COSO Internal Control

Integrated Framework Principles

2013, Committee of Sponsoring Organizations of the

Treadway Commission (COSO). Used by permission.

Control Environment Monitoring

Activities
1 The organization
demonstrates a
16 The organization
commitment to selects, develops,
integrity and ethical and performs
values. ongoing and/or
Risk Assessment Information & separate evaluations
2 The board of directors Communication to ascertain whether
demonstrates 6 The organization the components
independence from species objectives of internal control
13 The organization
management and with sufcient clarity Control Activities obtains or generates are present
exercises oversight of to enable the and uses relevant, and functioning.
the development and identication and 10 The organization quality information
performance of internal assessment of risks selects and develops
relating to objectives.
to support the 17 The organization
control. control activities that functioning of internal evaluates and
contribute to the control. communicates
3 Management 7 The organization mitigation of risks to internal control
establishes, with board identies risks to the the achievement of deciencies
oversight, structures, achievement of its objectives to
14 The organization
internally communicates in a timely manner
reporting lines, and objectives across the acceptable levels. information, including to those parties
appropriate authorities entity and analyzes objectives and responsible for
and responsibilities risks as a basis for
11 The organization responsibilities for taking corrective
in the pursuit of determining how selects and develops internal control, action, including
objectives. the risks should be general control necessary to support senior management
managed. activities over the functioning of and the board
4 The organization technology internal control. of directors, as
demonstrates a 8 The organization to support the appropriate.
commitment to attract, considers the potential achievement of
develop, and retain for fraud in assessing objectives.
15 The organization
communicates with
competent individuals risks to the external parties
in alignment with achievement of 12 The organization regarding matters
objectives. objectives. deploys control affecting the
activities through functioning of
5 The organization holds 9 The organization policies that establish internal control.
individuals identies and assesses what is expected
accountable for their changes that could and procedures
internal control signicantly affect that put policies For more information
responsibilities in the the system of into action. COSO

about COSO,
pursuit of objectives. internal control.
visit coso.org.