Documentos de Académico
Documentos de Profesional
Documentos de Cultura
COSO's Guidance on
Monitoring Internal Controls
Doug Steele
Partner, Specialty Advisory
Services
February 17th, 2009
SEC's PCAOB's
Guidance AS5
(for mgmt) (for auditors)
Separate but
consistent
© Grant Thornton LLP. All rights reserved. 1
COSO's monitoring project
Overview
participants:
• core team 7
• review team 4
• COSO board 7
• COSO taskforce 15
• SEC/PCAOB observers 2
35
4a. Possibly
3. Test the
Use the Work
Review 2. Review of Others
Reconciliation
or
Any further testing of the
reconciliation will start 4b. Test
with lessons learned 1. Perform the Review
from testing the Reconciliation
reconciliation review
© Grant Thornton LLP. All rights reserved. 7
Example: recognizing the value of monitoring
4
Implement
Monitoring
1
Prioritize
Risks
Effective
Monitoring
Identify
Identify
3
Identify
Information
2
Identify
Controls
Identify
Identify key
key
information
information that
that controls
controls across
across the
the
will
will persuasively
persuasively internal
internal control
control system
system
indicate
indicate whether
whether the
the that
that address
address those
those
internal
internal control
control system
system prioritized
prioritized risks
risks
is
is operating
operating effectively
effectively
1. Risk-based approach
Meaningful Risk
Understand the
Internal Control System
Identify
Key Controls
Key Controls
Identify
Persuasive
Information
Persuasive Info
Develop
Monitoring
© Grant Thornton LLP. All rights reserved. 12
2. Understand internal controls and
identify key controls
Direct Info
A Indirect Info
Direct Info
Direct Info
Indirect Info
B and
Direct Info
C Direct Info
Direct Indirect
•• Typically
Typically most
most •• Can
Can enhance
enhance
Ongoing persuasive
persuasive monitoring
monitoring efficiency
efficiency
monitoring •• Especially
Especially valuable
valuable in
in •• Provides
Provides support
support to
to
high-risk
high-risk areas
areas direct
direct info
info
•• Primarily
Primarily used
used to
to •• Typically
Typically least
least
Separate revalidate
revalidate conclusions
conclusions persuasive
persuasive
evaluation reached
reached through
through •• Can
Can help
help scope
scope other
other
ongoing
ongoing monitoring
monitoring SE
SE procedures
procedures