Question

The COSO report is one of the foundations of internal auditing and fraud detection. Who is COSO? What is their ERM framework? How does this help us create an effective organization and minimize fraud?

Answer 1

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is a combined initiative taken to fight corporate fraud. It was established in the United States by five private sector organizations, dedicated to guide executive management and governance entities on relevant aspects of organizational governance, business ethics, internal control, enterprise risk management, fraud, and financial reporting. COSO has established a common internal control model against which companies and organizations may assess their control systems. COSO is supported by five supporting organizations, including the Institute of Management Accountants (IMA), the American Accounting Association (AAA), the American Institute of Certified Public Accountants (AICPA), the Institute of Internal Auditors (IIA), and Financial Executives International (FEI).

​​​The ERM Framework defines essential enterprise risk management components, discusses key ERM principles and concepts, suggests a common ERM language, and provides clear direction and guidance for enterprise risk management.

COSO recommends ways in which governing boards,

senior management, staff at all levels, and internal auditors

can deter fraud in their organization. Fraud deterrence is a

process of eliminating factors that may cause fraud to occur.

Deterrence is achieved when an organization implements a

fraud risk management process that:

• Establishes a visible and rigorous fraud governance

process

• Creates a transparent and sound anti-fraud culture

• Includes a thorough fraud risk assessment periodically

• Designs, implements, and maintains preventive and

detective fraud control processes and procedures

• Takes swift action in response to allegations of fraud,

including, where appropriate, actions against those

involved in wrongdoing.