework) is one of the best for me because It enables businesses to establish internal control systems that are effective and efficient in adapting to changing business and operating environments, mitigating risks to acceptable levels, and supporting sound decision-making and governance.

References:
Girsch- Bock, Mary. (August 6, 2001). The Importance of Internal Controls. Retrieved November 7, 2021 6:39 pm from https://www.cpapracticeadvisor.com/accounting-audit/article/21232325/the-importance-of-internal-controls

Internal Control - Integrated Framework. (2013). Committee of Sponsoring Organizations of the Treadway Commission (COSO). Retrieved November 7, 2021 6:42 pm from https://na.theiia.org/standardsguidance/topics/documents/executive_summary.pdf

CHENCEL-ANNMAE F. ALMODIEL (2019-105222)

ReplyDelete
Replies
Don Luis M. VillanuevaNovember 7, 2021 at 5:11 AM
The COSO (Committee of Sponsoring Organization) Framework was published and used by American Institute Certified Public Accountant and widely uses in United states. It is labeled as the control environment or the internal environment. COSO is a framework for designing, implementing and evaluating internal control for organizations, providing enterprise risk management.

For me, COSO is the best internal control framework, it's evident that it is the most popular and widely used framework across the world. COSO focus more on the procedural side of implementing the internal control or audit that sets apart with other frameworks. "Tone at the top" is associated with COSO, it's the viewing of top management or board to the controls and they act appropriately with the risk and problems that they newly discovered. As visual representation of COSO framework, its has five body stages and they are Control environment, Risk assessment, Risk activities, Information and Communication, and Monitoring activities. The top part objectives are effectiveness and efficiently operations, reliability of finacial reporting and compliance with applicable laws and regulations. The side parts are entitiy, division, operating unit and function. The rubic cubes clearly represents that each and every functions are related to each others and it is important to do the functions in sequence to optimize the result.

The control environment makes this frameworks very effective and important. It is the fundamental component that sets all the rest components. A good control environment provides the setting necessary for effective internal control arrangements to be established and applied. The COSO framework will be effective for the organization because it has concrete procedures to first study and know the control environment, then conduct a risk assessment to identify, measure and analyze the risk, that will result to produce a control activity to address the risk, then review the information and communication if it is relevant and useful, and finally the monitoring activities to check the progress and do some corrective action.

Chambers, A. & Rand, G. (2010). The Operational Auditing Handbook: Auditing Business and IT Processes. John Wiley & Sons, Ltd. ISBN 978-0-470 74476-5. pp 117

McLaughlin, M. (2019). The 5 Components of Internal Control. Edspira. Retrieved on October 26, 2021. https://www.youtube.com/watch? v=15_n4yi9dMU

-Villanueva, Don Luis M. (2019-102313)
ReplyDelete
Replies
Erica C. BandolaNovember 7, 2021 at 7:10 AM
1/2
Chambers and Rand defined the internal control as the control exercised within the business by management and overseen by the board. These of course include the establishment of control activities that have a potential effectiveness to control or handle the assessed risks done from previous steps conducted. Through the years of developing the concept of internal control, and later on, defined as the plan of organization and the co-ordinate methods and measures adopted within the business (AICPA 1948). To intensively apply and exercise the internal controls, they developed internal frameworks to broaden the application of internal control in addressing operations and reporting objectives, and clarify the requirements for determining what constitutes effective internal control. The frameworks COSO internal control, UK's Turnbull internal control, and COCO internal control are the three primary frameworks used according to the Securities and Exchange Commissions. Though the definitions provided by each control somehow varied from each other, the internal controls has the same ground, that is to implement the controls needed and to oversee the possible operation risks in an organization.

BANDOLA, ERICA C. (2019-105307)
ReplyDelete
Replies
Erica C. BandolaNovember 7, 2021 at 7:16 AM
2/2
Among the three frameworks provided, the most commonly used is the Committee of Sponsoring Organizations of the Treadway Commission (COSO) internal control framework. The COSO internal control is frequently used to observe the effective financial statements control in the organization. To achieve this, the COSO provided five key components, or as preferred as key principles, of internal control. These key components are essential and must be functioning well. When it comes to implementing internal controls in the organization, the first thing needed to do is to establish a good internal control environment by providing vision, skills, incentives, resources, and a plan to set objectives and avoid confusions. Of course, the next step, and is also important, is the risk assessment in the organization to identify and analyze threats and to furtherly achieve the objectives set. The next step is to create and conduct control activities to mitigate the assessed risk from the previous step. This will allow the organization to reduce the controllable risks and to provide specific actions. In communicating critical information and documents, the personnel who handle and are responsible for this should be knowledgeable enough to the policies and standards used in the operations. Information and communication is achieved through hiring personnels that is critical in achieving goals and objectives. The last step in COSO internal framework is the monitoring of activities through continual evaluation of the mentioned steps. In this step, the auditor should be a professional skeptic to make sure that all the information provided is true and unbiased.

REFERENCE:
Clarke, I. (PARTNER | CPA, CISA, CISSP). (2020, March 24). Establishing an Effective Internal Control Environment. Lincord & Co. CPA Firm. https://linfordco.com/blog/internal-control-environment/
Chambers, A. & Rand, G. (2010). The Operational Auditing Handbook: Auditing Business and IT Processes. John Wiley and Sons, Ltd., Publication. pp 116 - 146

BANDOLA, ERICA C. (2019-105307)
ReplyDelete
Replies
John Carlo B. De VeraNovember 7, 2021 at 7:32 PM
Internal control frameworks are really vital in the guidance of the internal control system or process of an organization. According to Murdock (2017), the COSO’s internal control integrated framework or IC-IF is the most common framework used by a lot of organization. Hence a lot of organization find this framework as beneficial in overseeing their operational systems. This commission as well is sponsored by the five professional association which includes IIA, AICPA, AAA, IMA, and FEI which also showcase how well-supported this commission is. The best thins about the COSO is their goal on enhancing the quality of the financial reporting of every organization by focusing on corporate governance, ethics, and internal control (Murdock, 2017). Moreover, the IC-IF of COSO has an effective internal control system which composed of five components in achieving the organization’s mission, strategies, and objective. It includes, firstly, the control environment which establish well-founded internal audit people and environment. It also includes the risk assessment which give emphasis on the process or system in risk identification and analysis to help the management change and decide on things within the company. Also, it also includes effective control activities which is focused on the improvement of policies and procedure of the business. Moreover, it also includes information and communication which highlight the measurement of quality of information and the effectiveness of communication. Lastly, it also includes monitoring which emphasize the relevant evaluation, deficiency and ongoing monitoring on the organization’s system. Hence, COSO’s IC-IF definitely give significant importance on the holistic approach on rectifying and improving the internal capacity of an organization.

References
Knowledge Leader. (2020, March 12). Retrieved from https://info.knowledgeleader.com/bid/161685/what-are-the-five-components-of-the-coso-framework
Murdock, H. (2017). Operational Auditing. Florida: CRC Press.

DE VERA, JOHN CARLO B. (2019-104382)
ReplyDelete
Replies
Capinlac Carl AngeloNovember 8, 2021 at 12:41 AM
Internal control helps firms achieve critical objectives while also maintaining and increasing performance. The COSO Framework is the best internal control framework. COSO's Internal Control—Integrated Framework assists firms in developing internal control systems that can adapt to changing business and operating environments, reduce risks to acceptable levels, and promote effective decision-making and governance. COSO is a framework for analyzing internal controls developed by the Committee of Sponsoring Organizations. This methodology has become the industry standard for evaluating the effectiveness of internal control systems. Internal control is defined as "a procedure carried out by an entity's board of directors, management, and other staff to offer reasonable assurance of the achievement of objectives," according to the COSO model.

Among all of them, the COSO framework is the most effective internal control structure. However, because it was created for IT governance and management, the COBIT framework is the best solution for the IT audit business. The CMMI framework is also commonly used in project management, process evaluation, and performance improvement settings.
Businesses most typically use the COSO (Committee of Sponsoring Organizations of the Treadway Commission) internal control framework to maintain an efficient and effective financial statement control environment. This framework is made up of five parts, each of which is broken into 17 principles.The principles are further divided into 87 areas of focus to provide managers with comprehensive guidance when developing or revamping internal controls for audit risk assessments and risk management.

Auditboard. (2021). Auditing with COSO, COBIT, and ISO Control Frameworks.
https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/Internal Control - Integrated Framework.
Internal Control - Integrated Framework. (2013). Committee of Sponsoring Organizations of the Treadway Commission (COSO). https://na.theiia.org/standards-guidance/topics/documents/executive_summary.pdf

Capinlac, Carl Angelo SJ
2019-102322
CBET-01-502A
ReplyDelete
Replies
Bernadeth DugayNovember 8, 2021 at 6:15 AM
For me the best internal control framework to use in an organization is the Committee of Sponsoring Organizations of the Tread way Commission or COSO. It is an internal control framework in what corporations most commonly employ to maintain an efficient and productive financial reporting internal audit function. COSO created a governance framework with five dimensions that are divided into 17 guidelines. The guidelines are further broken down into 87 coordinates of greater emphasis capable of providing decision makers with analysis and recommendations when trying to design or monitoring internal controls for audit vulnerability assessment and operational risk. I think it is the most effective internal control framework because Regardless of whether your organization continually preserves effective internal control or has experienced significant some uncertainty, the COSO Framework could perhaps assist you and your Data centre team in taking steps to improve. An effective and efficient internal control system functions best with specific components that reflect the overall mission, methodologies, and organization's business desired outcomes. The COSO Framework includes five components that help any company achieve its goals: attempting to control the environment, identifying risks, supervising operational activities, facilitating the dissemination of information and interaction, as well as monitoring prescheduled audits and accountant's reports. Internal controls must be constantly monitored in order to detect and instances and issues as soon as possible.

References:
Auditing with COSO, COBIT, and ISO Control Frameworks (2003) Retrieved from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/

Dunkelberger , David (2019) How Can The COSO Framework Improve Your Organization’s Internal Controls; Retrieved from https://www.ispartnersllc.com/blog/how-coso-framework-improve-internal-controls/

-Dugay, Bernadeth (2019-103892)

ReplyDelete
Replies
Patricia Lynn D. GuamosNovember 8, 2021 at 6:59 AM
This comment has been removed by the author.
ReplyDelete
Replies
UnknownNovember 8, 2021 at 7:40 AM
Internal control serves as a plan and/or guide of an organization in order to safeguard its assets, check the accuracy and reliability of its accounting data, promote operational efficiency, and encourage adherence to prescribed managerial policies. There are different internal control frameworks. These are COSO, COCO, COBIT, GTAG, ISO, ITIL, and CMMI frameworks.

I believe that Committee of Sponsoring Organization, also known as COSO framework, is the most effective among them. It is mainly because it helps organizations by ensuring operational effectiveness and efficiency, financial reporting reliability, and applicable laws and regulations compliance. These can be seen when their operations are running effectively and efficiently. The second one is that the financial statements are accurate and their assets and stakeholders are protected from fraud. Lastly, the whole organization complied with the rules and regulations of the law and the management itself. Furthermore, there are five components of COSO framework. These five are control environment, risk assessment, control activities, information and communication, and monitoring. Risk assessment identifies and assesses all possible risk at all levels of the organization and then, control activities help mitigate those risks. The internal control systems are also monitored to ensure that those controls are working properly for the organization. Likewise, information and communication is essential and necessary to carry out internal control responsibilities and disseminate all the information throughout the organization. All of these components work to establish the foundation for sound internal control through directed leadership, shared values, and a culture that emphasizes accountability for control.

COSO framework therefore, are very important and indeed the most effective to help the company achieve its goals and objectives in a long term success of the business.

REFERENCES:

Protiviti KnowledgeLeader. (2020, March 12). Five Components of the COSO Framework You Need to Know. Accessed on November 08, 2021. https://info.knowledgeleader.com/bid/161685/what-are-the-five-components-of-the-coso-framework

Reciprocity. (2019, December 13). Guide to COSO Framework and Compliance. Accessed on November 08, 2021. https://reciprocity.com/guide-to-coso-framework-and-compliance/

HEDREYDA, HILARY N. (2019-103876)
ReplyDelete
Replies
Bernard I. DusayenNovember 8, 2021 at 9:51 AM
(1/2)
An internal control framework is a structured framework that integrates and classifies intended measures or control topics. Auditors rely on internal control frameworks for describing and evaluating an organization (Auditboard, 2021). With several frameworks available, management may pick which frameworks to utilize and even use multiple frameworks in different scenarios. When it comes to an all-around and well-known framework, the COSO Framework is unrivaled. This is due to the fact that it covers every topic that has to be covered. The COSO Framework is often shown as a cube, with the five components of internal control, three categories of objectives, and the entity's structure depicted (Murdock, 2017).

The Treadway Commission's Committee of Sponsoring Organizations (COSO) was formed and aimed to provide thought leadership via the creation of comprehensive frameworks and guidelines on internal control, fraud prevention, and enterprise risk management (Dunkelberger, 2019). This is the most effective framework since the ultimate purpose of a COSO Framework is to increase and improve organizational performance and supervision while also lowering the amount to which fraud may occur.
ReplyDelete
Replies
Bernard I. DusayenNovember 8, 2021 at 9:52 AM
(2/2)
Using this framework, the organization may improve internal controls, improve cybersecurity, save money, and gain more favorable attention from investors (Half, 2015). As auditors, we may use the 2013 framework to assess ways to improve the efficacy of internal controls and the overall efficiency of the organization. As auditors, we may use the 2013 framework to assess ways to improve the efficacy of internal controls and the overall efficiency of the organization. Companies confront an assault of fraudulent activities, cybersecurity concerns, and other hazards in today's digital world. With this framework, the organization will be able to optimize procedures, implement more efficient internal controls, and manage compliance expenses. Finally, investors are examining public firms' performance more than ever before. If the firm implements the 2013 COSO framework, it will have a more effective set of risk management procedures in place, which will make the organization more appealing to potential investors.

References:

AuditBoard . (2021, March 3). Auditing with COBIT, Coso, and Iso Control Frameworks. AuditBoard. Retrieved November 8, 2021, from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/.

Dunkelberger, D. (2019, November 11). How can COSO framework improve your organization's internal controls. I.S. Partners. Retrieved November 8, 2021, from https://www.ispartnersllc.com/blog/how-coso-framework-improve-internal-controls/.

Half, R. (2015, March 25). The Benefits of Adopting the COSO 2013 Framework — Even If You Aren't Required to. Robert Half Talent Solutions. Retrieved November 8, 2021, from https://www.roberthalf.com/blog/management-tips/the-benefits-of-adopting-the-coso-2013-framework-even-if-you-arent-required-to.

Murdock, H. (2017). Operational Auditing: Principles and Techniques for a Changing World. CRC Press Taylor and Francis Group.

DUSAYEN, BERNARD I. (2019-106143)
ReplyDelete
Replies
Ivy Francesca CruzNovember 8, 2021 at 10:48 AM
Internal control is a process designed to provide reasonable assurance. For me, the best IC framework is the one developed by Committee of Sponsoring Organizations of the Treadway Commission (COSO). This framework or model defines internal control as “a process effected by an entity’s board of directors, management and other personnel designed to provide reasonable assurance of the achievement of objective. COSO framework divides internal control objectives into three categories: operations, reporting and compliance. (a) Operations objectives, such as performance goals and securing the organization’s assets against fraud, focus on the effectiveness and efficiency of your business operations. (b) Reporting objectives, including both internal and external financial reporting as well as non-financial reporting, relate to transparency, timeliness and reliability of the organization’s reporting habits. (c) Compliance objectives are internal control goals based around adhering to laws and regulations that the organization must comply with.
This COSO model also further teaches that there are five components to an internal control system. (1) Control environment is the “set of standards, processes, and structures that provide the basis for carrying out internal controls across the organization. (2) Risk assessment involves your organization’s analysis of the risks posed by internal and external changes, the ability to establish objectives and determine their suitability for your business and the process for weighing risks versus risk tolerances. (3) Control activities are the tasks and activities (laid out by organizational policies and procedures) that help you achieve your internal control objectives. These include actions such as “authorizations and approvals, verifications, reconciliations, and business performance reviews.” (4) Information and communication component recognizes these two things as essential to any internal control system. COSO stresses the importance of relevant and high-quality information to control functions. Internal messages emphasizing the importance of control responsibilities, in addition to clear communication of expectations with external parties, is key to a strong system. (5) Monitoring your internal controls is just as important as establishing them. Use ongoing evaluations built into your business processes as well as regular separate evaluations, which will vary based on your level of risk, system effectiveness and regulation requirements.
This framework for me is the best because the goal of implementing a control framework is to improve the quality and usability of data, not to impose compliance indiscriminately. Internal controls are useful for more than just compliance and financial reporting to the outside world. Internal controls that are effective can help organizations expand on a long-term basis while maintaining confidence in the integrity of all forms of data.

Reference:
Snook, A. (2019). COSO framework: what it is and how to use it. i-Sight. https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/

– CRUZ, IVY FRANCESCA SN. (2019-103873)
ReplyDelete
Replies
John Michael RuizNovember 8, 2021 at 11:28 AM
This comment has been removed by the author.
ReplyDelete
Replies
John Michael RuizNovember 8, 2021 at 11:30 AM
This comment has been removed by the author.
ReplyDelete
Replies
John Michael RuizNovember 8, 2021 at 11:32 AM
Control frameworks are taking place in many businesses to keep pace with the obscuring of national boundaries, blending of cultures, interfaces among computer systems, expansion of online business exercises and many more factors that results in a proliferation of vulnerabilities, risks, stakeholders, and other phenomena or activities that could affect the performance of an organization.

As a person who is involved in a field of Accountancy I believe that the Most Effective Internal Control Framework in an Organization will be "COSO Framework" as we, future accountants practice transparency in any situation, organizational or personal. Transparency meant to establish trust and goodwill by building and preserving the firm’s reputation for openness and honesty in its business dealings. It will manifest to all corners of business from its people, investors, suppliers, customers, and even to the public mass. According to Hernan Murdock, COSO’s goal was to improve the quality of financial reporting through a focus on corporate governance, ethical practices, and internal control. It has five Integrated Frameworks which are (1) Control Environment which is about commitment to integrity and competence, establishing authority with responsibility, and enforcing Accountability. Then (2) Risk Assessment which is clearly about identifying and minimizing risk. (3) Control Activities or simply means developing policies and procedures. (4) Information and Communication or usage of relevant information that could communicate to internal and external sources. Lastly, (5) Monitoring Activities where conducting evaluation takes place and identifies deficiencies to have a prompt solution.

The integrated framework of COSO is not just about transparency but scopes all other important factors in governing the internal control of an organization. Therefore, I conclude that this is the best and most effective way out of all given frameworks.

References:
Hernan, M. (2017). Operational Auditing. CRC Press.

Gan Integrity (2021). What is Transparency in Business? https://www.ganintegrity.com/compliance-glossary/transparency-in-business/

John Michael Ruiz (2019-103444)
ReplyDelete
Replies
Thea Sofia A. BarabichoNovember 8, 2021 at 12:43 PM
An internal control framework is a widely-known process implemented and monitored by the board of directors, senior management, and all levels of personnel to provide assurance on the achievement of objectives through efficient and effective operations. When documenting and testing a control environment, internal auditors mostly rely on internal control frameworks. An organization’s management can choose among the various frameworks available depending on what they want to maintain and achieve. Some organizations use control frameworks for general purposes like the COSO Internal Control, while others design COBIT IT Control framework for more specific purposes.

Among all of the auditing frameworks available, I think that the COSO Internal Control framework is the most effective to an organization. It is also the most commonly used because of its efficiency and effectiveness. It is the first framework released in 1992 by the Committee of Sponsoring Organizations of the Treadway Commission (COSO). It is made in conjunction with five organizations - American Accounting Association (AAA), American Institute of Public Accountants (AICPA), Financial Executives International (FEI), Institute of Management Accountants (IMA), and Institute of Internal Auditors (IIA). Having these organizations support the framework, it became broadly and globally accepted. COSO developed a control framework which contains five principles such as Risk Assessment, Control Activities, Information and Communication, Control Environment, and Monitoring Activities. Along with these principles is the illustration made to show the relationship between all the parts of an effective internal control system referred to as the “COSO Cube.” It enables an organization to adapt in a fast-changing business environment, mitigate risks at an acceptable level, implement proper governance, and create sound decisions.

However, even though the framework is said to be the best, it cannot always guarantee a successful business operation. It would only serve as a guide because even the strongest internal control system could not prevent errors made by the employees, bad judgments, and fortuitous events which are beyond the company’s control.

Barabicho, Thea Sofia A.
2019-106912
ReplyDelete
Replies
UnknownNovember 8, 2021 at 4:03 PM
From my standpoint, I can say that The Committee of Sponsoring Organizations of the Treadway Commission (COSO) internal framework is the best internal framework in improving performance, and efficiency and effectiveness in an organization. COSO developed a control framework containing five components that break into 17 principles. The principles are further detailed into 87 points of focus to provide detailed guidance to managers when designing or mapping internal controls when used for audit risk assessments and by risk management (Audit Board, 2021). When an organization uses a control framework effectively management designs internal control processes with the framework as a baseline. Doing so helps the organization design control procedures that create and preserve value while minimizing risk. With that being said, COSO has 5 components in achieving the organization’s mission on an effective internal control. It consists of Control environment, Risk assessment, Control activities, Information and communication, and monitoring. All can help in identifying, assessing, and mitigating routinely the significant risks within all functions of the organization. Moreover, another reason why I think COSO is the best internal control framework is because has a similar applicability version to the updated framework. It is said in the article that previously, it is issued with guidance on monitoring internal control system to help organization (Internal Control – integrated Framework, 2013).

References:
Auditboard. (2021). Auditing with COSO, COBIT, and ISO Control Frameworks. https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/
Internal Control - Integrated Framework. (2013). Committee of Sponsoring Organizations of the Treadway Commission (COSO). https://na.theiia.org/standards-guidance/topics/documents/executive_summary.pdf

HABON, ASHLEY P
2019-102695
ReplyDelete
Replies
John Joseph C. CedoNovember 8, 2021 at 4:46 PM
This comment has been removed by the author.
ReplyDelete
Replies
John Joseph C. CedoNovember 8, 2021 at 5:12 PM
(1/2)
When documenting and testing a control environment, internal auditors rely on internal control frameworks. Because there are so many frameworks available, management can pick and choose which ones to utilize, and even use various frameworks in different situations. The three most popular control frameworks used by internal auditors are COBIT, COSO, and ISO frameworks, which are discussed in this article. A structured guide that organizes and categorizes expected controls or control topics is known as an internal control framework. Some firms create control frameworks for broad goals, such as the COSO internal control framework, while others, such as the COBIT IT Control framework, are more focused. Management designs internal control processes with the framework as a baseline when an organization effectively uses a control framework (typically in audit risk assessments and risk management). As a result, the organization is better able to design control procedures that both create and preserve value while reducing risk.

ReplyDelete
Replies
John Joseph C. CedoNovember 8, 2021 at 5:13 PM
(2/2)

In my opinion, the best internal control framework is COBIT. COBIT is an IT management framework created by ISACA to assist enterprises in developing, organizing, and implementing information management and governance initiatives. COBIT 2019 is a new version of COBIT that addresses new trends, technology, and security requirements for modern businesses. The framework is still compatible with other IT management frameworks like ITIL, CMMI, and TOGAF, making it an excellent choice as an umbrella framework for unifying processes across an entire organization. COBIT differs from other frameworks in that it places a strong emphasis on security, risk management, and information governance. This is highlighted in COBIT 2019, which includes clearer definitions of what COBIT is and isn't. COBIT 2019, for example, isn't a framework for organizing business processes, managing technology, making IT-related choices, or determining IT strategy or architecture, according to ISACA. Rather, it's intended to serve as a framework for corporate IT governance and management across the firm. The revised version clarifies this for organizations, reducing confusion regarding how COBIT should be used and applied.

References:
• AuditBoard. (2021, November 8). Auditboard. Retrieved November 9, 2021, from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/Five
• White, S. K. (2019, January 16). What is COBIT? A framework for alignment and governance. CIO. Retrieved November 9, 2021, from https://www.cio.com/article/3243684/what-is-cobit-a-framework-for-alignment-and-governance.html

John Joseph C. Cedo
2019-101001
ReplyDelete
Replies
UnknownNovember 8, 2021 at 7:37 PM
I believe that the best internal control framework that was developed in todays time is the COSO Framework (Committee of Sponsoring Organizations of the Treadway Commission Framework). A COSO Framework's main purpose is to improve and increase organizational performance and oversight while also lowering the risk of fraud. The organisation was established to provide thought leadership on internal control, fraud prevention, and corporate risk management through the development of comprehensive frameworks and guidelines.

Together, the COSO board develops guidance documents that help organizations with risk assessment, internal controls and fraud prevention. Their vision is to “be a recognized thought leader in the global marketplace on the development of guidance in the areas of risk and control which enable good organizational governance and reduction of fraud.”

The COSO framework further teaches that there are five components to an internal control system. This includes the following:
‌ control environment are a set of standards, processes, and structures that serve as the foundation for implementing internal controls throughout an organization.
‌Risk assessment is the process of analyzing the risks created by internal and external changes, establishing objectives and determining their fit for your business, and comparing risks against risk tolerances.
‌Control activities are the tasks and activities (laid out by organizational policies and procedures) that help you achieve your internal control objectives. These include actions such as “authorizations and approvals, verifications, reconciliations, and business performance reviews.”
‌information and communication component recognizes these two things as essential to any internal control system. The need of relevant and high-quality information for control functions is emphasized by COSO. A strong system requires internal messaging highlighting the importance of control responsibilities, as well as clear communication of expectations with external partners.
‌monitoring It's just as crucial to keep track of your internal controls as it is to set them up. Use regular separate evaluations as well as continuing evaluations embedded into your business operations, which will vary depending on your level of risk, system effectiveness, and regulatory needs.
References:
Dunkelberger (2019). How Can The COSO Framework Improve Your Organization’s Internal Controls. https://www.ispartnersllc.com/blog/how-coso-framework-improve-internal-controls/

Snook, A. (2019). COSO Framework: What it is and How to Use it. https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/

-BERTIZ, COLINE B. (2019-100749)
ReplyDelete
Replies
AnonymousNovember 8, 2021 at 9:22 PM
According to auditboard.com, Some organizations design control frameworks for general purposes like the Committee of Sponsoring Organizations of the Treadway Commission (COSO) internal control framework, while others are more specific such as the Control Objectives for Information and Related Technology (COBIT IT) Control framework. In my opinion, it will be the COSO if the business’s goals are dependent on the changes in the market demand and have a wide variety of goods and services being offered (product or business diversification). If the business/entity is dependent on the quality and quantity of services they provide and they provide and only offer a single product or services (single-product business) it will COBIT.
For me It is better to choose a generalist than a specialist; because of its flexibility (can be applied to other departments) and are ideal for rapid changes in the environment. COSO provides five components along with the 17 principles that align with the Trust Services Criteria will be described along with some practical controls to meet the objectives Maccrty(2019). This serves as a guide or checklist so beginners will know the proper way to set the goals or objectives and process of their company must look like so it will reach its objectives.
Auditing with COBIT, Coso, and Iso Control Frameworks. AuditBoard. (2021, March 3). Retrieved November 9, 2021, from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/.
Garcia, T. (2019, October 21). What is the COSO framework? — reciprocity. Retrieved November 9, 2021, from https://reciprocity.com/resources/what-is-the-coso-framework/.
Guidance on internal control. Internal Control Guidance and Thought Papers. (n.d.). Retrieved November 9, 2021, from https://www.coso.org/Pages/ic.aspx.
Maccarty, B. (2019, April 10). How the COSO Principles & Trust Services Criteria Align. linford&co. Retrieved November 9, 2021, from https://linfordco.com/blog/coso-principles/#:~:text=COSO%20Principle%201%3A%20The%20entity,and%20performance%20of%20internal%20control.
Product diversification. Corporate Finance Institute. (2020, July 14). Retrieved November 9, 2021, from https://corporatefinanceinstitute.com/resources/knowledge/strategy/product-diversification/.
Single-product strategy. Oxford Reference. (n.d.). Retrieved November 9, 2021, from https://www.oxfordreference.com/view/10.1093/oi/authority.20110803100508172.

NIEL CAMORONGAN
2019-102455
CBET 01-503A
ReplyDelete
Replies
Ela Rain TalabongNovember 8, 2021 at 9:29 PM
Nowadays, constant innovation and adaptation of the businesses to the changing industry resulted in complicated and extensive systems and processes in an entity. As the business practices became more extensive, the framework of the internal control (IC) becomes an integral part of the business for it organizes and categorizes the expected control or controls inside a business, and as Murdock (2016) noted, the internal control frameworks makes it easier to manage the diverging dynamics and evaluate the results systematically.

There are several existing internal control (IC) frameworks nowadays and if I were to be asked what is the most effective to an organization, I’ll say it’s the Committee of Sponsoring Organizations of the Treadway Commission (COSO)’s Framework. First and foremost, the COSO framework is the most frequently used to run an efficient and effective financial statement control environment (AuditBoard, 2021), making it more tested and proven by different organizations that existed and are still existing in the industry. It also contains five components— control environment, risk assessment, control activities, information and communication, and monitoring activities, that are subdivided into seventeen principles (Murdock, 2016). With its components focusing on corporate governance, ethical practices, and internal control, the delegation of the people inside the business is more effective, the integrity of the operations is upheld, and the system of process in the internal aspect of the business is more efficient. Every aspect of the internal control in a business is addressed and within the sphere of operation of the components and principles of the COSO framework. Moreover, the framework itself is in a constant upgrade to adapt to the changes of practices in the industry so that businesses that are using it will not be left behind with some old framework.

Internal Control frameworks are where businesses depend on all of their internal processes. The businesses need to choose and use the IC framework which is the most effective and appropriate to the type of business they are involved with, and to their overall objectives and strategic plans so that a smooth pathway towards success will open up for the business.

References:

AuditBoard. (2021, March 23). Auditing with COBIT, COSO, and ISO Control Frameworks. www.auditboard.com. https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/#:~:text=The%20COSO%20framework%20is%20the

Murdock, H. (2016). Operational Auditing: Principles and Techniques for a Changing World (1st ed.). Auerbach Publications. https://doi.org/10.1201/9781315368733

TALABONG, ELA RAIN
2019-102788
ReplyDelete
Replies
Paglinawan, Eliazar A.November 8, 2021 at 10:49 PM
Organizations thrive when they create control environments that allow for efficient operation execution. Internal controls, when implemented appropriately, assist organizations in providing value to their stakeholders and achieving their strategic objectives while adhering to industry best practices, laws, and regulations to manage the risks they face (Clarke, 2020). The COSO framework is the most often used framework for internal control. The COSO (Committee of Sponsoring Organizations of the Treadway Commission) internal control framework is the most commonly used internal control framework by organizations to run an efficient and effective financial statement control environment. COSO created a control architecture with five elements that are divided into 17 principles. The principles are further broken down into 87 points of focus to give managers more specific assistance when establishing or mapping internal controls for audit risk assessments and risk management (Audit Board, 2021). The Treadway Commission's Committee of Sponsoring Organizations (COSO) was established to provide thought leadership by developing comprehensive frameworks and guidelines on internal control, fraud prevention, and enterprise risk management. A COSO Framework's main purpose is to increase and improve organizational performance and oversight while also lowering the risk of fraud (Dunkelberger, 2019). With all these said, I personally think that COSO is the best internal control framework for its guidance to organizations on attaining optimal control environment while maintaining reliability of reporting and compliance with laws and regulatory standards.
References:
Auditboard. (2021). Auditing with COSO, COBIT, and ISO Control Frameworks. Retrieved November 9,
2021 from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/.
Clarke, I. (2020). Establishing an Effective Internal Control Environment. Retrieved November 9, 2021
from https://linfordco.com/blog/internal-control-environment/.
Dunkelberger, D. (2019). How Can The COSO Framework Improve Your Organization’s Internal Controls.
Retrieved November 9, 2021 from https://www.ispartnersllc.com/blog/how-coso-framework-`improve-internal-controls/.
Paglinawan, Eliazar A. 2019-101459
ReplyDelete
Replies
Marvie JayNovember 8, 2021 at 11:20 PM
Internal Control comprises the plan of organization and the co-ordinate methods and measures adopted within a business to safeguard its assets, check the accuracy and reliability of its accounting data, promote operational efficiency, and encourage adherence to prescribed managerial policies (Wandering CPA, 2021). In my opinion, the best internal control framework is the Committee of Sponsoring Organizations of the Treadway Commission’s (COSO) Internal Control – Integrated Framework. This framework will enable organizations to effectively and efficiently develop and maintain systems of internal control that can enhance the likelihood of achieving the entity’s objectives and adapt to changes in the business and operating environments. It is the most effective because it provides assurance to the business that objectives in terms of operations, reporting, and compliance are achieved. In order to achieve these objectives, 17 principles are needed to be applied by the business. These 17 principles are divided into 5 components: Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring Activities. With these principles in every component, the organization can form its ethical values to set tone for governance, conduct risk assessments to determine risks and its acceptable level, establish policies and strategies to mitigate risk, ensure that there is a clear gathering, sharing and organization of information to execute the work properly, and monitoring and evaluating to ensure that internal controls set have done its job.

REFERENCES:
Internal Control - Integrated Framework. (2013). Committee of Sponsoring Organizations of the Treadway Commission (COSO). https://na.theiia.org/standards-guidance/topics/documents/executive_summary.pdf

Wandering CPA. (2021, October 26). Operations audit: Discussion assignment week 4. Glimpse of CPA’s Mind. https://markgrabillo.blogspot.com/2021/10/operations-audit-discussion-assignment_11.html

SAYSON, MARVIE JAY N. (2019 – 100731)
ReplyDelete
Replies
De los Santos, Febvie Rose C.November 9, 2021 at 12:40 AM
From my perspective, preventive control is the best for me and to an organization. Preventive control as the name suggests, is designed to prevent or reduce the impact of the risks or threat. As preventive control aims to decrease the chance of errors, it is then important because its focus is the quality and it is proactive. Some of its examples are separation of duty, pre-approval of actions and transactions, access controls, physical control over assets, and employee screening and training.

For an organization, preventive control is the most effective out of the three types of internal control, because this type of control prevents the loss of assets in an inexpensive way of implementation. It is the best, simply because the organization already reduced the damage, after all, no one wants to have a big loss, that’s why the organization needs prevent it, unlike if the threat already happened, the organization have already taken the damage. If the organization will be able to prevent loss of assets, it will then of course result to higher profit. As for me, as a student, financially dependent on my parents, I would want to prevent damages that would make my parents spend money, especially in this time of pandemic wherein it is really hard to earn money.

Study: How do the three types of internal control activities safeguard assets? (n.d.). Canvas Network. https://learn.canvas.net/courses/37/pages/study-how-do-the-three-types-of-internal-control-activities-safeguard-assets
Types of Internal Controls. (n.d.). Finance & Accounting. https://www.fa.ufl.edu/directives/types-of-internal-controls/
Virtue, T. & Rainey, J. (2015). Information Risk Assessment. Science Direct. https://www.sciencedirect.com/topics/computer-science/preventative-control

DE LOS SANTOS, FEBVIE ROSE C.
2019-103240
CBET-01-501A
ReplyDelete
Replies
Iris IsipNovember 9, 2021 at 12:57 AM
A successful organization has a firm foundation from within, especially with its internal control. It is an assurance that the policies, regulations, and others more effectively promote proper conduct. Additionally, it will also strengthen the reliability of the financial reports. When choosing the proper framework, the COSO framework would be the best fit for the organization. It divides the objectives of the internal control into three groups: operations, reporting, and compliance. The goal of operations is to secure that the organization's assets are safe from fraud. It leans more on the effectiveness of the operations happening within the business. On the other hand, reporting is about what is happening inside and outside the company, specifically the financial report. The information reported should be free from error, timely, and authentic. Last, compliance is internal control goals circling the organization abiding by the laws and regulations expected for them to follow. We can now move to the COSO components; the first one would be the control environment. When it comes to setting up the standards for the employee, the first thing that comes to mind would be the managers, their leaders. We expect them always to follow the ethical values set by the organization to set an example to others so that the workplace environment is competent and active. Risk assessment incorporates how fast the organization identifies and assesses the risk. Moreover, it also opens up the opportunity for the business to learn about their strengths and weaknesses and establish objectives. The next component would be the control activities. It is a set of activities and tasks, either automated or manual, for us to achieve our internal control objective. The organization's security centers here; can easily catch unauthorized transactions or check whether documents meet the pre-established criteria. The fourth component, Information and Communication, talks about the flow of the information within the company that should always be timely, direct, and high-quality. Communication is one of the various things we need for success. Lastly, monitoring activities, the fifth component focuses on keeping track of all the components whether they are working as they should be. In conclusion, the COSO framework would bring a handful of benefits to the organization and enhance our internal control to become better.

Snook, A. (2019, November 21). COSO framework: What it is and how to use it: I-sight. I-sight. Retrieved November 9, 2021, from https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/.

Murdock, H. (2017). Operational Auditing: Principles and Techniques for a Changing World. CRC Press Taylor & Francis Group. pp 102 - 132 Retrieved November 9, 2021

ISIP, IRIS G.
2019-103614
ReplyDelete
Replies
Anthony "Baks" MangilogNovember 9, 2021 at 1:01 AM
Internal control is a set of activities designed to add value to stakeholders and mitigate risk. These are the mechanisms, regulations, and procedures that a business uses to ensure the integrity of financial and accounting data integrity, encourage accountability, and avoid fraud. That is why an internal control framework was introduced to facilitate the management of different dynamics and the systematic evaluation of results. There are lots of internal frameworks that businesses can choose to improve business results.

The most widely known internal controls framework in the business world is arguably COSO’s Internal Control-Integrated Framework (IC-IF) (Murdock, 2016). COSO’S framework improves the quality of financial reporting and safeguards the company assets. It focuses on corporate governance, ethical practices, and internal control. COSO IC-IF has five components essential for effective internal control that will benefit the organization to achieve its goals. The five components are control environment, risk assessment, control activities, information and communication, and monitoring activities.

In conclusion, COSO’S internal control-integrated framework is the most effective IC framework used by an organization. It enhances and improves the performance of the organization. In addition, it also strengthens cybersecurity in the company to reduce the risk for lots of threats and fraud. Using this framework will take the attention of prospective investors.

references:
Half, R. (2020, July 1). The Benefits of Adopting the COSO 2013 Framework — Even If You Aren’t Required to. Roberthalfblog. https://www.roberthalf.com/blog/management-tips/the-benefits-of-adopting-the-coso-2013-framework-even-if-you-arent-required-to

Murdock, H. (2016). Operational Auditing: Principles and Techniques for a Changing World (Internal Audit and IT Audit) (1st ed.) [E-book]. Auerbach Publications

Mangilog, Anthony C.
2019-104415
ReplyDelete
Replies
AnonymousNovember 9, 2021 at 2:52 AM
A systematic guide that helps organize and summarizes anticipated controls or control topics is known as an internal control framework. Some organizations create control frameworks for development purposes, such as the COSO internal control framework, while others, such as the COBIT IT Control framework, are much more detailed. An effective internal control system provides assurance that an organization's policies, processes, tasks, behaviors, and other aspects, when combined, facilitate its efficient and effective operation, help achieve the quality of internal and external disclosures, and aid in conformance with legal and regulatory requirements. And, in my opinion, the COSO framework is the most effective and well-designed framework for providing thought leadership by developing comprehensive frameworks and assistance on internal control, fraud protection, and risk management. The COSO (Committee of Sponsoring Organizations) Framework is a framework for developing, utilizing, and analyzing internal controls for organizations, with the purpose of offering risk management process. A COSO Framework's overarching aim is to strengthen and enhance its effectiveness and oversight while lowering the impact of the problem of fraud. Although the COSO framework for internal control is not a statutory necessity, but rather considered best practice, it provides the organization with significant benefits such as increased confidence in controls and the help to address threat to an acceptable level.
Garcia, T. (2020, July 2). What is an Internal Control Framework? Reciprocity. Retrieved November 8, 2021, from https://reciprocity.com/resources/what-is-an-internal-control-framework/

SALVO, MARY ROSE E., 2019-102485
ReplyDelete
Replies
Shayne Danielle G. SamsonNovember 9, 2021 at 2:57 AM
Internal controls could be defined as “practices put in place to create value for stakeholders and minimize risks” (Murdock, 2016). It is designed to provide reasonable assurance in achieving objectives, promote operational efficiency, safeguard the organization from risks and threats and ensure compliance with rules and regulations. The management can choose and apply whichever internal control framework available that suits the need of the organization. Out of the frameworks available, I believe that the COSO Framework is the most effective for an organization.

The Treadway Commission’s Committee of Sponsoring Organizations (COSO) developed a flexible framework for creating and monitoring internal controls. It includes seventeen principles that are linked to the five components – Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring Activities. Through a focus on corporate governance, ethical practices, and internal control, it intends to enhance the quality of financial reporting.

Effectively implementing the COSO framework is beneficial to the organization in improving the operations, responding to new challenges and threats, and maintaining a good reputation. The updated framework provides businesses with more effective internal controls, allowing them to effectively minimize risks and have the information needed to make good decisions. It is mentioned by AuditBoard (2021) that it is the framework that corporations most frequently use to run an efficient and effective financial statement control environment. It also guides the organization to the right path in facing and handling risks, fraudulent activities, and cybersecurity threats. Major cost savings would also be possible as there would be fewer errors and delays. And lastly, it attracts and appeals to potential inventors through controlled risk management, effective internal control, and ethical ideals. With all these values the COSO Framework can bring, it could be considered vital to enhance an organization.

References:

AuditBoard. (2021, March 3). Auditing with COBIT, COSO, and ISO Control Frameworks. AuditBoard. https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/

Half, R. (2015, March 25). The Benefits of Adopting the COSO 2013 Framework — Even If You Aren’t Required to. Www.roberthalf.com. https://www.roberthalf.com/blog/management-tips/the-benefits-of-adopting-the-coso-2013-framework-even-if-you-arent-required-to

Murdock, H. (2016). Operational Auditing: Principles and Techniques for a Changing World (1st ed.). Auerbach Publications. https://doi.org/10.1201/9781315368733

SAMSON, SHAYNE DANIELLE G.
2019-102562
ReplyDelete
Replies
Tapia, Gian Tricia B.November 9, 2021 at 3:15 AM
An organized guide that categorizes the expected controls or control topics is what an internal control framework is. There are many frameworks that are applicable to various field of businesses. Organization uses a control framework because it determines the accuracy of financial statements that they can rely whenever they make informed decisions. The best internal control framework that gives the most effectivity to an organization is the COSO internal control framework. COSO framework is usually used for general purposes of an organization. Committee of Sponsoring Organizations of the Treadway Commission (COSO) internal control framework are known as an efficient and effective financial statement control environment. This is the best IC framework since it is a vital instrument that it allows an organization to focus on important structures, beliefs, and procedures that collectively comprise the idea of internal control, much beyond the traditional financial emphasis. This framework are divided into 3 internal control objectives which are: 1) operations that talks about the performance goals and focusing to the efficiency of the business operations, 2) reporting as it serves as the transparency and reliability of the organization, and 3) compliance which are the organization should comply to the laws and regulations. This is the most effective for an organization because it focuses on fulfilling operational, reporting, and/or compliance goals. It is dependent on people's behaviors, not just written regulations and procedures. To a fair degree, assures top management of security. Lastly, it can be modified to the demands of the entire organization as well as the needs of each department, unit, or process.

Internal Control Framework. (2021, November 9). AuditBoard. Retrieved November 9, 2021, from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/

Putra, L. D. (2009, November 13). [Internal] Control Frameworks and Their Components. Accounting, Financial, Tax. Retrieved November 9, 2021, from http://accounting-financial-tax.com/2009/11/internal-control-frameworks-and-their-components/

Snook, A. (2019, November 21). COSO Framework: What it is and How to Use it. I-Sight. Retrieved November 9, 2021, from https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/

-TAPIA, GIAN TRICIA B (2019-103668)
ReplyDelete
Replies
Vince DelambacaNovember 9, 2021 at 3:17 AM
In the field of Auditing, A structured guide that organizes and categorizes expected controls or control topic is known as an Internal Control Framewok. When a company employs a control framework effectively, management creates internal control processes that use the framework as the foundation. This assists the organization in developing standard operating procedures that create and preserve value while mitigating risks.

In my perspective, The COSO framework is the most widely used internal framework among all auditing frameworks. The internal control framework developed by Committee of Sponsoring Organizations of the Treadway Commission (COSO) that corporations most commonly use to deploy an efficient and effective financial statement system of internal controls. COSo created a control framework with the goal of providing detailed guidance to managers when designing or mapping internal controls for audit risk assessments and risk management. In conncetion with this, it is essential to approach the control framework in audit that lead the organization to be effective and efficient. Auditing with a control framework begins with confirming the framework that management selected to best support the business objectives. In addition, auditors should align the organization's internal controls with the frameworks expected controls. Auditors should conduct a gap analysis to identify missing controls and poorly designed controls and to implement corrective action plans to close the exposure. Furthermore, it is critical to test effectiveness and collect action plans in areas where auditor's are most comfortable and experienced. Finally, it should keep track of mitigation activity to see how management's corrective actions plans are progressing.

Hence, The COSO integrated framework's control objectives are the heart of internal control, which is dominant because it determines the accuracy of an organization's financial statements and they can be relied on to make sound decisions. Although the COSO internal control framework is considered best practice and is thus used by the vast majority business that inclines to the updated version gives business greater confidence that their internal controls can reduce risks to acceptable levels.

Reference:

Auditboard. (2021). Auditing with COSO, COBIT, and ISO Control Frameworks. https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/

DELAMBACA, VICENTE JR T. (2019-106640)
ReplyDelete
Replies
Joanna Elaine O. MacanipNovember 9, 2021 at 3:34 AM
Controls are methods and processes that assure a company's efficiency, dependability in reporting, and compliance with standards. An organized guide that collects and categorizes expected controls or control topics is known as an internal control framework (TechTarget, 2011). According to the study of Leng & Zhang (2014), the control environment is an integral component of the internal control framework because it sets the tone for the organization as a whole and influences the execution of its employee awareness. Furthermore, an effective system provides reasonable assurance regarding the achievement of an entity’s objectives.

In accordance to the question aforementioned above, I think the best internal control framework is the Committee of Sponsoring Organization of the Treadway Commission (COSO). COSO is a popular internal control system that is widely used to manage an efficient and effective financial statement control environment. Concerning this, it guarantees that the organization’s control system is being utilized properly and working efficiently. In addition, it enables an organization to successfully establish and manage internal control systems that increases the possibility of attaining the entity's objectives while also allowing the entity to respond to changes in the business and operating environments. It may also assist the company in reducing risks to acceptable levels and facilitating effective decision-making and governance.

References:
Internal Control - Integrated Framework. (2013). Committee of Sponsoring Organizations of the Treadway Commission (COSO). https://na.theiia.org/standards-guidance/topics/documents/executive_summary.pdf.

Leng, J. & Zhang, L. (2014). Research and Discussing on Internal Control Auditing. Modern Economy. 05. 785-790. http://dx.doi.org/10.4236/me.
2014.57072.

TechTarget. (2011). Control Framework. https://searchcompliance.techtarget.com/
definition/controlframework#:~:text=A%20control%20framework%20is%20a,business%20value%20and%20minimize%20risk.&text=Control%20activities,Monitoring.

ReplyDelete
Replies
Genelyn AloroyNovember 9, 2021 at 4:15 AM
WHAT IS THE BEST INTERNAL CONTROL (IC) FRAMEWORK AND WHY IS IT THE MOST EFFECTIVE FOR YOU AND TO AN ORGANIZATION?

Internal controls are practices and processes created to provide business value and minimize risk. An internal control framework aims to organize and categorize an organization's internal controls, which are practices and procedures established to create business value and minimize risk. All internal control frameworks are best depending on the organization’s needs and culture. However, in my opinion, COSO (Committee of Sponsoring Organizations of the Treadway Commission) internal control framework is the most effective.

According to Auditboard (2021), the COSO is the most widely used framework for establishing and maintaining an efficient and effective financial statement control environment. COSO created a system model with five elements that are divided into 17 principles. The principles are further broken down into 87 areas of emphasis to give managers more specific assistance when establishing or mapping internal controls for audit risk assessments and risk management. Its 1992 guideline has been greatly updated to reflect a number of key environmental changes that occurred since then. Higher expectations for governance supervision, increasing operational and regulatory complexity, reliance on emerging technology, and higher expectations for fraud prevention and detection are among the changes in the environment (Government Finance Officers Association, 2015).

COSO broadens the scope of risk management by guiding and encouraging risk taking rather than merely minimizing negative risks. Its purpose is to get compliance certification. Its improvement resulted in a significant shift in the organization's risk management. It is included into the decision-making process of the organization to guarantee that the organization is taking the appropriate risks in the appropriate amounts. COSO was "...created by and focused on the needs of auditors," according to Hans Læssøe. It is primarily concerned with general governance and, as a result, it is in charge of the entire organization. Its most recent edition goes into further detail about risk appetite and gives several graphic illustrations of risk appetite, tolerance, and capacity.

In conclusion, since COSO internal control framework started issuing framework since 1992, it has been widely used by various organizations. COSO then developed their standards according the changing needs in internal control and risk management. Because of this coping mechanism, its standards are able to meet the demands of an evolving business environment.

References:
Auditboard (2021 March 03). Auditing with COSO, COBIT, and ISO Control Frameworks. Retrieved from: https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/
Government Finance Officers Association (2015). Internal Control Framework. Retrieved from: https://www.gfoa.org/materials/internal-control-framework
Williams, C. (2019). ISO 31000 VS. COSO – COMPARING AND CONTRASTING THE WORLD’S LEADING RISK MANAGEMENT STANDARDS. Retrieved from: https://www.erminsightsbycarol.com/iso-31000-vs-coso/

ALOROY, GENELYN T. (2019-202971)
ReplyDelete
Replies
Arabit, Princess MaeNovember 9, 2021 at 5:05 AM
This comment has been removed by the author.
ReplyDelete
Replies
Arabit, Princess MaeNovember 9, 2021 at 5:08 AM
Let us first define the control framework to provide you with the most effective internal control framework. A control framework is a conceptual foundation for developing a set of controls for a company. This set of rules aims to reduce risk by coordinating the use of practices and procedures.

The Integrated Framework, developed by the Treadway Commission's Committee of Sponsoring Organizations (COSO), is the most well-known control framework. The Committee of Sponsoring Organizations (COSO) was established in 1985 to assist the National Commission on Fraudulent Financial Reporting. Its purpose is to create frameworks and guidelines for internal control, fraud prevention, and risk management. COSO, founding by the American Institute of Certified Public Accountants (AICPA), the American Accounting Organization (AAA), the Institute of Management Accountants (IMA), the Institute of Internal Auditors (IIA), and Financial Executives International (FEI).

COSO defines Internal Control as a process carried out by the entity's board of directors, management, and other personnel to provide reasonable assurance regarding the achievement of operational, reporting, and compliance objectives. Control environment, risk assessment, control activities, information and communication, and monitoring activities are all reflected in this definition.

It is the most effective for an organization due to the following reasons:
• It provides a principle directed at controlling technology infrastructure, development, use, and links with other processes.
• It gives a principle directed at fraud risk assessment.
• There is a greater emphasis on ensuring competent personnel is hired and held accountable to the organization, shareholders, and the community.
• It explicitly considers business models and legal structures.

Altogether, aligning objectives and critical risks is a significant step toward improving the internal audit's credibility, relevance, and value. Connect with the audit committee, confirm traditional coverage, such as financial controls, fraud, and ethics – and propose additional coverage in less conventional areas. Demonstrate competence by telling the story rather than just writing it – assist in problem-solving through objective eyes.

References
Tiwari, G. (2018, May 19). COSO ERM and ISO 31000: Important aspects explained. https://gauravtiwari.org/coso-erm-iso-important-aspects/

Accounting Tools. (2021, April 14). Control framework definition. https://www.accountingtools.com/articles/2017/9/20/control-framework#:~:text=The%20best-known%20control%20framework%20is%20the%20Integrated%20Framework%2C,achievement%20of%20objectives%20in%20the%20following%20three%20areas%3A

Wyk, A. & Stegemann, T. (2015). Benefits of Controls Frameworks- Putting COSO into Action. IIA-Australia Membership and Professional Development. https://iia.org.au/sf_docs/default-source/sopac-2016/3d-benefits-of-control-frameworks---putting-coso-into-action.pdf?sfvrsn=2

- Arabit, Princess Mae D.
2019-103719
ReplyDelete
Replies
Micah LongnoNovember 9, 2021 at 5:12 AM
No business entity wanted to incur loss or experience any discomfort while they are in the process of achieving their goals and objectives. Management must have a well-structured measure and methods that align stakeholders with the business’s goals. Internal control, is the process by which the management structures an organization to provide assurance that the entity is functioning efficiently and effectively. (James, n.d). there are several control frameworks proposed for forms to use as a guide in their internal control activities. However, not all frameworks work best for a certain company. That is why choosing the best internal control framework is important. A business can choose a specific control framework that they think is perfectly suited for their company.
After comprehending articles about different internal control framework, I came to a conclusion that Committee of Sponsoring Organization (COSO) framework is the most conventional and I think the most useful when it comes to internal control framework. COSO internal control focuses on achieving objective in operation, reporting and/or compliance. COSO’s goal was to improve the quality of financial reporting through a focus on corporate governance, ethical practices, and internal control. (Murdock,2016). To simplify things companies, practice the COSO framework because it manages different part of the organization. From the employees, their workplace environment, the identification of risk and assessment and control measurement. From the structure and the relationship of the five components up to their objectives it is evident that I consider COSO framework as the best internal control framework.

LONGNO, MICAH LEI C. (2019-106978)

References
Griffin, D. (n.d.). What Are Internal Accounting Controls? Retrieved from Google : https://smallbusiness.chron.com/internal-accounting-controls-3809.html
Murdock, H. (2016). Operational Auditing: Principles and Techniques for a Changing World (1st ed.). Auerbach Publications. https://doi.org/10.1201/9781315368733

ReplyDelete
Replies
Maria Eloisa A. RamosNovember 9, 2021 at 5:14 AM
WHAT IS THE BEST INTERNAL CONTROL (IC) FRAMEWORK AND WHY IS IT THE MOST EFFECTIVE FOR YOU AND TO AN ORGANIZATION?

The best internal control framework for me is the ISO or International Organization for Standardization. ISO is an independent, nongovernmental organization. Through its 162 national standards groups, it brings together experts to share knowledge and develop voluntary standards that support innovation and provide solutions to global and business challenges. International standards give world-class specifications for products, services and systems, to ensure quality, safety, and efficiency. They are also instrumental in facilitating international trade by providing standardized parameters and criteria and establishing expectations. The organization has published more than 19,000 international standards and related documents, covering almost every industry, from technology, to food safety, to agriculture and healthcare (Murdock, 2017). It is the most effective for me and to the organization because ISO provides an information or standard that is relevant to the modern world which helps the organization in solving their internal challenges. One of the challenge or risk that many organizations are facing is the information technology risk which ISO provides a solutions. ISO 17799 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. (1/2)

Maria Eloisa A. Ramos
2019-101335
ReplyDelete
Replies
Maria Eloisa A. RamosNovember 9, 2021 at 5:15 AM
It contains best practices of control objectives and controls in the following areas of information security management: organization of information security; physical and environmental security; communications and operations management; access control; information systems acquisition, development and maintenance; information security incident management; and etc. And, ISO 27001 providing requirements for an information security management system (ISMS), though there are more than a dozen standards in the ISO/IEC 27000 family. Using them enables organizations of any kind to manage the security of assets such as financial information, intellectual property, employee details or information entrusted by third parties. Internal auditors should become familiar with ISO standards as they drive the decisions, goals, and operational practices of the management team at many organizations. It also provides structure to common business initiatives that some organizations may be at various levels of development (Murdock, 2017). Also, ISO provide wide range of information that helps the organization in improving their operation and management. (2/2)

Reference:
ISO (2005). ISO/IEC 17799:2005 Information technology — Security techniques — Code of practice for information security management. ISO. https://www.iso.org/standard/39612.html
ISO. ISO/IEC 27001 Information Security Management. ISO. https://www.iso.org/isoiec-27001-information-security.html
Murdock, H. (2017). Operational Auditing: Principles and Techniques for a Changing World. CRC Press Taylor & Francis Group. pp 134 - 135

Maria Eloisa A. Ramos
2019-101335
ReplyDelete
Replies
Catherine BulingNovember 9, 2021 at 5:33 AM
The best internal control framework, in my opinion, is the COSO framework. The COSO framework primarily focuses on ethical practices, internal control, and corporate governance of the company to improve the quality of financial reporting. Internal controls are designed, implemented, maintained, and evaluated using the COSO framework. According to COSO, an entity can achieve effective internal control by implementing all of the principles that relate to operations, reporting, and compliance objectives. Operations objectives focus on the efficiency and effectiveness of business operations. Reporting, on the other hand, includes both internal and external financial reporting as well as non-financial reporting. That’s also related to transparency, timeliness, and accuracy of the organization’s reporting practices. Lastly, compliance refers to internal control objectives centered on the organization's adherence to rules and regulations (Snook, A. ).

There are five components to an internal control system under the COSO framework. These are control environments, risk assessment, information and communication, control activities, and monitoring. These five components work together to form an integrated system. It will enable the company to anticipate external events that may jeopardize the attainment of its goals and plan appropriately. ensuring that it adheres to reporting regulations, rules, and standards as well as applicable laws. The COSO framework is the most effective framework for me because, through it, various risks that the company may face are identified and assessed regularly at all levels and within all functions in the organization. Moreover, to handle and mitigate major risks, control operations and other procedures are planned ahead of time. Through established channels, critical information for identifying risks and achieving business objectives is shared throughout the firm. The entire internal control system is constantly monitored, and any flaws are corrected as soon as possible.

References:

Snook, A. (n.d.). COSO framework: What it is and how to use it: I-sight. Retrieved November 9, 2021, from https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/.

Kirkpatrick, J. (2019, June 19). 5 components of Internal Control - COSO: C.R.I.M.E.: Kirkpatrickprice. KirkpatrickPrice Home. Retrieved November 9, 2021, from https://kirkpatrickprice.com/video/5-components-internal-control/.

-Buling, Catherine (2019-103626)

ReplyDelete
Replies
Shiela Mae D. AlcantaraNovember 9, 2021 at 6:15 AM
There are various expert-designed internal control frameworks that a corporation can apply and these frameworks can greatly improve corporate operations. However, COSO's Internal Control Integrated Framework (IC-IF) is the best and most effective for an organization. It was developed by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) which generated guidelines to help firms with risk assessment, internal controls, and fraud prevention.

The COSO framework's first version was developed in 1992, and the most recent version was published in 2013. The COSO framework divides internal control objectives into three categories: operations, reporting, and compliance. The first category is the operations, which refers to the goals of the organization on its daily operation and it aims to reduce risks of fraud against the asset. The second category is reporting, which refers to the financial reporting' goal of being reliable, transparent, and timely. The last category is compliance, which is about the organization's observance of laws, standards and regulations. Aside from the aforementioned categories, the COSO framework also contains five components. These are control environment, risk assessment, information and communication, monitoring activities, and existing control activities. These components are useful for the organization to establish internal controls, to create objectives, to verify performance assessments and to add continual evaluations into corporate processes.

Every category and component of the COSO framework serves the business, especially auditors who want information for planning, analysis, decision-making, and monitoring. It offers advice and a road map for efficiently building and managing companies, in order to maximize the probability of meeting goals. It is also designed to act as a facilitator to reduce risks and their negative consequences on enterprises programs and processes.

References:

Committee of Sponsoring Organizations of the Treadway Commission (COSO). Internal Control—Integrated Framework (Framework). https://www.coso.org/Documents/990025P-Executive-Summary-final-may20.pdf

Murdock, H. (2017). Operational Auditing: Principles and Techniques for a Changing World. CRC Press Taylor & Francis Group. pp 101 - 140

ALCANTARA, SHIELA MAE D.
2019-103506
ReplyDelete
Replies
Rina P. BucalNovember 9, 2021 at 6:44 AM
Internal control is defined as practices put in place to create value for stakeholders and minimize risk (Murdock, 2017). It is designed to assure that the information is reliable, accurate, and timely; the organization is in compliance with the applicable laws, policies, and regulations; and the financial reports are reliable. To properly administer control, organizations voluntarily implement a control framework. This helps them prevent errors and irregularities, identify problems and risks, and ensure that corrective action is taken. Out of the different frameworks available, COSO’s internal control integrated framework, in my opinion, is the most effective framework that businesses should apply. The goal of this framework is to improve the quality of financial reporting through a focus on corporate governance, ethical policies, and internal control. With its 17 principles representing concepts considered critical to implementing the control elements, it is believed that if they are all applied, the entity can achieve effective internal control. According to Half (2015), adopting the COSO framework is beneficial as it improves internal control, enhances cybersecurity, saves costs, and helps organizations gain positive attention from investors. Overall, the framework improves the organization's internal control by providing an effective control to better mitigate risk and have the necessary data to support sound decisions.

References:

Murdock, H. (2017). Operational Auditing: Principles and Techniques for a Changing World. Taylor & Francis Group.
Half, R. (2015). The Benefits of Adopting the COSO 2013 Framework – Even If You Aren’t Required to. Retrieved November 9, 2021. https://www.roberthalf.com/blog/management-tips/the-benefits-of-adopting-the-coso-2013-framework-even-if-you-arent-required-to#:~:text=Benefit%20%231%3A%20Improved%20internal%20controls&text=According%20to%20the%20COSO%20board,to%20support%20sound%20decision-making.

BUCAL, RINA P. (2019-102462)

ReplyDelete
Replies
UnknownNovember 9, 2021 at 7:31 AM
WHAT IS THE BEST INTERNAL CONTROL (IC) FRAMEWORK AND WHY IS IT THE MOST EFFECTIVE FOR YOU AND TO AN ORGANIZATION?

An entity’s processes should be well-controlled by management and board. Internal control plays an important role in the system, procedures and processes of the business. As part of achieving the best internal control system for the entity, a framework is required in assessing and evaluating the plan of organization and the procedures and records in accounting and administrative internal control.

On the other hand, internal control helps entities achieve important objectives and sustain and improve performance. Undeniably, the COSO’s Internal Control Framework is likely suitable for most effective framework to an organization.

The Committee of Sponsoring Organizations of the Treadway Commission’s (COSO) framework for internal business controls helps organizations ensure that their financial statements are accurate, their assets and stakeholders are protected from fraud, and their operations are running efficiently and effectively. Its guidance encompasses the entire organization, from auditing to IT (Guide to COSO Framework and Compliance, 2019).

Although COSO is the most widely used framework for internal controls, compliance can be challenging and expensive. But it’s not as costly or difficult as recovering from fraud, theft, reputational loss, or legal penalties. More importantly, COSO Internal Control Framework enables the organization to effectively and efficiently develop systems of internal control that adapt to changing business and operating environment, mitigate risks to different acceptable levels, and support sound decision making and governance of the organization.

References:
• Guide to COSO Framework and Compliance. (December 2019). Reciprocity. Retrieved on November 9, 2021. https://reciprocity.com/guide-to-coso-framework-and-compliance/
• Everson, M., Soske, S., Martens, F., et.al. (May 2013). Internal Control-Integrated Framework. COSO Organization. Retrieved on November 9, 2021. https://www.coso.org/documents/990025p-executive-summary-final-may20.pdf

Landar, Connard B.
2019-105059
ReplyDelete
Replies
Jana LoreñoNovember 9, 2021 at 7:58 AM
(1/2)

There are various internal control framework being implemented as a means of improving business results. One of these frameworks is, COSO’s Integrated Framework (ICF), the most widely known internal control framework. Its main objective is to improve the quality of financial reporting by focusing on corporate governance, ethical practices, and the internal control itself. Murdock (2017) explained that the COSOs Integrated Framework has five components to support an entity’s objectives: (1) Control Environment, (2) Risk Assessment, (3) Control activities, (4) Information and Communication, and (5) Monitoring activities.

Control environment exercises integrity, ethical values, organizational structure, management’s principles and values. In this component, it drives an ethical conduct within the organization. Giving emphasis on creating a healthy environment to improve productivity, efficiency, and employees morale because it is believed that happy employees tend to provide better quality of services.

The second component, risk assessment, encompasses the identification, quantification, analysis, and management of organizational risks. It is discussed in the previous lesson that a company is not an exception for vulnerabilities because there is a probability of “risk” that can damage the company depending on the risk’s potential level. And that’s when risk assessment play its role, to give immediate response, like implementing corrective measures, to these threats so that it will not take a toll on a company.

COSO’s Internal Framework also established policies and procedures to mitigate the impact of risks through its third component—control activities. Here, the application of change management is being conducted as well as the improvisation of security of an organization towards risks.

LOREÑO, JANA U.
(2019-101799)
ReplyDelete
Replies
MARINEL NUDONovember 9, 2021 at 8:21 AM
Internal controls are the mechanisms, rules, and procedures implemented by a company to ensure the integrity of financial and accounting information, promote accountability and prevent fraud (Kenton W. (2021)).
An internal control framework is a structured guide that organizes and categorizes expected controls or control topics, some of its framework are COSO, COBIT and ISO. For me the best internal control framework is COSO (Committee of Sponsoring Organization) Framework this is a framework for designing, implementing and evaluating internal control for organizations, providing enterprise risk management. COSO Is the most effective framework All organizations have risks, meaning they may have factors that cause them not to reach their objectives, be they internal or external factors. Appropriate risk assessment is performed by providing reasonable assurance that organizations take only risks with an acceptable tolerance. The COSO framework helps to ensure that the activities taken by all members of the organization are those that would help the company achieve its goals without taking unnecessary risks. The controls provided by COSO help to ensure that the communications that are occurring, internally and externally, are following best practices and working towards accomplishing the organization’s goals. Establishing controls across the environment ensures that standard practices are used throughout the organization. It consists of a set of standards, processes and practices. Information is gathered and evaluated by regulators and select management regularly and reports are given to management and board of directors for ongoing evaluation (Garcia T. (2019)).
Kenton W. Reviewed by: Mansa J. Fact checked by: Kvilhaug S. (2021). Investopedia: Internal Controls. https://www.investopedia.com/terms/i/internalcontrols.asp
Garcia T. (2019). Reciprocity: What is the COSO framework? https://reciprocity.com/resources/what-is-the-coso-framework/

NUDO, MARINEL S.
2019-106335
ReplyDelete
Replies
John Michael F. DemabildoNovember 9, 2021 at 8:33 AM
Internal control has been long to be considered as the backbone of a company’s management system. As defined by the Saha Rating (n.d.), an internal control is “the entire work of monitoring, assessing, and reporting that is carried out by the internal audit organization to determine whether a company’s activities are in compliance with the strategies, policies, and application directives introduced by its management.” With this description, it has multiple aims such as: enhancing the reliability of both of its internal and external report, sustaining the operation’s efficiency and effectiveness, and compliance with the legal and administrative regulations.

With how broad the concept of internal control is, it sure does have a variety of frameworks. Among the popular framework known is the COSO (Committee of Sponsoring Organization) internal framework, which was originally launched in 1992. Although it is not a mandatory standard, the COSO proposed a common framework of what is considered a good internal control and how it helps the organization. Half (2015) listed some of the benefits the COSO provides, they are: (1) the framework offers improved internal controls as it allows the management to better mitigate risks and acquire the necessary data to support sound decision-making; (2) assists firms in addressing and controlling the alarming amount of cyberattacks in line with the higher demand for advanced technology, and (3) enables major cost savings as it also allows to streamline procedures and processes to manage compliance expenses better.

With this matter in mind, it is safe to say that COSO internal framework is a significant driver of the performance of the entirety of the business as it is designed to safeguard firms from the potential loss or misappropriation of its assets and at the same time, it highlights the importance of managing risks to enable the organization in generating and preserving its value on an entity-level. Do also take note that it cannot actually eliminate all the existing irregularities and errors, however, despite of it, the mere fact that it can alert management beforehand means that the company can take actions in preventing the possible worse-case scenarios that may occur with the assistance of the COSO internal framework.

References:

Saha Rating (n.d.). Internal Control. Accessed November 3, 2021 from http://www.saharating.com/~saharati/en/about-us/internal-control/

Half, R. (2015). The Benefits of Adopting the COSO 2013 Framework—Even If You Aren't Required to. Accessed November 3, 2021 from https://www.roberthalf.com/blog/management-tips/the-benefits-of-adopting-the-coso-2013-framework-even-if-you-arent-required-to

Written by:
Demabildo, John Michael F., 2019-101694
ReplyDelete
Replies
UnknownNovember 9, 2021 at 9:23 AM
Every organization should have established internal control policies guiding its operations that keep its activities on track with its desired outputs. The Committee of Sponsoring Organization of the Treadway Commission defined internal control as a procedure developed by an entity’s board of directors, management, and other personnel designed to provide reasonable assurance regarding the attainment of objectives relating to operations and reporting. Internal control policies are necessary to an organization. Minimizing risks, safeguarding assets, ensuring the accuracy of records, promoting and increasing operational efficiency and effectiveness, and encouraging members of the organizations to abide by policies, rules, regulations, and laws are the primary functions of internal control. The management should acknowledge and adopt an internal control framework that would best suit its operations.

The Audit Board defines internal control framework as a structured guide that organizes and categorizes expected controls or control topics. COSO Framework, COCO Framework, COBIT Framework, GTAG Framework, ISO Framework, ITIL Framework, and CMMI Framework are the frameworks for naming a few. Each conceptual framework intends to apply to a specific management control need. Therefore, to have an internal control system that will help achieve management goals and objectives while maintaining good standing, management should evaluate keenly through its goals and objectives what specific internal control is in line with their desired outputs. Above all the internal control frameworks mentioned above is the COSO Framework, an internal control conceptual framework established by the Committee of Sponsoring Organization of the Treadway Commission. Many entities opt-in using this framework to run an effective and efficient financial statement control environment. It comprises the five components primarily: Control Environment, Risk Assessments, Control Activity, Information and Communication, and Monitoring Activity. The internal control framework designates the set of business objectives: Operations, Reporting, and Compliance. The principles are disparted into 87 focus points providing a detailed guide to managers when designing or mapping internal control used for audit risk assessments and the management.

COSO Framework aims to enhance and improve organizational performance and oversight and the quality of risk assessments, strengthening anti-fraud efforts, therefore, reducing the extent of risk of fraud which had been the leading dilemma in most organizations. Additionally, the use COSO Framework could provide multiple benefits to the stakeholders, the management, the board of directors, external parties such as the key suppliers, customers, and others. More importantly, adapting COSO Framework offers agility, confidence, and clarity. (McNally, 2012) The competency to adapt to increasing complexity, the confidence to mitigate risks to achieve objectives, and the clarity to provide reliable information to support sound decision-making.

REFERENCES:
Audit Board (2021, March 03). Auditing with COSO, COBIT, and ISO Control Framework. Retrieved 09 November 2021 04:30 pm from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/

Schandi, Annette and Foster, Philip (2019, January). COSO Internal Control-Integrated Framework: An Implementation Guide for the Healthcare Provider Industry. Retrieve 09 November 2021 06:07 pm from https://www.coso.org/documents/coso-crowe-coso-internal-control-integrated-framework.pdf

McNally, Stephen (2012, June 26). COSO Framework Holding Strong- Getting a Polish. Retrieved 09 November 2021 07:00 pm from https://www.accountingweb.com/practice/practice-excellence/coso-framework-holding-strong-getting-a-polish

PIOLIN, RICKA MAE B
2019-101805
ReplyDelete
Replies
AnonymousNovember 9, 2021 at 10:00 AM
Every business, especially today, has been vulnerable to internal risks which have a great impact on the organization’s operation as well as the objectives, some of these risks that are not given attention to lead to internal fraud. Internal fraud is a threat that every organization might face if the management does not perform well such as not acting in conformity with the company’s principles that is why there is a need for internal control to ensure the proper execution of the operation. Based on what I outsourced regarding the different internal control frameworks, I think the most effective is the one that COSO provided wherein if an organization utilizes this, they will achieve the highest effective internal control. The COSO framework suggests that the organization must be divided into various levels, presented through a form of a cube, for the purpose of achieving effective internal control. COSO’s goal is to improve the quality of financial reporting through a focus on corporate governance, ethical practices, and internal control (Murdock, 2017). To begin with, presented in a cube form are the three dimensions that will guide the organization into achieving effective internal control in which the first dimension represents the three functions where the COSO framework mentions certain actions that need to be taken under them. These functions aim to develop internal controls by studying thoroughly the organization’s operation, ensuring that the information system is timely and reliable through auditing the information source in reporting, and ensuring that internal controls complied with laws and regulations. The second dimension presents how internal controls are managed in which they are monitored at various levels in order to establish the internal controls effectively. Moreover, the third dimension represents the components of internal controls that work together as an integrated system that contains 17 principles associated with each of them. The malfunction of any one component would impact all the other components as well. With all things being considered, COSO’s aim is to provide a set of tools that can be used by every company to come up with effective internal control and also to assist them to make the implementation of risk management comparatively easier.

References:
Murdock, H.
(2017). Operational auditing: principles and techniques for a changing world. https://e-rtu.edu.ph/pluginfile.php/286094/mod_resource/content/1/Operational%20Auditing%20The%20Principles%20%20Techniques%20for%20a%20Changing%20World.pdf

Juneja, P.
The COSO framework for internal control. https://www.managementstudyguide.com/coso-framework-for-internal-control.htm

Chavez, Catherine H
2019-101209
ReplyDelete
Replies
Krystal Vien T. LadaoNovember 9, 2021 at 11:51 AM
Good internal controls are very important to every business. It helps the business ensure the efficiencies and effectiveness of its operations, the accomplishment of its goals and objectives, and the protection of its assets and employees. In establishing internal controls, every business needs framework as a guidance in developing a strong and effective internal control system. There are 7 internal control frameworks that can be guidance in designing, implementing and evaluating internal control system for a business. And out of the 7 frameworks, the most effective framework is the COSO (Committee of Sponsoring Organization) Framework.

In COSO Framework, internal control is an ongoing process, and it is not merely written policies and procedures, it depends on people’s actions. Internal control in this framework can be adapted not just to the needs of the whole organization but also to each department, unit or process. According to Snook (2019), COSO framework divides internal control objectives into three categories: the operations, the reporting and the compliance. The (1) Operations objectives focuses on the effectiveness and efficiencies of the business operations. (2) Reporting objectives relates to transparency, timeliness and reliability of the organization’s reporting practices. While (3) Compliance objectives are goals that based on adhering to laws and regulations that must be complied with.

Unlike any other framework, COSO is a broad framework. It can be applied to a wide array of industries and processes (Snook, 2019). COSO framework guide a business to design a fraud-deterring system of internal controls. These framework will provide reliable financial reporting for management decisions of a business. It ensures the business' compliance with applicable laws and regulations to avoid risk of public scandals. The COSO is a great framework to choose when designing or modifying a system of internal controls.

Reference:

Snook, A. (November 21, 2019). COSO Framework: What it is and How to Use it. Retrieved November 08, 2021 from
https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/

— KRYSTAL VIEN T. LADAO (2019-106903)
ReplyDelete
Replies
Sean Lester NombradoNovember 9, 2021 at 12:02 PM
WHAT IS THE BEST INTERNAL CONTROL (IC) FRAMEWORK AND WHY IS IT THE MOST EFFECTIVE FOR YOU AND TO AN ORGANIZATION?
The internal control focuses on the effectiveness and efficiency of operations, reliability of financial reporting, and compliance with applicable laws and regulations. The best internal control framework that is the most effective for an organization and me is the control environment. According to Murdock (2016), The work environment is characterized by how the organizations are structured, leadership, openness, management's operational style, and having and implementing the principles of its ethical standards and statement of values as the control environment. It is a product of management's philosophy, kind and supportive attitude, and the competence, ethical values, integrity, and morale of its people. The organization structure and accountability relationships are significant factors in the control environment. Control environment encompasses different principles that will benefit the organizations. It demonstrates a commitment to integrity and ethical values, exercises oversight responsibility, establishes structure, authority, and responsibility, and enforces accountability. Organizations that develop an effective control environment can improve their efficiency in delivering value and achieving their strategic objectives.
A healthy culture and ethical environment advance employee morale, and it also helps to improve productivity and efficiency. In connection with customer experience, employee satisfaction, and retention, enterprises that set expectations and encourage doing innovative work and doing it well are doing this for the right reasons to beat their competitors. Failure to retain effective governance, ethics, and compliance programs can jeopardize an organization's reputation. Consequently, a poor "tone at the top" by the board of directors or executive management will likely hinder or damage the other components of internal control (Cpa,2020).

Refences:
Cpa, I. C. C. |. (2020, March 25). Effective Internal Control Environment & Risk Assessment. Linford & Company LLP. https://linfordco.com/blog/internal-control-environment/
Murdock, H. (2016). Operational Auditing: Principles and Techniques for a Changing World (Internal Audit and IT Audit) (1st ed.). Auerbach Publications.

- SEAN LESTER NOMBRADO (2019-106902)
ReplyDelete
Replies
Helen Grace GarciaNovember 9, 2021 at 2:25 PM

I believe the best and most effective internal control framework for an organization is the COSO framework. Why? It is because the COSO framework presents procedures and structure that are necessary to effectively identify, measure, evaluate, and analyze the risks, fraud, or error, and other factors that affect the entire business. The implementation of the COSO framework as an internal control would significantly help the organization in achieving its objectives in different categories, such as operations, reporting, and compliance. It would also help the organization secure its assets, ensure the accuracy and reliability of financial accounting information and financial reporting, improve operational efficiency and effectiveness, and encourage compliance with all applicable rules, regulations, and laws. (Chambers, A. & Rand, G. 2010).

Furthermore, the COSO's internal framework comprises of five components: control environment, risk assessment, control activities, information and communication, and monitoring activities, and it contains 17 principles that, if all applied, will result in an organization achieving effective control and providing reasonable assurance that supports the decision-making of the organization's board of directors, management, and other personnel regarding achieving the organization's objectives. The first component is the control environment, which refers to the workplace environment. In which the tone is established and communicated to employees and other personnel within the organization. It includes policies, procedures, disciplines, ethical practices and values, operating style, etc. The second component is risk assessment, which is concerned with identifying and measuring risks before analyzing and devising a strategy to mitigate and manage them. The third component is control activities, which are actions taken to reduce the likelihood and impact of risks. Controls can be either manual, automated, or a combination of the two. The fourth component is information and communication, which refers to communication process within an organization. Relevant information must be disseminated throughout the organization and communicated clearly, consistently, and timely to internal stakeholders in order for them to stay updated on their own responsibilities and understand how their activities relate to others, and it also must be communicated to external stakeholders. The fifth component is monitoring activities. This component is concerned with the continuous monitoring of the quality of the organization's internal controls. It is done through ongoing monitoring, separate evaluations, or a combination of the two. These five components of internal control must be in place and functioning properly to achieve effective internal control. (Murdock, H. 2017)

In conclusion, the COSO framework improves and enhances the organization's performance and risk management by providing benefits that assist the organization in developing strategies or adapting controls regarding various risks in order to achieve objectives and provide reliable information that helps in making sound business decisions.

References:
Chambers, A. & Rand, G. (2010). The Operational Auditing Handbook: Auditing Business and IT Processes. John Wiley & Sons, Ltd. ISBN 978-0-470-74476-5. pp 117
Murdock, H. (2017). Operational Auditing: Principles and Techniques for a Changing World. CRC Press Taylor & Francis Group. pp 102 - 138

- Garcia, Helen Grace M.
CBET01-503A
(2019-106976)
ReplyDelete
Replies
MARY ANN JINTALAN CEBUANONovember 9, 2021 at 4:00 PM
This comment has been removed by the author.
ReplyDelete
Replies
MARY ANN JINTALAN CEBUANONovember 9, 2021 at 4:02 PM
As I studied through the various components and structures of international control frameworks, the COBIT framework stood out to me. IT governance is the utmost importance in today's corporate environment (Horvath, 2021). We are presently in the midst of globalization, and everything is constantly evolving. We must adapt to change in order to achieve specific goals, particularly in business. There are several methods to run a firm, each have own set of procedures and principles that contribute to its success.

For me, COBIT framework is the best among all other framework, as COBIT help businesses in managing their data and information. This framework is more than IT operation, it also concerned with creating various procedures, policies, practices, and organizational structures. It assist businesses in assuring stakeholders that all business operations will meet their objectives while also preventing any unfavorable results through the management of IT and enterprise risks (Horvath, 2021). Also, Businesses are developing in which they embrace change through tecnology. It makes job a lot easier and convenient but exposes the business more on risk and any fraudelent acts. With the help of COBIT framework, those business risks can be lessen by making strategies and procedures in attaining business objectives.

As to businesses, COBIT can help especially the updated version of the framework which is the COBIT 2019. COBIT 2019 updates the framework for modern enterprises by addressing new trends, technologies and security needs.The COBIT Core Model, which covers 40 governance and management objectives for developing a governance program, now includes new ideas and language. When it comes to maturity and capability measures, the performance management system now gives you greater leeway. Overall, the framework is intended to provide enterprises with greater flexibility when developing an IT governance plan. The COBIT 2019 framework assists organizations in aligning current frameworks and understanding how each framework will fit into the broader plan. It may also assist firms in tracking the success of these various frameworks, particularly in terms of security compliance, information security, and risk management (White, 2019)

References:
Horvath, I. (2021, July 17). Understanding COBIT Framework: Structure, Components & Benefits. Invensis Learning Blog. Retrieved November 4, 2021, from https://www.invensislearning.com/blog/what-is-cobit-framework/?amp

White, S. K. (2019, January 16). What is COBIT? A framework for alignment and governance. CIO. Retrieved November 4, 2021, from https://www.google.com/amp/s/www.cio.com/article/3243684/what-is-cobit-a-framework-for-alignment-and-governance.amp.html

Cebuano, Mary Ann Jintalan (2019-106907)
ReplyDelete
Replies
Sophia Shield G. OclaritNovember 9, 2021 at 4:07 PM
Internal controls are the rules and processes that a company employs in its day-to-day operations. Determining the division of tasks across departments and workers, establishing which departments are permitted to execute specific operations, and implementing independent verification mechanisms are all part of administrative controls (Martin, 2017). According to Lafarge et al. (2007), risk-taking is an inevitable part of any business. There can be no development or growth in a corporation without taking any risks. Risks, on the other hand, if not effectively managed and controlled, can have a negative impact on a company's performance. Choosing the right internal control is essential to guide the company in achieving its objectives and goals.

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a popular internal control embraced by companies of all sizes to strengthen and improve organizational performance and control while lowering the risk of fraud (Dunkelberger, 2019). Personally, the best internal control for me is the COSO Framework. Countless businesses have failed over the last two decades because of poor risk management and internal controls, but adopting the updated framework provides enterprises with more effective internal controls, allowing them to effectively minimize risks and have the data they need to make smart decisions. According to COSO chairman and senior managing director for Protiviti (2020), the updated framework aids businesses in addressing and controlling the alarming number of cyberattacks.

Variety of internal control frameworks are available to companies of all sizes to embrace. Whether it is the COSO Framework or not, choosing the best internal control framework that will suit the company is essential in managing the risk effectively and efficiently.

References:

Martin, M. J. (2017, November 21). Differences between Administrative & Accounting. Small Business - Chron.com. Accessed November 9, 2020 https://smallbusiness.chron.com/differences-between-administrative-accounting-30634.html.

Lafarge, O. et al. (2007). Risk management and internal control system. Accessed November 9, 2021 https://www.amf-france.org/sites/default/files/contenu_simple/rapports_groupes_travail/Risk%20management%20and%20internal%20control%20system%20-%20Reference%20framework.pdf.

Dunkelberger, D. (2019, November 11). How can COSO framework improve your organization's internal controls. I.S. Partners. Accessed November 9, 2021 https://www.ispartnersllc.com/blog/how-coso-framework-improve-internal-controls/.

Half, R. (2020, July 1). The benefits of adopting the COSO 2013 framework - even if you aren't required to. The Benefits of Adopting the COSO 2013 Framework | Robert Half Management Resources. Accessed November 9, 2021 https://www.roberthalf.com/blog/management-tips/the-benefits-of-adopting-the-coso-2013-framework-even-if-you-arent-required-to.

OCLARIT, SOPHIA SHIELD G.
2019-105246
ReplyDelete
Replies
JAQUELINE V. LIGUTANNovember 9, 2021 at 4:29 PM
Before I present what is the best internal control framework, let me define first the meaning of internal control. According to Chambers and Rand, “Internal control” as an expression is distinctive from “external control”, the latter being control exercised over the business from outside by owners and other stakeholders. The exercised within the business by management and overseen by the board is an internal control and it also includes the control of activities that have been outsourced. Internal control refers to a company's organizational structure as well as the coordinated procedures and measures to protect assets, ensure the correctness and reliability of accounting data, improve operational efficiency, and encourage adherence to specified managerial rules.

As I have read on different sources, I found out that the best and most effective internal control framework is the Committee of Sponsoring Organizations of the Treadway Commission or simply known as the COSO Framework. Internal control, according to COSO, entails the following such as focuses on fulfilling operational, reporting, and compliance goals, a continuous procedure, dependent on people's actions, not just written policies and practices, and adaptable to the needs of the entire company as well as each department, function, or process. Its objectives are divided into three categories under the COSO framework and they are operations, reporting, and compliance. The COSO framework also teaches that an internal control system has five components and it includes control environment, risk assessment, control activities, information and communication, and monitoring.

To begin, the control environment is defined as the "collection of standards, processes, and structures that serve as the foundation for implementing internal controls throughout the business." Next, the ability to create objectives and judge their applicability for your firm, as well as the method for assessing risks versus risk tolerances, are all part of risk assessment. Then, control activities are the duties and activities that assist you achieve your internal control objectives as defined by organizational policies and procedures. The need of relevant and high-quality information for control functions is emphasized by COSO. These two things are recognized as fundamental to any internal control system by the information and communication component. Finally, keeping track or monitoring of your internal controls is just as critical as establishing them.

To summarize, this framework is the best among the other frameworks for the reason that it assists the organization in developing control methods that maximize value while avoiding risk. Its primary purpose is to improve, analyze, and evaluate areas for improvement while lowering the risk of fraud. It enables a company to react to a rapidly changing business environment, manage the risks to a reasonable level, establish adequate governance, and make sound decisions.

REFERENCES:
Chambers, A. & Rand, G. (2010). The Operational Auditing Handbook: Auditing Business and IT Processes. John Wiley and Sons, Ltd., Publication. pp 116 - 146
Grabillo, M. (2021, October 26). Operations Audit: Discussion Assignment Week 4. Glimpse of CPA’s Mind. Retrieved November 8, 2021. https://markgrabillo.blogspot.com/2021/10/operations-audit-discussion-assignment_11.html
Snook, A. (2019). COSO Framework: What it is and How to Use it. Retrieved November 8, 2021. https://www.i-sight.com/resources/coso-framework-what-it-is-and-how-to-use-it/

LIGUTAN, JAQUELINE V. (2019-104055)
ReplyDelete
Replies
UnknownNovember 9, 2021 at 4:29 PM
The COSO (Committee of Sponsoring Organization) defines Internal Control as a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to operations, reporting and compliance. Indeed, reliable internal control is necessary to attain corporate goals in which it enhances the accuracy of both internal and external reports, maintains the operation’s efficiency and effectiveness, and ensures compliance with legal and administrative regulations. As we progresses, the proliferation of vulnerabilities, risks, stakeholders, and activities in today’s business landscape has necessitated the implementation of an internal control framework. Internal control frameworks, as described by Murdock (2017), are structures that organize, categorize, and sometimes prioritize an organization’s internal controls, making it easier to manage diverging dynamics and evaluate results more systematically, resulting in a more efficient and effective internal control. Internal control processes are designed with the framework as a baseline, which is critical in the design, implementation, and evaluation of internal control. As a result, the company is better able to implement control procedures that develop and maintain value while also mitigating risks.
To further discuss, firms can develop a variety of control frameworks, which can be used for general or specific purposes. One of the most widely known is COSO (Committee of Sponsoring Organizations) internal framework. It was created and designed to provide thought leadership through the development of comprehensive frameworks and guidance on internal control, fraud prevention and business risk management. Additionally, the COSO Framework features five components that support the achievement of the goals and objectives of the company, these are Control Environment, Risk Assessments, Control Activity, Information and Communication, and Monitoring Activity. I regard this as the best and most effective internal control framework as it provides a significant effect in the performance of the business as it is designed to reduce the risk of asset loss, provide reliable financial reporting for management decisions and lastly, it safeguard the company’s reputation by ensuring compliance with applicable laws and regulations to avoid the risk of public scandals. By formally adopting the COSO framework for internal controls, the organization can convey to its regulators, employees, volunteers, investors, contributors, and others that it is dedicated to and focused on good governance and accountability. More importantly, the COSO internal control framework could help investors or contributors have confidence in other facets of the firm, such as sustainability reporting – which is critical to better inform investors and other stakeholders as to the value creation capacity and capability of the organization.
REFERENCES:
Murdock, H. (2017). Operational Auditing: Principles and Techniques for a Changing World. CRC Press Taylor & Francis Group.
Audit Board (2021, March 03). Auditing with COSO, COBIT, and ISO Control Framework. Retrieved 08 November 2021 05:46 pm from https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/

SABANGAN, REMELYN T.
2019-101964
CBET 01-503A
ReplyDelete
Replies
Sangol, Learein J.November 9, 2021 at 4:49 PM
Internal control is a dynamic and integrated process and it is applicable to all entities, including large, mid-sized, and small businesses, as well as for-profit and non-profit organizations and government institutions. Business and operating environments have changed substantially in the twenty years since the original framework was created, becoming increasingly complex, technologically driven, and global. Simultaneously, stakeholders are becoming more involved, demand greater openness and accountability for the integrity of internal control systems that underpin business decisions and the organization’s governance. And for that reasons, I believe that COSO Framework is the most effective framework for the overall operations of the organization.

Without being excessively prescriptive, the COSO Framework assists management, boards of directors, external stakeholders, and others interacting with the entity in their various tasks related to internal control by providing insight into what defines an effective internal control system as well as a grasp of what constitutes a system of internal control.

Framework provides the management and board of directors a means to identify and analyze risks, to develop and manage appropriate responses to risks within acceptable levels and with a greater focus on anti-fraud measures, an opportunity to expand the application of internal control beyond financial reporting to other forms of reporting, operations, and compliance objectives and an opportunity to eliminate ineffective, redundant, or inefficient controls that provide minimal value in reducing risks to the achievement of the entity’s objectives. On the other hand, for external stakeholders, COSO provides them the great confidence that all objectives and internal control system implemented by the management will be achieved.

Ultimately, COSO Framework will help companies to create and manage internal control systems that will increase the likelihood of attaining the entity’s objectives and adapt to emerging changes in the business and operating environments in an effective and efficient manner.

Reference :

Internal Control – Integrated Framework. (2013). Committee of Sponsoring Organizations of the Treadway Commission (COSO).https://na.theiia.org/standardsguidance/topics/documents/executive_summary.pdf

SANGOL, LEAREIN J.
2019-106977

ReplyDelete
Replies
UnknownNovember 9, 2021 at 5:38 PM
Internal control frameworks are systems implemented for organizing, categorizing, and sometimes prioritizing an organization’s internal controls, which are systems executed to build business value and mitigate risk (Murdock, 2017). The best internal control framework is the COSO Internal Control Framework, which among the other types, encompasses the best and appropriate elements vital for achieving an entity’s objectives. It includes control environment, risk assessment, control activities, information and communication, and monitoring control. The control environment is the values of the organization which affect the overall conduct of its people. A risk assessment, which is one of the most vital elements in assuring the attainment of the objective, will allow the organization to mitigate the risk involved or circulating the entity. Control activities set the overall conduct of the organization through the implementation of policies and procedures, which assure the proper and effective operation of the entity. Information and communication ensure the circulation of information throughout the organization that is vital in performing the control activities. Monitoring activities are the evaluation of the entire process that allows for the recognition of loopholes in their operation, which will enable them to make the necessary adjustment or corrective action. Hence, there is no doubt why COSO Internal Control Framework is the most commonly used internal control framework, as it is more compatible with the primary objective of organizations, which is to succeed in attaining their goal.

Reference
Murdock, H. (2017). Operational Auditing: Principles and Techniques for a Changing World.

Dizon, Jake C. (2019-106975)
ReplyDelete
Replies
John Patrick Abraham A. BentulanNovember 9, 2021 at 5:43 PM
WHAT IS THE BEST INTERNAL CONTROL (IC) FRAMEWORK AND WHY IS IT THE MOST EFFECTIVE FOR YOU AND TO AN ORGANIZATION?

Upon my research on the following internal control frameworks, Criteria of Control (CoCo) framework is, for me, the best one yet. Personally, CoCo is very textbook; hence, it is easy to understand and apply. In an information paper released by the International Federation of Accountants (IFAC) in August 2006, CoCo defines control as comprising “those elements of an organization that, taken together, support people in the achievement of the organization’s objectives. I highly liked the concept of CoCo as it put the emphasis on its employees or manpower first rather than anything else. In this way, the organization has strong foundations through the prioritization of its employees.

CoCo outlines 20 control criteria which can be used by the management to supervise the performance and the decision-making of such (Study.com, n.d.). In addition to this, it gives a lot of breathing room of what may be done by the management for it to boost its operations through the framework. The principles of the CoCo framework are organized as follows: purpose, commitment, capability, action, and monitoring. Since the principles are self-explanatory, the management would not have a hard time applying this framework to their very own organization. Lastly, I would give an emphasis on the monitoring principle of the framework. As stated by Jacobson (2021, monitoring includes the internal and external environments, performance, challenging assumptions, and the like. Hence, in this framework, monitoring the performance after the execution of the plans is vital as this would verify if the plans in the beginning are appropriate for the goals of the company.

REFERENCES:

International Federation of Accountants. (August 2006). Internal Controls – A review of Current Developments. Retrieved on November 9, 2021 from https://www.ifac.org/system/files/publications/files/internal-controls-a-revie.pdf

Jaconson, A. (February 15, 2021). Control Framework CoCo. Retrieved on November 10, 2021 from https://www.ajjacobson.us/internal-control/control-framework-coco.html

Study.com. (n.d.). CoCo Internal control framework: definition & key concepts. Retrieved on November 10, 2021 from https://study.com/academy/lesson/coco-internal-control-framework-definition-key-concepts.html

BENTULAN, JOHN PATRICK ABRAHAM A. (2019-106909)
CBET-01-502A
ReplyDelete
Replies
Darlene PalacioNovember 9, 2021 at 6:10 PM
For me, among the internal control frameworks that are present in the discussion, COSO Framework is the most functional and effective. According to COSO.org, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) was created and designed to provide thought leadership through the development of comprehensive frameworks and guidance on internal control, fraud prevention and enterprise risk management. Its goal is to enhance and improve organizational performance and oversight, as well as reducing the extent of the risk of fraud. The COSO framework divides internal control objectives into three categories: operations, reporting and compliance.

a) Operations objectives, such as performance goals and securing the organization’s assets against fraud, focus on the effectiveness and efficiency of your business operations.
b) Reporting objectives, including both internal and external financial reporting as well as non-financial reporting, relate to transparency, timeliness and reliability of the organization’s reporting habits.
c) Compliance objectives are internal control goals based around adhering to laws and regulations that the organization must comply with.

The five COSO components of internal control represent the five objectives of an acceptable internal control system: control environment, risk assessment, control activities, information and communication, and monitoring activities. Garcia (2020), further elaborated that although the COSO internal control framework isn’t a legal requirement, it is considered best practice and therefore adopted by the majority of companies in the United States (Garcia, 2020).

By formally adopting the COSO framework for internal controls, the organization conveys to regulators, employees, volunteers, investors, donors and others that it is committed and focused on good governance and accountability. Furthermore, the COSO internal control system may assist in assuring investors or contributors about other parts of your firm, such as sustainability reporting. (BakerTilly, 2019). A well operating internal control process provides users with reasonable certainty that a company's financial statements are accurate and that they can be relied on to make sound decisions.

References

BakerTilly. (2019, October 22). The COSO internal control framework and your company's internal control processes. Retrieved from bakertilly.com: https://www.bakertilly.com/insights/the-coso-internal-control-framework-and-your-companys

Committee of Sponsoring Organizations of the Treadway Commission. (2021). Welcome to COSO. Retrieved from Coso.org: https://www.coso.org/Pages/default.aspx

Garcia, T. (2020, July 2). What is an Internal Control Framework? Retrieved from reciprocity.com: https://reciprocity.com/resources/what-is-an-internal-control-framework/

-PALACIO, Darlene L. (2019-103509)
CBET 01-503A
ReplyDelete
Replies
AnonymousNovember 9, 2021 at 6:49 PM
As per my perspective, the best internal control framework is the COSO Internal Control Framework because it is clearly aims to aid the organization to achieve essential goals and improving performance. Also, the COSO Framework assists those firms in developing internal control systems that adapt to changing business and operating environments, reduce risks to acceptable levels, and promote good decision making and governance. In addition, the framework designed by the Committee of Sponsoring Organizations (COSO) for reviewing internal controls has become the commonly accepted framework for internal control, and it is widely accepted as the benchmark by which organizations evaluate the effectiveness of their internal control systems. Internal control, according to the COSO model, is "a practice carried out by an entity's board of directors, management, and other personnel to offer reasonable assurance of the achievement of objectives." The COSO Framework consists of 5 components that aims to achieve the organization’s mission on an effective internal control and those components are Control environment, Risk assessment, Control activities, Information, and communication, and monitoring wherein, all of those may contribute to systematically recognizing, analyzing, and managing important risks across all organizational operations. In conclusion, those mentioned above is the reason why I choose COSO as the most effective internal control framework.

References:
Auditboard. (2021). Auditing with COSO, COBIT, and ISO Control Frameworks. https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/
Internal Control - Integrated Framework. (2013). Committee of Sponsoring Organizations of the Treadway Commission (COSO). https://na.theiia.org/standards-guidance/topics/documents/executive_summary.pdf

RETONE, RENCE LOUIESE E. (2019-105248)

ReplyDelete
Replies
Charlotte GestaNovember 9, 2021 at 7:11 PM
According to COSO (2013), Internal control is a process effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding achieving objectives relating to operations, reporting, and compliance. Organizations use internal control frameworks to achieve essential goals and sustain and improve performance. There are numerous internal control frameworks that organizations may use, such as COSO Framework, COCO Framework, COBIT Framework, GTAG Framework, ISO Framework, ITIL Framework, and CMMI Framework. Among these available internal control frameworks, I consider the COSO Framework the best and most effective internal control framework.

The COSO framework is widely acknowledged as a leading framework for planning, implementing, and performing internal control and measuring internal control efficacy. It enables organizations to effectively and efficiently develop systems of internal control that adapt to changing business and operating environments, mitigate risks to acceptable levels, and support sound decision-making and governance of the organization (COSO, 2013). Furthermore, COSO has five components broken into 17 principles. The five components of the COSO Framework are control environment, risk assessment, control activities, information and communication, and monitoring activities. These components and principles give the managers thorough direction when establishing or mapping internal controls for audit risk assessments and management. Furthermore, the five components operate together in an integrated manner and collectively reduce, to an acceptable level, the risk of not achieving an objective. The Framework sets forth the requirements for an effective system of internal control (COSO, 2013).

Different organizations have used COSO Framework since its creation in 1992; thus, its effectiveness has been proven throughout the years. Through the five components and its principles, the COSO Framework can achieve internal control that helps the entities achieve its objectives, assess and mitigate risks, enhance operation, and improve the overall efficiency of the organization’s performance.
References:
Committee of Sponsoring Organizations of the Treadway Commission (COSO). (2013). Internal Control - Integrated Framework. Retrieved November 8, 2021 https://na.theiia.org/standards-guidance/topics/documents/executive_summary.pdf

Audit Board. (2021, March 3). Auditing with COSO, COBIT, and ISO Control Frameworks. https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/

GESTA, CHARLOTTE G. (2019-100594)
ReplyDelete
Replies
AnonymousNovember 9, 2021 at 7:30 PM
WHAT IS THE BEST INTERNAL CONTROL (IC) FRAMEWORK, AND WHY IS IT THE MOST EFFECTIVE FOR YOU AND TO AN ORGANIZATION?

Internal controls are the activities and procedures that an organization implements to maintain its integrity, minimize business risks, and play a vital role in corporate governance. It will be easier for an organization to manage its different procedures and measures in internal control by utilizing a specific framework. According to Auditboard (2021), an internal control framework is a structured model that classifies and categorizes presumed controls or control issues.

Murdock (2017) stated that there are several control frameworks that are usually voluntarily implemented to improve performance. One of the most known internal control frameworks in the business world is the COSO's Internal Control-Integrated Framework (ICIF). Also, there is a subset of internal controls related to information technology. IT control frameworks include Control Objectives for Information and Related Technology (COBIT), The International Organization for Standardization (ISO) 17799, and The Information Technology Infrastructure Library (ITIL). And, when it comes to project management, assessment, and performance improvement, Capability Maturity Model Integration is widely used (p. 101).

Out of all internal control frameworks, in my view, COSO is the most reliable and effective for an organization. The overall goal of the COSO framework is to enhance organizational performance and monitoring and reduce the risk of fraud. It can help a business improve the quality of every policy, process, and report through its internal control activities (risk assessment, information communication, monitoring, etc.). In addition, by using this, a business will have larger cost-saving because it allows the organization to design processes, establish more effective internal controls, and manage compliance costs.

Auditboard. (2021, March 03). Auditing with COSO, COBIT, and ISO Control Frameworks. https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/

Murdock, H. (2017). Operational Auditing:
Principles and Techniques for a Changing World. CRC Press Taylor & Francis Group

FRANDIAN A. BLANCO, 2019-103951
ReplyDelete
Replies
Fritz Reizen LopezNovember 9, 2021 at 8:25 PM
The best internal control framework and the most effective for me and to an organization is the Committee of Sponsoring Organization (COSO) Framework. Every businesses have a risks that need to be taken care of by internal management to ensures that business will run smoothly. Assessing ang controlling will narrow down the risks that will be taken with only an acceptable tolerance.

According to Garcia (2019), the COSO (Committee of Sponsoring Organization) Framework is a framework for designing, implementing and evaluating internal control for organizations, providing enterprise risk management. The goal was to create a framework for providing guidance on internal control, allowing organizations to establish controls. Included also here the five core principal of this framework so that it could identify and handle these incoming risks, this would be: risk assessment, control activities, information and communication, control environment, and monitoring activities.

Internal control is considered as a shield of a business to any danger. In which, it led to continuity of a business and helps providing an accurate financial information in effect. I see Committee of Sponsoring Organization (COSO) Framework in a way that it is different and better than the other framework because this framework values the link of an objective, risks, and control in an organization. This is the reason why it is the most widely known for. Lastly, it not all about the internal control, but also it focuses on the corporate responsibility and ethical governance. Making sure that business is not just a business, but it has purpose to people surrounds it, internally or externally.

Garcia, T. (2019). Please Wait. . . | Cloudflare. What Is COSO. Retrieved November 10, 2021, from https://reciprocity.com/resources/what-is-the-coso-framework/

LOPEZ, FRITZ REIZEN V.
2019-103689
ReplyDelete
Replies
Jan Lorraine RogelioNovember 9, 2021 at 8:27 PM
This comment has been removed by the author.
ReplyDelete
Replies
Jan Lorraine RogelioNovember 9, 2021 at 8:31 PM
“Internal control” is the control exercised within the business by management and overseen by the board. It also includes the control of activities that have been outsourced (Chambers and Rand, 2010). Internal controls are procedures that assist a company stay secure and achieve its goals. They help to reduce risks and safeguard assets, as well as maintain record accuracy, increase operational efficiency, and promote compliance with company policies, rules, regulations, and laws (Audit Board, 2018). A successful internal control consists two things, control and compliance. Control being a part of the process in achieving company’s objectives and compliance as the execution of those processes. Internal controls help the organization achieve its objectives through effective and efficient operations that are in compliance with the regulations. Meanwhile, internal control framework is a structured guide that organizes and categorizes expected controls or control topics (Audit Board, 2021). Organizations are required to implement internal controls under Section 404 of the SOX legislation to ensure accurate financial reporting. SOX controls, also known as SOX 404 controls, are regulations that help a company's financial reporting process prevent and detect errors. Internal controls are used to avoid or detect problems in organizational processes, ensuring that the organization meets its objectives (Sorenson, 2021).

There are three internal control frameworks that fits the SOX requirements namely, COSO, CoCo, and Turnbull. The most effective one to use is the COSO Framework because not just it is the widely used framework but also because COSO is a committee composed of the different representatives of organizations that establish guidelines that helps organizations in risk assessment, fraud prevention, and internal control. It is the most frequently use internal control framework to run an efficient and effective financial statement control environment. Through the five components of the COSO, the control environment, risk assessment, control activities, information and communication, and monitoring, users can have "reasonable assurance" that a company's financial statements are accurate and that they can depend on them to make informed decisions.

References:
AuditBoard. (2021, March 3). Auditing with COBIT, COSO, and ISO control frameworks. Audit, Compliance, & Risk Management Software | AuditBoard. https://www.auditboard.com/blog/auditing-control-frameworks-COBIT-COSO-ISO/#:~:text=An%20internal%20control%20framework%20is,expected%20controls%20or%20control%20topics.&text=When%20an%20organization%20uses%20a,the%20framework%20as%20a%20baseline
AuditBoard. (n.d.). 7 reasons to maintain your internal controls compliance program. GRC Software: Audit, Compliance & Risk Software | AuditBoard. https://www.auditboard.com/blog/7-reasons-to-maintain-your-internal-controls-compliance-program/
Sorenson, N. (2021, June 28). Internal controls for SOX compliance: A practical guide. Pathlock. https://pathlock.com/learn/internal-controls-for-sox-compliance-a-practical-guide/

Rogelio, Jan Lorraine M.
2019-105301
ReplyDelete
Replies
UnknownNovember 9, 2021 at 8:37 PM
Committee of Sponsoring Organizations of the Treadway Commission, a private sector, issued the Internal Control—Integrated Framework in 1992, revised and reissued in 2013, and was finally effective from December 2014 whose goal was to improve the quality of financial reporting through focusing on corporate governance, ethical practices, and internal control (Murdock, 2017). This internal control framework is composed of five components such as Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring activities; and emphasizes the importance of management judgment in designing, implementing, and conducting internal control, and in assessing the effectiveness of a system of internal control.

This is the best framework as it has broad scope including financial, non-financial, internal reporting, and an executive summary that provides overview intended for the board of directors, chief executive officer, and other senior management. Every employee, regardless of position, should be familar with this as it helps them understand all the benefits of tightening their internal controls.

The tool doesn't work if the the workers, managers, and executives won't use it. By proper execution of this framework, lot of risks can be prevented such as unethical values, management's incompetency, fraudulent acts, distorted policies and regulations, irrelevant information in financial reports, and communication deficiencies in an organization.

References:

Murdock, H. (2017). Operational Auditing: Principles and Techniques for a Changing World. CRC Press Taylor & Francis Group. pp 101-102.

-BATALLER, ERICA ANN R. (2019-103327)
ReplyDelete
Replies

Add comment

GLIMPSE OF A CPA'S MIND

Search This Blog