Search Results

Guidance Fraud Deterrence The Fraud Risk Management Guide, originally published in 2016, was intended to be supportive of and consistent with the COSO 2013 IC Framework and to serve as guidance for organizations to follow in addressing this specific fraud risk assessment principle. The Guide’s executive summary provides a high-level overview intended for the board of directors, senior management, and chief audit executives. It is designed to explain the benefits of establishing strong anti-fraud policies and controls. On the 2nd of May, 2023, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the Association of Certified Fraud Examiners (ACFE) announced the release of the Fraud Risk Management Guide: Second Edition, a new publication that offers a blueprint for helping organizations establish an overall Fraud Risk Management Program. Executive Summary 2016 The Fraud Risk Management Guide: 2nd Edition It offers a blueprint for helping organizations establish an overall Fraud Risk Management Program. An update to the original version released in 2016, the 2nd Edition addresses more recent anti-fraud developments, revises terminology, and adds important information related to technology developments - specifically data analytics. It is intended to give organizations of all sizes across all industries the information necessary to design a plan specific to the risks for that entity. There is no “one size fits all approach” to managing fraud risk. But with the right approach, an organization can create a custom-fitted program tailored to its specific needs. Press Release Executive Summary 2023 This publication may be purchased from the following organizations: Purchase Purchase Purchase Leading practices for anti-fraud professionals and organizations intent on deterring fraud NEW YORK, May 2, 2023 – The Committee of Sponsoring Organizations of the Treadway Commission (COSO) and the Association of Certified Fraud Examiners (ACFE) announced today the release of the Fraud Risk Management Guide: Second Edition, a new publication that offers a blueprint for helping organizations establish an overall Fraud Risk Management Program. The Guide updates the first edition of the Fraud Risk Management Guide published in 2016. It also draws from a 2008 publication published and sponsored by the American Institute of CPAs (AICPA), Institute of Internal Auditors (IIA), and the ACFE. Updates reflect recent anti-fraud developments, revise terminology, and add important information related to technology developments - specifically data analytics. Since its inception, COSO has provided landmark thought leadership on internal control, enterprise risk management, and fraud deterrence. This Guide will be familiar to COSO Framework users - - it contains principles and points of focus, aligned with the internal control framework and principles outlined in COSO’s 2013 Internal Control – Integrated Framework (2013 ICIF). “The 2016 Fraud Risk Management Guide became recognized as containing a widely accepted set of leading practices for anti-fraud professionals and organizations intent on deterring fraud,” said Paul Sobel, past COSO Chair who oversaw this project. “Fraud is not static. Accordingly, COSO and the ACFE initiated an update process that included reaching out to a broad range of users for recommendations on where the Guide can be improved, and assembled a team to take a refreshed look at the Guide and assess how and where it should be updated.” Media Contacts Cecile Fradkin S&C Public Relations Inc. (646) 941-9139 Email Christopher Almonte The Institute of Internal Auditors (407) 937-1349 Email Stefanie Hallgren The Association of Certified Fraud Examiners (512) 276-8167 Email Key updates in the Second Edition includes: Fraud risk management and deterrence - Explains how fraud risk management relates to and supports fraud deterrence — a key theme in COSO’s mission. Relationships among COSO’s two frameworks and fraud risk management - Explains how the COSO 2013 Internal Control — Integrated Framework, the COSO 2017 Enterprise Risk Management — Integrating with Strategy and Performance Framework and the Fraud Risk Management Guide are related and support each other. Expanded information on data analytics - Includes expanded and updated information on data analytics, while continuing to emphasize the importance of interviewing and whistleblower systems. Internal control and fraud risk management - Explains how internal control and fraud risk management are related and support each other but are different in some important respects. Changes in the legal and regulatory environment - Includes updated information with respect to recent legal and regulatory developments in the U.S. pertaining to fraud and fraud risk management. “It is impossible to eliminate all fraud in all organizations. However, effective leaders address fraud risk as they do any risk — they manage it,” said ACFE President and CEO Bruce Dorris, “The Fraud Risk Management Guide gives organizations, whether large or small, government or private, profit or non-profit, the information necessary to design a plan specific to the risks for that entity. There is no ‘one size fits all approach’ to managing fraud risk, but by applying the guidance in the updated Guide, an organization can create a custom-fitted program tailored to its specific needs.” The Guide includes examples of key program components and resources that organizations can use to develop a fraud risk-management program effectively and efficiently. In addition, it contains references to other sources of guidance for tailoring a fraud risk-management program to a specific industry. “COSO’s mission is to help organizations improve performance by developing thought leadership that enhances internal control, risk management, governance and fraud deterrence. The Fraud Risk Management Guide is a key tool for furthering this mission, mainly with respect to fraud deterrence, particularly through the principled alignment supported by COSOs existing 2013 ICIF,” added Lucia Wind, COSO Chair. For more information, or to request a copy of the report, please visit: See More

COSO - Altdata Alternative Data: The COSO Perspective (2024/03/27) NEW YORK, March 27, 2024 – A new publication released today by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) entitled Alternative Data: The COSO Perspective, explores how COSO’s Enterprise Risk Management (ERM) Framework can be applied to the challenge and opportunity of the growing proliferation of alternative data (“altdata”). See More

Creating and Protecting Value ERM Guidance: Creating and Protecting Value Over the past few decades, enterprise risk management (ERM) has received increased attention from boards and executives, and it continues to evolve in its development and uses. To further inform organizations on its benefits, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) is releasing new guidance, “Creating and Protecting Value: Understanding and Implementing Enterprise Risk Management,” offering succinct, tangible steps to implement an effective ERM program. The project was commissioned by COSO and co-authored by DePaul University’s Richard J. Anderson, Clinical Professor of Strategic Risk Management, and Dr. Mark L. Frigo, Co-founder and Director Emeritus of the Strategy, Execution and Valuation Initiative & Strategic Risk Management Lab at the Kellstadt Graduate School of Business/Driehaus College of Business - School of Accountancy & MIS. PDF File Press Release

About Us Mission The Committee of Sponsoring Organizations’ (COSO) mission is to help organizations improve performance by developing thought leadership that enhances internal control, risk management, governance and fraud deterrence. Vision COSO’s vision is to be globally recognized as an authority on internal control and a thought leader on risk management, governance and fraud deterrence. COSO ’s goal is to provide thought leadership dealing with three interrelated subjects: Enterprise Risk Management (ERM), Internal Control, Fraud Deterrence and Governance . Regarding Internal Control , in 1992, COSO published Internal Control — Integrated Framework. This framework was revised and reissued in May 2013. Over the years, COSO continued to issue other publications pertaining to internal controls, including thought leadership such as Internal Control over Financial Reporting — Guidance for Smaller Public Companies Guidance on Monitoring Internal Control Systems or most recently Internal Controls over Sustainability Reporting. For more information visit the Internal Control Guidance page. Regarding ERM , in 2004, COSO issued Enterprise Risk Management — Integrated Framework. This framework was updated with the release in 2017 of “Enterprise Risk Management–Integrating with Strategy and Performance,” which highlights the importance of considering risk in both the strategy-setting process and in driving performance. COSO has also published several thought papers beginning in 2009 relating to ERM, for more information visit the ERM Guidance page. In the area of Fraud Deterrence , COSO has published two research studies. The first study released in 1999 was titled Fraudulent Financial Reporting: 1987-1997. A continuation study called Fraudulent Financial Reporting: 1998-2007 was released in 2010. In the recent years, COSO issued its first Fraud Risk Management Guide in 2016, which was later updated to include more focus areas and republished in 2023. For more on fraud deterrence visit the Fraud Deterrence page. COSO’s most recent focus is on the development of a Corporate Governance Framework. Please review our News page for more information and our Other Guidance page for more thought leadership on Governance . Enterprise Risk Management Internal Control Fraud Deterrence COSO at 30 Years Audio File Summary COSO eBook Publications See More

Enabling Organizational Agility Enabling Organizational Agility in an Age of Speed and Disruption As radical change transforms the world we live in, organizations should regularly align their enterprise risk management (ERM) process with the current business environment and their strategic goals, according to new guidance issued today from the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Enabling Organizational Agility in an Age of Speed and Disruption is intended to serve as a guide to help organizations succeed by being more anticipatory, agile, and adaptable. The guidance highlights many of the COSO ERM risk principles and how they relate to an agile business environment, and numerous ways are identified that show how the COSO ERM principles link to agile approaches. PDF File Press Release

LATEST UPDATES: Corporate Governance - Guiding Principles for Board Oversight See more > COSO was organized in 1985 to sponsor the National Commission on Fraudulent Financial Reporting , an independent private-sector initiative that studied the causal factors that can lead to fraudulent financial reporting. It also developed recommendations for public companies and their independent auditors, for the SEC and other regulators, and for educational institutions. The National Commission was sponsored jointly by five major professional associations headquartered in the United States: the American Accounting Association (AAA) , the American Institute of Certified Public Accountants (AICPA) , Financial Executives International (FEI) , the Institute of Internal Auditors (IIA) , and the National Association of Accountants , now known as Institute of Management Accountants (IMA). Wholly independent of each of the sponsoring organizations, the Commission included representatives from industry, public accounting, investment firms, and the New York Stock Exchange. To this day, COSO functions as a committee of the five Board Members led by its Chairman of the Board. The operations of the Committee and COSO overall are supported by the resources of the five Sponsoring Organizations. The first chairman of the National Commission was James C. Treadway, Jr. , Executive Vice President and General Counsel, Paine Webber Incorporated and a former Commissioner of the U.S. Securities and Exchange Commission. Hence, the popular name "Treadway Commission" Currently, the COSO Chairman is Lucia Wind . COSO’s goal is to provide thought leadership dealing with three interrelated subjects: Enterprise Risk Management (ERM), Internal Control, Fraud Deterrence and Governance. Sponsoring Organizations In Memoriam: Dr. Larry Rittenberg COSO is deeply saddened by the recent passing of Dr. Larry Rittenberg, a former COSO Board member and Chair. Larry was a highly respected leader in the accounting and internal audit professions. In addition to his service to COSO, he was deeply involved with The Institute of Internal Auditors and served as Chair of the Accounting Department at the University of Wisconsin–Madison. His contributions to governance, internal control, and the profession more broadly were significant and enduring. Those who worked closely with Larry remember not only his professional impact, but also his generosity, intellectual curiosity, and deep commitment to staying engaged. Even during his illness, Larry remained eager to connect, welcoming phone calls and seeking updates on COSO and the IIA with characteristic interest and care. Larry’s leadership, collegiality, and dedication will be greatly missed. COSO extends its sincere condolences to his family, friends, and colleagues. Larry’s obituary and service information are available through Cress Funeral Home in Madison, Wisconsin: https://www.cressfuneralservice.com/obituaries/larry-rittenberg

Achieving Effective Internal Control Over Robotic Process Automation Integrating RPA Governance with the COSO Internal Control Integrated Framework (ICIF) The Committee of Sponsoring Organizations of the Treadway Commission (COSO ) today released a new publication that addresses critical governance challenges in the rapidly growing field of Robotic Process Automation (RPA). As RPA continues to reshape organizations by automating repetitive, rules-based tasks, this publication provides essential guidance for integrating RPA governance requirements with the COSO Internal Control Integrated Framework (ICIF). ..see more Press Release RPA with ICIF

Request for Proposal - Corporate Governance Framework COSO and NACD Issue Request for Proposal to Develop Corporate Governance Framework and Application Guidance The Committee of Sponsoring Organizations of the Treadway Commission (COSO ), in collaboration with the National Association of Corporate Directors (NACD ), has issued a Request for Proposal (RFP) to develop a Corporate Governance Framework (CGF). ..see more Press Release IC on RPA Paper

Guidance Enterprise Risk Management In keeping with its overall mission, the COSO Board commissioned and published in 2004 Enterprise Risk Management—Integrated Framework. Over the past decade, that publication has gained broad acceptance by organizations in their efforts to manage risk. However, also through that period, the complexity of risk has changed, new risks have emerged, and both boards and executives have enhanced their awareness and oversight of enterprise risk management while asking for improved risk reporting. The updated 2017 publication (see below) addresses the evolution of enterprise risk management and the need for organizations to improve their approach to managing risk to meet the demands of an evolving business environment. Certification Free - Executive Summary Purchase eBook Purchase eBook Purchase Softcover ERM Guidance Documents ALTERNATIVE DATA: THE COSO PERSPECTIVE (2024) See More (PORTUGUESE) REALIZE THE FULL POTENTIAL OF ARTIFICIAL INTELLIGENCE (2021) See More COMPLIANCE RISK MANAGEMENT: APPLYING THE COSO ERM FRAMEWORK (2020) See More (JAPANESE) MANAGING CYBER RISK IN A DIGITAL AGE (2019) See More (PORTUGUESE) ENTERPRISE RISK MANAGEMENT TO ENVIRONMENTAL, SOCIAL AND GOVERNANCE-RELATED (2018) See More RISK ASSESSMENT IN PRACTICE (2012) See More DEVELOPING KEY RISK INDICATORS TO STRENGTHEN ENTERPRISE RISK MANAGEMENT (2010) See More ENABLING ORGANIZATIONAL AGILITY IN AN AGE OF SPEED AND DISRUPTION (2022) See More ENTERPRISE RISK MANAGEMENT FOR CLOUD COMPUTING (2021) See More (JAPANESE) COMPLIANCE RISK MANAGEMENT: APPLYING THE COSO ERM FRAMEWORK (2020) See More (FULL) ENTERPRISE RISK MANAGEMENT TO ENVIRONMENTAL, SOCIAL AND GOVERNANCE-RELATED RISK (2018) See More COSO IN THE CYBER AGE (2015) See More CLOUD COMPUTING THOUGHT PAPER (2012) See More BOARD RISK OVERSIGHT - A PROGRESSS REPORT (2010) See More REALIZE THE FULL POTENTIAL OF ARTIFICIAL INTELLIGENCE (2021) See More (JAPANESE) ENTERPRISE RISK MANAGEMENT FOR CLOUD COMPUTING (2021) See More CREATING AND PROTECTING VALUE (2020) See More (SUMMARY) ENTERPRISE RISK MANAGEMENT TO ENVIRONMENTAL, SOCIAL AND GOVERNANCE-RELATED RISK (2018) See More DEMYSTIFYING SUSTAINABILITY RISK (2013) See More UNDERSTANDING AND COMMUNICATING RISK APPETITE (2012) See More EFFECTIVE ENTERPRISE RISK OVERSIGHT - THE ROLE OF THE BOARD OF DIRECTORS (2009) See More (JAPANESE) REALIZE THE FULL POTENTIAL OF ARTIFICIAL INTELLIGENCE (2021) See More RISK APPETITECRITICAL TO SUCCESS (2020) See More MANAGING CYBER RISK IN A DIGITAL AGE (2019) See More (SPANISH) ENTERPRISE RISK MANAGEMENT TO ENVIRONMENTAL, SOCIAL AND GOVERNANCE-RELATED RISK (2018) See More ENHANCING BOARD OVERSIGHT (2012) See More PRACTICAL APPROACHES FOR GETTING STARTED (2011) See More Integrating with Strategy and Performance: Compendium of Examples COSO issued a supplement with detailed examples for applying principles from the ERM Framework to day-to-day practices. This supplement, titled COSO Enterprise Risk Management - Integrating with Strategy and Performance: Compendium of Examples, was developed from industry practices identified through extensive research conducted when updating the Framework. Each example focuses on specific components covered in the Framework. Written as a collection of case studies, the Compendium offers real-world advice about how to put the ERM Framework to use. Each case describes how a specific entity scaled and adapted the principles, and sets out a relationship between an organization’s mission, vision, and core values; its strategic goals and directions; and approaches used in carrying out its strategy. Compendium of Examples COSO issued a supplement with detailed examples for applying principles from the ERM Framework to day-to-day practices. This supplement, titled COSO Enterprise Risk Management - Integrating with Strategy and Performance: Compendium of Examples, was developed from industry practices identified through extensive research conducted when updating the Framework. Each example focuses on specific components covered in the Framework. Written as a collection of case studies, the Compendium offers real-world advice about how to put the ERM Framework to use. Each case describes how a specific entity scaled and adapted the principles, and sets out a relationship between an organization’s mission, vision, and core values; its strategic goals and directions; and approaches used in carrying out its strategy.

Critical to Success Risk Appetite – Critical to Success In an effort to help boards, executives, and managers recognize how a better understanding and communication of risk appetite will help their organizations succeed, the Committee of Sponsoring Organizations of the Treadway Commission (COSO ) is releasing new guidance, “Risk Appetite–Critical to Success,” focusing on how organizations can promote risk appetite as an integral part of decision-making. The project was commissioned by COSO and co-authored by Frank Martens of Pacific Rim Risk Management Services Ltd. and Dr. Larry Rittenberg, Ernst & Young Emeritus Professor of Accounting at the University of Wisconsin-Madison School of Business. The guidance focuses on linking risk appetite with strategies and objectives and applying appetite as part of managing an organization for success, given the amount of risk the organization is willing and needs to take. As noted in the paper, risk appetite must be flexible enough to adapt to changing conditions, helping an organization to remain relevant in the evolving landscape. Those who anticipate and understand their risk when change happens are better able to embrace the change and be more agile in challenging conditions. PDF File

Seeking New Board Chair Applications Are Being Accepted Through June 30, 2022 NEW YORK, May 18, 2022 – The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is seeking applications for the position of Board Chair. The Chair is responsible for leading COSO in fulfilling its mission of providing thought leadership in the areas of internal control, enterprise risk management, governance, and fraud deterrence. Paul J. Sobel, the current COSO chairman, plans to step down after admirably serving in that capacity since 2018. The Institute of Internal Auditors (IIA), a sponsoring organization of COSO, is managing the application process. The elected position will commence on January 1, 2023, for a three-year term. The COSO board is seeking candidates with executive maturity and presence, deep knowledge and experience in internal controls, enterprise risk management, governance, and fraud deterrence, leadership skills, public speaking proficiency, and a commitment to ensuring the relevance and influence of COSO globally. Key responsibilities include board leadership; strategic relationships with other organizations that have a common interest with COSO’s mission; oversight of COSO-sponsored projects and other activities that align with its vision, mission, and strategic goals. “The COSO board greatly appreciates Paul’s service, and we look forward to enhancing COSO’s influence and relevance globally in a disruptive business environment with a chair who continues to exemplify executive maturity and presence, has experience leading boards, and is a credible voice in internal controls, risk management and corporate governance,” says Jeff Thomson, COSO Lead Director and CEO of the Institute of Management Accountants. Candidates may submit a letter of interest along with a current resume of qualifications to This Link by the position application close date June 30, 2022.

New Board Chair COSO Names New Board Chair Ms. Lucia M. Wind to Succeed Paul J. Sobel in January Lucia Wind ORLANDO, December 15, 2022 – The Committee of Sponsoring Organizations of the Treadway Commission (COSO) today named Ms. Lucia M. Wind as its next Board Chair for a three-year term starting January 1. The Chair is responsible for leading COSO in fulfilling its mission of providing thought leadership in the areas of internal control, enterprise risk management, governance, and fraud deterrence. Paul J. Sobel, the current COSO chairman, plans to step down after admirably serving in that capacity since 2018. This was previously announced on May 18. Summary