COSO’s goal is to provide thought leadership dealing with three interrelated subjects: Enterprise Risk Management (ERM), Internal Control, and Fraud Deterrence.

​

Regarding ERM, in 2004, COSO issued Enterprise Risk Management — Integrated Framework. This framework was updated with the release in 2017 of “Enterprise Risk Management–Integrating with Strategy and Performance,” which highlights the importance of considering risk in both the strategy-setting process and in driving performance. COSO has also published several thought papers beginning in 2009 relating to ERM.

​

Regarding Internal Control, in 1992, COSO published Internal Control — Integrated Framework. This framework was revised and reissued in May 2013. Effective December 15, 2014, the 1992 framework is superseded and no longer available. In 1996, COSO issued Internal Control Issues in Derivatives Usage. In 2006, COSO published Internal Control over Financial Reporting — Guidance for Smaller Public Companies, followed by Guidance on Monitoring Internal Control Systems, published in 2009. Effective December 15, 2014, the 2006 smaller public company guidance is also superseded and no longer available.

​

Finally, in the area of Fraud Deterrence, COSO has published two research studies. The first study released in 1999 was titled Fraudulent Financial Reporting: 1987-1997. A continuation study called Fraudulent Financial Reporting: 1998-2007 was released in 2010.