COSO Releases Discussion Document withGuidance on Monitoring Internal Control
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is pleased to announce the release of a discussion document: Guidance on Monitoring Internal Control Systems. Developed by COSO and led by a diverse Grant Thornton LLP team, the guidance is designed to help organizations monitor the quality of their internal control systems. Jeff Thomson is VP of Research and Applications Development at IMA and is a COSO Board Member. Andre van Hoek, formerly Assistant Controller at J&J and now Controller at Celgene Corporation, is IMA's primary task force representative on the COSO Monitoring project.

The guidance more fully develops the monitoring component of COSO’s Internal Control - Integrated Framework. The guidance is appropriate for organizations of any size or structure to improve the quality of their internal controls systems for multiple business purposes, but especially those dealing with the reporting requirements under the U.S. Sarbanes-Oxley Act of 2002, Section 404.

In the discussion document, COSO has asked specific questions to ensure the clarity and applicability of the guidance. A copy of the discussion document can be found on IMA’s website under the Professional Partnerships section/COSO. There are two opportunities for IMA members to get engaged in this important project and to make a difference. First, as a management accounting professional, review the discussion draft guidance on monitoring and provide comments by October 31. This will ensure a high quality final product (first half of next year) and ensure that the "inside" management view of risk and performance management is embedded in the process. A link to view the document and to submit comments can be found at www.coso.org. Please identify yourself as an IMA member when submitting comments. Secondly, in the next phase of the project later this year, COSO is looking to develop specific implementation tools and examples - so, here is an opportunity for companies represented by IMA membership to benefit other organizations by identifying best practices, tools, and lessons learned in monitoring processes. Names of organizations will be kept confidential if so desired.

COSO selects Grant Thornton to conduct research – Project to Focus on Monitoring of Internal Control

On January 8, 2007, COSO announced in a press release that Grant Thornton has been commissioned to develop guidance designed to help organizations monitor the quality of their internal control systems. COSO’s selection of Grant Thornton to work on the project is a follow up on COSO’s issuance of a Request for Proposals (RFP) on October 17, 2006 for companies to work on the project. The end product will serve as a tool for effectively monitoring internal controls, as well as complying with the U.S. Sarbanes-Oxley Act of 2002. Andre Van Hoek, Assistant Controller from Johnson & Johnson and Jeff Thomson, IMA’s Vice President of Research and Applications Development and COSO board member, will be members of the project team that will focus on this issue. According to COSO Chairman Larry Rittenberg, PH.D., the development of the project will be on a 12-month timeline to meet the need for example, guidance, and more information regarding the monitoring component of COSO’s Internal Control – Integrated Framework. A copy of the press release about the project and the RFP can be found on IMA’s website under the Professional Partnerships section/COSO.

COSO Releases New Management Assessment Guidance to Smaller Companies for Internal Controls over Financial Reporting

During July 2006, COSO released new management assessment guidance to smaller companies for internal controls over financial reporting. The biggest “noise” from participants at the Securities and Exchange Commission’s (SEC’s) 2nd roundtable about Sarbanes-Oxley implementation issues that took place on May 10, 2006 is the concern over limited guidance for smaller public companies to ensure appropriate implementation. The release of such guidance from COSO will give CFOs and controllers at smaller public companies assurance that their concerns are not being ignored.

The guidance is comprised of three volumes of material:

Volume 1 – Executive Summary – See links in this section for COSO Executive Summary – Guidance for Smaller Companies and COSO FAQs – Guidance for Smaller Companies

Volume 2 – Guidance – Provides an overview of internal control over financial reporting in smaller businesses. Discusses the costs and benefits of internal control, how companies can meet the challenges of attaining cost-effective internal control, and provides other considerations for achieving further efficiencies.

Volume 3 – Evaluation Tools - Contains illustrative tools to assist management in evaluating internal control. Managers may use the illustrative tools in determining whether the company has effectively applied the principles.

Information on purchasing copies of volumes 2 & 3 along with other pertinent information about the guidance can be found on COSO’s website, www.coso.org. Special rates to purchase the guidance material are offered to members of founding organizations of COSO.

IMA joins its COSO partners in New York to release the greatly anticipated Framework
With recent heightened concern and focus on risk management, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) released The Enterprise Risk Management - Integrated Framework on September 29, 2004. The Framework describes the essential components, principles, and concepts of enterprise risk management for all organizations, regardless of size, and provides boards of directors and management a clear roadmap for identifying risks, avoiding pitfalls, and seizing opportunities to grow stakeholder value.

To mark the release of the Framework, COSO held a media roundtable on September 29, 2004 at the Michelangelo Hotel in New York. The roundtable allowed COSO and its five members - IMA, the American Institute of Certified Public Accountants (AICPA), the American Accounting Association (AAA), Financial Executives International (FEI) and The Institute of Internal Auditors (IIA) - the opportunity to introduce the Framework to the public. IMA was represented at the event by IMA Chairman Larry White and Dennis Neider, a partner with PricewaterhouseCoopers currently serving on the COSO board of directors. The event provided White and Neider with the opportunity to speak with highly regarded members of the media on behalf of IMA about the Framework and the important role management accounting plays in risk management.

COSO recognized that while many organizations may be engaging in some aspects of enterprise risk management, there has been no common base of knowledge and principles to enable boards and senior management to evaluate an organization's approach to risk management and assist them in building effective programs to identify, measure, prioritize, and respond to risks. The Framework provides businesses as well as other organizations, for the first time, with a principles-based framework that will enable them to identify all the aspects that should be present in every company's enterprise risk program and how they can be successfully implemented.

Built on the foundation of COSO's Internal Control - Integrated Framework, being used by many American businesses to comply with the Sarbanes-Oxley Act requirements, this new Framework is expected to be widely accepted as the benchmark for dealing with business risk.

The Framework speaks to many of the issues currently facing organizations such as how an organization determines the right amount of risk for the value it is striving to create for stakeholders and how it responds to risk to best protect and enhance value. It also addresses the role of the board of directors, senior management, and other corporate officers in enterprise risk management. An accompanying document, Application Techniques, illustrates how effective enterprise risk management concepts and principles may be successfully applied in the competitive business environment.

COSO engaged PricewaterhouseCoopers in 2001 to lead the development of Enterprise Risk Management - Integrated Framework after concluding there was a need for a broadly recognized enterprise risk management framework. COSO appointed an advisory council with members from the five COSO organizations to work with PricewaterhouseCoopers in the development of the framework.