Welcome to COSO

December 17, 2019

New COSO Guidance Addresses How Companies Can Use ERM Framework to Assess Cyber Risks

Even as companies become more digital savvy, they continue to confront new and emerging data risks that pressure financial and reputational vulnerabilities. To help address these challenges, the Committee of Sponsoring Organizations of the Treadway Commission (COSO), in collaboration with Deloitte Risk & Financial Advisory, is releasing new guidance, “Managing Cyber Risk in a Digital Age.” 

Written to boards of directors, audit committee members, executive management, and cyber practitioners, the new guidance addresses how companies can apply COSO’s Enterprise Risk Management–Integrating with Strategy and Performance (ERM Framework), one of the most widely recognized and applied risk management frameworks in the world, to protect against cyberattacks. The guidance provides insight into how organizations can leverage the five components and 20 principles of the ERM Framework to identify and manage cyber risks. 

News Release

Managing Cyber Risk in a Digital Age

October 30, 2019

Collaborative Work on ERM-ESG Alignment Earns UN ISAR Honors Promoting Sustainability

The United Nations Conference on Trade and Development (UNCTAD) honored the Committee of the Sponsoring Organizations of the Treadway Commission (COSO), of which The Institute of Internal Auditors (IIA) is a sponsoring organization, the World Business Council for Sustainable Development (WBCSD), and EY for their collaborative work on integrating environmental, social and governance (ESG) aspects into companies’ mainstream enterprise risk management practices. The recognition is for development of the Applying Enterprise Risk Management to Environmental, Social and Governance-related Risks guidance and ESG-risk workshops. The guidance was a collaboration between COSO and WBCSD with support from EY through funding from the Gordon and Betty Moore Foundation.

News Release

February 20, 2019

COSO Issues Guidance for Healthcare Providers

Amid heightened scrutiny and ever-increasing complexities in operations and regulation, healthcare organizations face unique challenges related to the design and operation of internal controls. In response, the Committee of Sponsoring Organizations of the Treadway Commission (COSO), in collaboration with Crowe LLP and CommonSpirit Health, has published new guidance: “2013 COSO Integrated Framework: An Implementation Guide for the Healthcare Provider Industry.” Healthcare organizations experience issues with system access and integrity, clinical documentation, coding, and billing, all of which may result in potential noncompliance with federal and state regulations – and costly mistakes. The guide introduces healthcare organizations to COSO’s widely used “Internal Control – Integrated Framework,” and provides a roadmap to implementation to help strengthen their overall governance and internal control structures. The Framework is recognized as the leading guidance for designing, implementing, and conducting internal control and assessing its effectiveness.

News Release

Implementation Guide for the Healthcare Provider Industry (2019)

October 23, 2​018

COSO Announces Guidance Addressing Environmental, Social and Governance-related Risks

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the World Business Council for Sustainable Development (WBCSD) released today the final version of “Guidance for Applying Enterprise Risk Management (ERM) to Environmental, Social and Governance (ESG)-related Risks.” This guidance, which aligns with COSO’s widely accepted Enterprise Risk Management — Integrating with Strategy and Performance, is intended to bring ESG risks and opportunities into a clearer focus for mainstream business and other organizations around the world. It is designed to enhance organizations’ resiliency as they confront the increasing prevalence and severity of ESG-related risks, ranging from extreme weather events to product safety recalls.

News Release​​​

Executive Sum​mary

Guida​nce

June 11, 2​018

COSO Releases ERM Compendium of Examples

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) today announced the release of an important supplement to Enterprise Risk Management – Integrating with Strategy and Performance, with detailed examples for applying principles from the updated ERM Framework to day-to-day practices.

Authored by PwC under the direction of the COSO Board, the new Compendium of Examples recognizes the connection between concepts and applications of ERM. Each illustration in the compendium was developed from industry practices identified through extensive research, including interviews and case studies.

News Release​​

COSO Enterprise Risk Management - Integrating with Strategy and Performance: Compendium of Examples​​

​May 24, 2018

COSO Sponsors Launch ERM Certificate Program

COSO announces the COSO Enterprise Risk Management Certificate. The program offers strategy, finance, accounting, auditing, risk management and other business professionals the opportunity to earn a certificate in the COSO ERM Framework.

The COSO ERM Certificate is geared toward professionals who play a risk management role in entities of any size, consultants who provide advisory services related to enterprise risk management, and board members who provide oversight of enterprise risk management.

The course is offered only through COSO’s five sponsoring organizations: American Accounting Association (AAA), American Institute of Certified Public Accountants (AICPA), Financial Executives International (FEI), IMA (Institute of Management Accountants), and The Institute of Internal Auditors (IIA).

News Release​​
COSO Enterprise Risk ​Management Certificate Program​​

​​​Feb. 7, 2018

COSO, WBCSD Release New Draft Guidance on Environmental, Social and Governance-related Risks

COSO and the World Business Council for Sustainable Development (WBCSD) released at GreenBiz 2018 a draft Guidance for applying Enterprise Risk Management (ERM) to Environmental, Social and Governance (ESG)-related risks. The supplemental draft Guidance is designed to help organizations worldwide respond to the increasing prevalence and severity of ESG-related risks, ranging from extreme weather events to product safety recalls. COSO and WBCSD are seeking public comment on the draft Gu​idance and the previously released Executive Summary through June 30, 2018. Comment letters may be provided to risk@wbcsd.org​. A consultation survey also will be available soon through the COSO website.

News Release​
Preliminary Draft Guidance
Preliminary​ Draft Guidance (printable)
Draft Executive Summary
Draft Executive Summary (printable)​

​

Feb. 1, 2018

COSO Appoints Leading Audit and Risk Management Executive Paul Sobel as Chairman

COSO has named Paul Sobel, Vice President and Chief Audit Executive at Georgia-Pacific LLC, as its new Chairman. His appointment to a three-year term is effective Feb. 1. Sobel, CIA, QIAL, CRMA, is recognized as a leading expert on governance, enterprise risk management, compliance, and internal control. He was selected as Chairman because of his extensive background along with his experience in corporate environments and professional service firms. Sobel succeeds Robert B. Hirth Jr., who served as COSO chairman since 2013.

News Release
Bio​​

Jan. 23, 2018

COSO, WBCSD Release Draft on Environmental, Social and Governance-related Risks

COSO partners with the World Business Council for Sustainable Development (WBCSD) in releasing a draft executive summary about new, cutting-edge guidance, "Applying Enterprise Risk Management to Environmental, Social and Governance-related Risks." The guidance will help organizations worldwide respond to the increasing prevalence and severity of ESG-related risks, ranging from extreme weather events to product safety recalls. Details of a public comment period on the draft executive summary and on a draft of the full application guidance will be available in the coming weeks.

News Rel​ease
Executive Summary
Executive Summary (printable)​

​

Sept. 20, 2017

COSO Seeks New Board Chair​

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is seeking applications for the position of Board Chair. The Chair is responsible for leading COSO in fulfilling its mission of providing thought leadership dealing with enterprise risk management, internal control and fraud deterrence. Candidates may submit​ a letter of interest along with a current resume of qualifications by the position application close date of Oct. 27, 2017.

News Release​​

Sept. 6, 2017

COSO Issues I​mportant Update to ERM Framework

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) released its highly anticipated ERM Framework: Enterprise Risk Management —​ Integrating with Strategy and Performance. This new document builds on its predecessor, Enterprise Risk Management — Integrated Framework, one of the most widely recognized and applied risk management frameworks in the world. The updated edition is designed to help organizations create, preserve, and realize value while improving their approach to managing risk.

News Release​​

April 7, 2017

COSO and WBCSD Sign Memorandum of Understanding

Recognizing the benefits of mutual cooperation to their respective members and for business in general, The Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the World Business Council for Sustainable Development (WBCSD) recently completed a Memorandum of Understanding (MoU) aimed at working together to help businesses identify and prioritize issues related to sustainability and enterprise risk management.​​

News Relea​se​

COSO Internal Control Certificate Program Expands to On-Demand Access

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) announces launch of a self-study, on-demand learning program toward earning the COSO Internal Control Certificate. The program is being offered by The Institute of Internal Auditors (IIA) and the American Institute of CPAs (AICPA). The Institute of Management Accountants (IMA) plans to offer the course in January. The on-demand learning program is geared to internal auditors, accountants, and other financial professionals, allowing candidates to demonstrate expertise in designing, implementing, and monitoring a system of internal control using COSO’s updated 2013 Internal Control — Integrated Framework.​​

News Relea​se​

​​September​ 29, 2016

​COSO Releases Fraud Risk Management Guide

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) announces the release of the Fraud Risk Management Guide, a new research report that offers a blueprint for helping organizations to establish an overall fraud risk-management program. The Association of Certified Fraud Examiners (ACFE) is a co-sponsor of the project.

News ​Release
Executive Summary

Purchase t​he Guide​

June 14, ​2016

ERM Framework ​​Update Exposure Period Now Open

​The Committee of Spon​​soring Organizations of the Treadway Commission (COSO) has unveiled an update to its Enterprise Risk Management — Integrated Framework and is seeking public comment of the proposal, from June 15 through Sept. 30. The update, Enterprise Risk Management — Aligning Risk wi​th Strategy and Performance, is designed to address the needs of all organizations to improve their approach to managing new and existing risks as a way to help create, preserve, sustain, and realize value.

News R​elease​

December 16, 2​​015

COSO Sponsors Offer New COSO Internal Control Certificate

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) today announced an Internal Control Certificate Program that offers financial professionals, including internal auditors and CPAs, the opportunity to earn a professional certificate in the 2013 COSO Internal Control — Integrated Framework.

The program is a combination of self-paced learning and a hands-on workshop, followed by an online examination. Upon successful completion of all three components, candidates will receive an official COSO certificate that demonstrates their ability to design and implement an effective system of internal control utilizing the COSO Internal Control — Integrated Framework.

News Release
Course Lo​cations and Dates

February 9, 2015

COSO Names Advisory Group for Enterprise Risk Management —​ Integrated Framework Update

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) announced the appointed group of advisors and observers for the project to review and update the 2004 Enterprise Risk Management — Integrated Framework (Framework). The group is made up of representatives from leading professional service, technological, legal, academic and public organizations.

News Release
Advisory Board Members

January 6, 2015

COSO Expands Global Reach

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) today announced its 2013 Internal Control — Integrated Framework has been translated into Russian. The Framework is now available in eight languages.

News Release

October 21, 2014

COSO Announces Project to Update Enterprise Risk Management —​ Integrated Framework

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) today announced a project to review and update the 2004 Enterprise Risk Management — Integrated Framework (Framework). The Framework, originally published in 2004, is a widely accepted framework used by management to enhance an organization’s ability to manage uncertainty and to consider how much risk to accept as it strives to increase stakeholder value.

Lea​rn More

June 25, 2013

Managing Sustainability Risks the Focus of COSO’s Latest Thought Leadership

In response to today’s highly competitive markets and the growing number of organizations integrating sustainability into their business operations, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and Ernst & Young LLP (EY) have published a new thought paper titled Demystifying Sustainability Risk: Integrating the Triple Bottom Line into an Enterprise Risk Management Program. The thought paper leverages COSO’s Enterprise Risk Management — Integrated Framework to offer insight on how organizations can develop interrelated strategies and objectives across the enterprise that create a strong context for risk consideration, and references.

News Release
Thought Paper

June 3, 2013

Leading Risk Management and Internal Control Professional Robert Hirth Named New Chairman of COSO

COSO has named Robert B. Hirth Jr. as its new Chairman for a three-year term effective today. A prolific thought leader, renowned risk management and internal control professional, Hirth was selected for this position after a four-month extensive search. Hirth succeeds David L. Landsittel, CPA, who has served as COSO chairman since 2009.

News ​Release
Bob Hirth Bio

User Disclaimer

​This website contains general information only, and none of COSO, any of its constituent organizations or any of the authors of the contents provided herein is rendering accounting, business, financial, investment, legal, tax or other professional advice or services in connection with such content. Information contained herein is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Views, opinions or interpretations expressed herein may differ from those of relevant regulators, self-regulatory organizations or other authorities and may reflect laws, regulations or practices that are subject to change over time.

Evaluation of the information contained herein is the sole responsibility of the user. Before making any decision or taking any action that may affect your business with respect to materials provided on this website, you should consult with relevant qualified professional advisors. COSO, its constituent organizations and the authors expressly disclaim any liability for any error, omission or inaccuracy contained herein, any content linked to this website or any loss sustained by any person who relies on materials provided in or linked to this website.