Search Results

Board of Directors The COSO Board is made up of representatives from each of the five sponsoring organizations, plus a chair who is elected by the five sponsoring organizations' board representatives. COSO Board Lucia Wind More Info COSO Board Chair Jennifer Burns More Info AICPA Represent ative Benito Ybarra More Info IIA Representative Douglas F. Prawitt More Info COSO Lead Director Jason Pikoos More Info FEI Represent ative Larry R. White More Info IMA Represent ative COSO Fellow Crisha Carlos More Info

Guidance Fraud Deterrence Guide Summary Enterprise Risk Management Guide Summary ERM Guidance Documents EFFECTIVE ENTERPRISE RISK OVERSIGHT - THE ROLE OF THE BOARD OF DIRECTORS (2009) PDF File UNDERSTANDING AND COMMUNICATING RISK APPETITE (2012) PDF File DEVELOPING KEY RISK INDICATORS TO STRENGTHEN ENTERPRISE RISK MANAGEMENT (2010) PDF File CLOUD COMPUTING THOUGHT PAPER (2012) PDF File BOARD RISK OVERSIGHT - A PROGRESSS REPORT (2010) PDF File RISK ASSESSMENT IN PRACTICE (2012) PDF File PRACTICAL APPROACHES FOR GETTING STARTED (2011) PDF File ENHANCING BOARD OVERSIGHT (2012) PDF File 1 2 3 4 1 ... 1 2 3 4 ... 4 Internal Control Summary Guide Achieving Effective Internal Control Over Generative AI (2026) PDF File ACHIEVING EFFECTIVE INTERNAL CONTROL OVER ROBOTIC PROCESS AUTOMATION (2024) PDF File ACHIEVING EFFECTIVE INTERNAL CONTROL OVER SUSTAINABILITY REPORTING (ICSR) PDF File (SPANISH) COSO ICSR PDF File 1 2 3 4 1 ... 1 2 3 4 ... 4 The publication may be purchased from: Governance Corporate Governance: Guiding Principles for Board Oversight (2026) PDF File Improving Organizational Performance and Governance (2014) PDF File Enhancing Board Oversight (2012) PDF File

Collaborative Work on ERM-ESG Collaborative Work on ERM-ESG Alignment Earns UN ISAR Honors Promoting Sustainability The United Nations Conference on Trade and Development (UNCTAD) honored the Committee of the Sponsoring Organizations of the Treadway Commission (COSO), of which The Institute of Internal Auditors (IIA) is a sponsoring organization, the World Business Council for Sustainable Development (WBCSD), and EY for their collaborative work on integrating environmental, social and governance (ESG) aspects into companies’ mainstream enterprise risk management practices. The recognition is for development of the Applying Enterprise Risk Management to Environmental, Social and Governance-related Risks guidance and ESG-risk workshops. The guidance was a collaboration between COSO and WBCSD with support from EY through funding from the Gordon and Betty Moore Foundation. PDF File

Managing Cyber Risk Managing Cyber Risk in a Digital Age Even as companies become more digital savvy, they continue to confront new and emerging data risks that pressure financial and reputational vulnerabilities. To help address these challenges, the Committee of Sponsoring Organizations of the Treadway Commission (COSO ), in collaboration with Deloitte Risk & Financial Advisory, is releasing new guidance, “Managing Cyber Risk in a Digital Age.” Written to boards of directors, audit committee members, executive management, and cyber practitioners, the new guidance addresses how companies can apply COSO’s Enterprise Risk Management–Integrating with Strategy and Performance (ERM Framework), one of the most widely recognized and applied risk management frameworks in the world, to protect against cyberattacks. The guidance provides insight into how organizations can leverage the five components and 20 principles of the ERM Framework to identify and manage cyber risks. PDF File News Release

About Us Mission The Committee of Sponsoring Organizations’ (COSO) mission is to help organizations improve performance by developing thought leadership that enhances internal control, risk management, governance and fraud deterrence. Vision COSO’s vision is to be globally recognized as an authority on internal control and a thought leader on risk management, governance and fraud deterrence. COSO ’s goal is to provide thought leadership dealing with three interrelated subjects: Enterprise Risk Management (ERM), Internal Control, Fraud Deterrence and Governance . Regarding Internal Control , in 1992, COSO published Internal Control — Integrated Framework. This framework was revised and reissued in May 2013. Over the years, COSO continued to issue other publications pertaining to internal controls, including thought leadership such as Internal Control over Financial Reporting — Guidance for Smaller Public Companies Guidance on Monitoring Internal Control Systems or most recently Internal Controls over Sustainability Reporting. For more information visit the Internal Control Guidance page. Regarding ERM , in 2004, COSO issued Enterprise Risk Management — Integrated Framework. This framework was updated with the release in 2017 of “Enterprise Risk Management–Integrating with Strategy and Performance,” which highlights the importance of considering risk in both the strategy-setting process and in driving performance. COSO has also published several thought papers beginning in 2009 relating to ERM, for more information visit the ERM Guidance page. In the area of Fraud Deterrence , COSO has published two research studies. The first study released in 1999 was titled Fraudulent Financial Reporting: 1987-1997. A continuation study called Fraudulent Financial Reporting: 1998-2007 was released in 2010. In the recent years, COSO issued its first Fraud Risk Management Guide in 2016, which was later updated to include more focus areas and republished in 2023. For more on fraud deterrence visit the Fraud Deterrence page. COSO’s most recent focus is on the development of a Corporate Governance Framework. Please review our News page for more information and our Other Guidance page for more thought leadership on Governance . Enterprise Risk Management Internal Control Fraud Deterrence COSO at 30 Years Audio File Summary COSO eBook Publications See More

COSO - Altdata Alternative Data: The COSO Perspective (2024/03/27) NEW YORK, March 27, 2024 – A new publication released today by the Committee of Sponsoring Organizations of the Treadway Commission (COSO) entitled Alternative Data: The COSO Perspective, explores how COSO’s Enterprise Risk Management (ERM) Framework can be applied to the challenge and opportunity of the growing proliferation of alternative data (“altdata”). See More

Corporate Governance - Guiding Principles for Board Oversight COSO Releases New Board Oversight Guidance Developed with PwC Twelve guiding principles offer boards a practical tool for oversight, accountability, and long‑term value creation NEW YORK, March 31, 2026 – The Committee of Sponsoring Organizations of the Treadway Commission (COSO), today announced the release of its Corporate Governance: Guiding Principles for Board Oversight, developed in collaboration with PwC. The new publication provides boards with a clear, board-level set of guiding principles and practical illustrations to help them assess whether their governance model remains fit for purpose as organizations confront accelerating change, heightened stakeholder scrutiny, and increasingly complex risk environments. Publication Press Release

Enabling Organizational Agility Enabling Organizational Agility in an Age of Speed and Disruption As radical change transforms the world we live in, organizations should regularly align their enterprise risk management (ERM) process with the current business environment and their strategic goals, according to new guidance issued today from the Committee of Sponsoring Organizations of the Treadway Commission (COSO). Enabling Organizational Agility in an Age of Speed and Disruption is intended to serve as a guide to help organizations succeed by being more anticipatory, agile, and adaptable. The guidance highlights many of the COSO ERM risk principles and how they relate to an agile business environment, and numerous ways are identified that show how the COSO ERM principles link to agile approaches. PDF File Press Release

COSO ERM Framework Applying the COSO ERM Framework COSO releases new guidance, Compliance Risk Management: Applying the COSO ERM Framework, detailing the application of the Enterprise Risk Management—Integrating with Strategy and Performance (ERM Framework) to the management of compliance risks. The guidance was commissioned by COSO and authored by the Society of Corporate Compliance and Ethics & Health Care Compliance Association (SCCE & HCCA). PDF File Press Release

New (ICSR) Supplemental Guidance COSO Releases New “Achieving Effective Internal Control Over Sustainability Reporting” (ICSR) Supplemental Guidance Builds Trust and Confidence in ESG/Sustainability Reporting and Decision-Making ..see more Press Release ICSR Report The principal authors of this guidance are: Robert Herz , former FASB chair, founding member of the IASB and former SASB Foundation board member; Robert Hirth , Senior Managing Director at Protiviti, former COSO Chair and former vice-chair of the SASB; Douglas Hileman , consultant, ESG specialist, and member of [former] ESG Leadership Knowledge Group; Shari H. Littan , IMA Director, Corporate Reporting Research and Thought Leadership; Brad Monterio , IIA EVP of Member Competency and Learning and member of the IFRS Foundation’s IRCC; and Jeffrey C. Thomson , President and CEO of IMA and former COSO board member/lead director. COSO wishes to thank Chair Emeritus Paul Sobel for his oversight and leadership of this project during his term as Chair. For more information, please contact Cecile Fradkin or Giuseppe Barone .

Critical to Success Risk Appetite – Critical to Success In an effort to help boards, executives, and managers recognize how a better understanding and communication of risk appetite will help their organizations succeed, the Committee of Sponsoring Organizations of the Treadway Commission (COSO ) is releasing new guidance, “Risk Appetite–Critical to Success,” focusing on how organizations can promote risk appetite as an integral part of decision-making. The project was commissioned by COSO and co-authored by Frank Martens of Pacific Rim Risk Management Services Ltd. and Dr. Larry Rittenberg, Ernst & Young Emeritus Professor of Accounting at the University of Wisconsin-Madison School of Business. The guidance focuses on linking risk appetite with strategies and objectives and applying appetite as part of managing an organization for success, given the amount of risk the organization is willing and needs to take. As noted in the paper, risk appetite must be flexible enough to adapt to changing conditions, helping an organization to remain relevant in the evolving landscape. Those who anticipate and understand their risk when change happens are better able to embrace the change and be more agile in challenging conditions. PDF File

Achieving Effective Internal Control Over Robotic Process Automation Integrating RPA Governance with the COSO Internal Control Integrated Framework (ICIF) The Committee of Sponsoring Organizations of the Treadway Commission (COSO ) today released a new publication that addresses critical governance challenges in the rapidly growing field of Robotic Process Automation (RPA). As RPA continues to reshape organizations by automating repetitive, rules-based tasks, this publication provides essential guidance for integrating RPA governance requirements with the COSO Internal Control Integrated Framework (ICIF). ..see more Press Release RPA with ICIF