Executive's Guide to COSO Internal Controls: Understanding and Implementing the New Framework



Every corporation filing its year-end financial reports must eventually be in compliance with the new COSO 2013 standard just released. A guide written expressly for the executive who needs to get quickly up to speed on the specifics of the new COSO framework and how it's changed from the previous version, Executive's Guide to COSO Internal Controls examines the components of the new COSO 2013 ...

See more details below
Other sellers (Hardcover)
  • All (12) from $63.99   
  • New (10) from $63.99   
  • Used (2) from $72.35   



Every corporation filing its year-end financial reports must eventually be in compliance with the new COSO 2013 standard just released. A guide written expressly for the executive who needs to get quickly up to speed on the specifics of the new COSO framework and how it's changed from the previous version, Executive's Guide to COSO Internal Controls examines the components of the new COSO 2013 framework, ensuring that you put in place a practical, no-nonsense framework for identifying, planning, delivering, and implementing effective internal controls in your business.

Take a look inside for guidance on:

  • COSO 2013 Internal Controls and Components
  • COSO 2013 Reporting Objectives
  • COSO 2013 Legal, Regulatory. and Compliance Objectives
  • Internal Control Entity and Organizational Relationships
  • COSO 2013, Service Management, and Effective IT Controls
  • Cloud Computing, Virtualization, and Wireless Networks
  • Understanding and Using COBIT
  • ISO Internal Control and Risk Management Standards
  • COSO 2013 Internal Controls in the Boardroom
  • Implementing the Revised COSO 2013 Internal Control Framework

An enterprise at all levels needs to understand the new COSO framework and comply with it as part of its Sarbanes-Oxley attestation, following the required transition rules outlined in the book. Executive's Guide to IT Governance details every aspect of the newly revised COSO framework, giving business executives invaluable guidance on what they and their enterprises need to do to transition to compliance.

Read More Show Less

Product Details

  • ISBN-13: 9781118626412
  • Publisher: Wiley
  • Publication date: 12/31/2013
  • Series: Wiley Corporate F&A Series
  • Edition number: 1
  • Pages: 304
  • Sales rank: 820,425
  • Product dimensions: 7.30 (w) x 10.00 (h) x 1.30 (d)

Meet the Author

ROBERT R. MOELLER, CPA, CISA, CISSP, is an internal audit specialist and project manager with a strong understanding of information systems, corporate governance, and security. He has over twenty-five years of experience in internal auditing, ranging from launching new internal audit functions in several companies to serving as audit director for a Fortune 50 corporation. He held positions with Grant Thornton (National Director of Computer Auditing) and Sears Roebuck (Audit Director). He is the former president of the Institute of Internal Auditors' Chicago chapter and has served on the IIA's International Advanced Technology Committee. He is also the former chair of the AICPA's Computer Audit Subcommittee. Moeller has written six other books.

Read More Show Less

Table of Contents

Preface ix

Chapter 1: Importance of the COSO Internal Control Framework 1

The Importance of Enterprise Internal Controls 2

What Are Enterprise Internal Controls? 3

Understanding the COSO Internal Control Framework: How to Use This Book 4

Chapter 2: How We Got Here: Internal Control Background 5

Early Defi nitions of Internal Controls: Foreign Corrupt Practices Act of 1977 7

The FCPA and Internal Controls Today 8

Events Leading Up to the Treadway Commission 9

Earlier AICPA Auditing Standards: SAS Nos. 55 and 78 10

The Treadway Committee Report 11

The Original COSO Internal Control Framework 12

The Sarbanes-Oxley Act and Internal Accounting Controls 15

Notes 28

Chapter 3: COSO Internal Controls: The New Revised Framework 29

Understanding Internal Controls 30

Revised Framework Business and Operating Environment Changes 32

The Revised COSO Internal Control Framework 35

COSO Internal Control Principles 37

COSO Objectives and Business Operations 38

Sources for More Information 40

Chapter 4: COSO Internal Control Components: Control Environment 41

Importance of the Control Environment 41

Control Environment Principle 1: Integrity and Ethical Values 43

Control Environment Principle 2: Role of the Board of Directors 48

Control Environment Principle 3: The Need for Authority and Responsibility 49

Control Environment Principle 4: Human Resource Strengths 51

Control Environment Principle 5: Individual Internal Control Responsibilities 54

COSO Control Environment in Perspective 56

Chapter 5: COSO Internal Control Components: Risk Assessment 59

Risk Assessment Component Principles 60

Risk Identification and Analysis 62

Risk Response Strategies 66

Fraud Risk Analysis 69

COSO Risk Assessment and the Revised Internal Control Framework 70

Notes 71

Chapter 6: COSO Internal Control Components: Control Activities 73

COSO Control Activity Principles 74

COSO Control Activities Today 85

Chapter 7: COSO Internal Control Components: Information and Communication 87

Information and Communications: What Has Changed? 87

Information and Communication Principle 1: Use of Relevant Information 89

Information and Communication Principle 2: Internal Communications 96

Information and Communication Principle 3: External Communications 100

The Importance of COSO Information and Communication 102

Notes 103

Chapter 8: COSO Internal Control Components: Monitoring Activities 105

Importance of COSO Monitoring Internal Control Activities 106

COSO Monitoring Principle 1: Conduct Ongoing and Separate Evaluations 108

COSO Monitoring Principle 2: Evaluate and Communicate Deficiencies 112

COSO Internal Control Monitoring in Perspective 115

Note 115

Chapter 9: COSO Internal Control GRC Operations Controls 117

COSO Operations Objectives 117

Planning and Budgeting Operations Controls 119

IT Systems Operations Controls 123

Operations Procedure Controls and Service Catalogs 133

Importance of COSO Operations Controls 135

Note 135

Chapter 10: COSO Reporting Processes 137

COSO Reporting Objectives 137

COSO External Financial Reporting Controls 139

COSO Internal Financial Reporting Controls 141

COSO External Nonfinancial Reporting Controls 149

COSO Internal Nonfinancial Reporting Controls 149

Importance of COSO Reporting Controls 150

Note 151

Chapter 11: COSO Legal, Regulatory, and Compliance Objectives 153

Importance of Enterprise Compliance Controls 153

Regulatory Compliance Control Issues 155

Internal Controls and Legal Issues 157

Compliance with Professional and Other Standards 158

Chapter 12: Internal Control Entity and Organizational GRC Relationships 161

Internal Controls from an Organizational GRC Perspective 161

Enterprise Governance Overall Concepts 163

Business Entity–Level Internal Controls 167

Divisional and Functional Unit Internal Controls 175

Department- and Unit-Level Internal Controls 178

Organization and GRC Controls in Perspective 179

Note 179

Chapter 13: COSO, Service Management, and Effective IT Controls 181

Importance of IT General Controls 181

IT Governance General Controls 183

IT Management General Controls 184

Client-Server and Smaller Systems General IT Controls 188

ITIL Service Management Best Practices 191

Service Delivery Best Practices 200

Notes 201

Chapter 14: Cloud Computing, Virtualization, and Wireless Networks 203

Internal Controls for IT Wireless Networks 204

Cloud Computing and COSO Internal Controls 208

Storage Management Virtualization 214

COSO Internal Controls and Newer Technologies 215

Note 215

Chapter 15: Another Framework: COSO ERM 217

ERM Definitions and the ERM Portfolio View of Risk 218

The COSO ERM Framework Model 222

Other Dimensions of the ERM Framework 239

COSO ERM and the Revised Internal Control Framework 240

Notes 241

Chapter 16: Understanding and Using COBIT 243

An Executive’s Introduction to COBIT 244

Using COBIT to Assess Enterprise Internal Controls 252

Mapping COBIT to COSO Internal Controls 256

Notes 257

Chapter 17: ISO Internal Control and Risk Management Standards 259

Background and Importance of ISO Standards in a Global Commerce World 259

ISO Standards Overview 262

ISO Standards and the COSO Internal Control Framework 269

Notes 270

Chapter 18: COSO Internal Controls in the Board Room 271

Board Decisions and Internal Control Processes 272

Board Organization and Governance Rules 275

Corporate Charters and the Board Committee Structure 276

The Audit Committee and Managing Internal Controls 279

Board Member Internal Control Knowledge Requirements 281

COSO Internal Controls and Corporate Governance 282

Notes 283

Chapter 19: Service Organization Control Reports and COSO

Internal Controls 285

Importance of Service Organization Internal Controls 286

Early Steps to Gain Assurance: SAS 70 287

Service Organization Control (SOC) Reports 288

Right-to-Audit Clauses 290

Internal Control Limitations 292

Chapter 20: Implementing the Revised COSO Internal Control Framework 293

Understanding What Is New in the 2013 Framework 293

Transitioning to the New COSO Guidance 295

Steps to Begin Implementing the New COSO Internal Control Framework 296

Index 297

Read More Show Less

Customer Reviews

Be the first to write a review
( 0 )
Rating Distribution

5 Star


4 Star


3 Star


2 Star


1 Star


Your Rating:

Your Name: Create a Pen Name or

Barnes & Noble.com Review Rules

Our reader reviews allow you to share your comments on titles you liked, or didn't, with others. By submitting an online review, you are representing to Barnes & Noble.com that all information contained in your review is original and accurate in all respects, and that the submission of such content by you and the posting of such content by Barnes & Noble.com does not and will not violate the rights of any third party. Please follow the rules below to help ensure that your review can be posted.

Reviews by Our Customers Under the Age of 13

We highly value and respect everyone's opinion concerning the titles we offer. However, we cannot allow persons under the age of 13 to have accounts at BN.com or to post customer reviews. Please see our Terms of Use for more details.

What to exclude from your review:

Please do not write about reviews, commentary, or information posted on the product page. If you see any errors in the information on the product page, please send us an email.

Reviews should not contain any of the following:

  • - HTML tags, profanity, obscenities, vulgarities, or comments that defame anyone
  • - Time-sensitive information such as tour dates, signings, lectures, etc.
  • - Single-word reviews. Other people will read your review to discover why you liked or didn't like the title. Be descriptive.
  • - Comments focusing on the author or that may ruin the ending for others
  • - Phone numbers, addresses, URLs
  • - Pricing and availability information or alternative ordering information
  • - Advertisements or commercial solicitation


  • - By submitting a review, you grant to Barnes & Noble.com and its sublicensees the royalty-free, perpetual, irrevocable right and license to use the review in accordance with the Barnes & Noble.com Terms of Use.
  • - Barnes & Noble.com reserves the right not to post any review -- particularly those that do not follow the terms and conditions of these Rules. Barnes & Noble.com also reserves the right to remove any review at any time without notice.
  • - See Terms of Use for other conditions and disclaimers.
Search for Products You'd Like to Recommend

Recommend other products that relate to your review. Just search for them below and share!

Create a Pen Name

Your Pen Name is your unique identity on BN.com. It will appear on the reviews you write and other website activities. Your Pen Name cannot be edited, changed or deleted once submitted.

Your Pen Name can be any combination of alphanumeric characters (plus - and _), and must be at least two characters long.

Continue Anonymously

    If you find inappropriate content, please report it to Barnes & Noble
    Why is this product inappropriate?
    Comments (optional)