Effective Use of the COSO Framework - In-Person

We will cover in this program:

• Tips and methods from COSO Framework and internal control experts.

• Understand the COSO Framework's principles-based approach.

• Identify and analyze ICFR risks.

• Develop tactics and strategies in improving an internal control system.

By the end of the course, participants will be able to:

• Identify the core principles in the COSO Framework.

• Understand the requirements tactical and strategic of internal control function.

• Understand internal control risk assessments.

• Identify the requirements of effective process documentation.

• Apply the methods for obtaining and presenting internal control testing evidence.

• Understand the components of an effective internal control assessment report.

• Conduct the follow-up and validation of resolutions to internal control issues.

Introductions

• SOX ICFR Reporting Requirements

Section One - Internal Control Concepts and Challenges

• Pareto's Law

• Moore's Law

• The Business Model

• Five Layers of Business Objectives

• Integration of Internal Controls

• Internal Controls over Financial Reporting (ICFR)

• Six Layers of Key Controls for ICFR

Section Two - Available Internal Control Frameworks

• COSO Framework - 17 Principles and 85 Points of Focus

• ISACA Control Objectives for Information and Related Technologies (COBIT)

• Internal Control Program Charter

• How Effective is Your ICFR?

Section Three - Business Objectives to Risk Assessments

• The Business Model to Identified Risks

• Layers of Risk Assessment

• Operations Risk Assessment

• Compliance Risk Assessment

• Information Technology Risk Assessment

• Financial Statement Risk Assessment

• The Big Three Connections - Business Objective - Risk - Control

• Measuring Residual Risk vs Inherent Risk

• Entity Level Controls Integration within the COSO Framework

Section Four - Performing Risk Assessments within the Business Process

• Significant accounts and their transaction sources

• Application software and transaction flow within business processes

• Business Objectives - Risks - Internal Controls relationship

• Risk Assessment within the Business Process

• Business Process Assertions - CAVR-C

• Business process documentation standards

Section Five - Identifying Key Controls

• The labels controls carry - Entity - Process - ITGC - Preventive - Detective - Manual - Automated - Compensating - Review

• Key controls vs non-key controls

• Classifying controls in a business process exercise

• Information presented in reports and dashboards (IPE) Controls

Section Six - Assessing Design - Testing Effectiveness

• The walkthrough process

• Walkthrough interviewing using S.P.I.N.

• How to get to the facts

• Establishing a "Fact"

• Assessing the design of controls

• Elements maturity within business processes

• Testing for operation effectiveness of controls

• Methods of testing business process controls

• Sample size and sampling methodologies

• Defining and documenting an issue noted in testing

Section Seven - Evaluating Control Deficiencies and their future

• SEC's Definitions concerning Deficiencies

• Categories of Internal Control Deficiencies

• Determining materiality

• Documenting a deficiency

• Measuring the deficiency

• Determining the "Root Cause"

• Remediation

• Retesting

• Tracking of deficiencies (Exercise)

Section Eight - Opining and Certification

• COSO Framework Guidance on ICFR Assessments

• Assessment vs Audit

• SEC Requirements

• Evidence to support management's assessment

• Certification of "ICFR"

• Opining to the External Auditor & SEC

Section Nine - Summary

• Keys to successful ICFR assessment

• Building a culture of compliance

• Top COSO Frameworkkey control programs

Program Level of Understanding: Basic to Intermediate

Prerequisites: None.

Advance Preparation: A number of documents will be provided in advance.

Delivery Format: On-site Training (Group-Live); Seminar (Group-Live)

NASBA Field(s) of Study: Auditing

CPE Credits: 16, based on 50 minutes of instruction per hour

This CPE event "Effective Use of the COSO Framework" provides an in-depth exploration of leveraging the Committee of Sponsoring Organizations (COSO) framework to enhance internal control processes within organizations. Attendees can expect a comprehensive analysis of the COSO framework's key components, including its role in strengthening risk management, corporate governance, and overall business performance.

During this event, participants will gain valuable insights into implementing the COSO framework to fortify internal controls, aligning with regulatory requirements, and fostering a culture of accountability and transparency. Furthermore, the event aims to equip attendees with practical strategies for integrating the COSO framework into their organizational structure, thereby optimizing operational efficiency and risk mitigation efforts.

By participating in this event, professionals can anticipate acquiring actionable knowledge and best practices for effectively utilizing the COSO framework to elevate their internal control systems and drive sustainable business growth.