Using your own organization or an organization with which you are familiar, develop a report in which you outline a plan to implement enterprise risk management based on the Committee of Sponsoring Organizations of the Treadway Commission (COSO) recommendations.
Corporate Compliance Report
With recent incidents of fraud and inside trading, the business world has gained renewed interest and emphasis on corporate governance and regulatory compliance. Organizations have taken more serious measures to establish enterprise risk management plans to avert, identify, and manage risks and exposures. Recent corporate scandals such as those of Enron, WorldCom, and even with Martha Stewart, tougher governance standards are set in place to minimize errors and loss through proactive measures.
This paper will attempt to educate the readers on the importance of internal controls and submit a proposal to minimize enterprise risks by applying the principles or recommendations of the Committee of Sponsoring Organization of the Treadway Commission (COSO). Furthermore, this paper will discuss the relations of Sarbanes-Oxley with the COSO initiative.
Overview of COSO
In 1985 five professional accounting organizations came together to discuss the growing problem of fraudulent financial reporting and the need to reduce, if not eliminate, this deceitful and illegal act. The American Institute of Certified Public Accountants (AICPA), American Accounting Association (AAA), Financial Executives Institute (FEI), The Institute of Management Accountants (IMA), and The Institute of Internal Auditors (IIA) agreed to form an organization that will establish definitions, criteria and standards for internal control for companies and organizations so that fraudulent financial reporting can be minimized or completely eliminated. The collaborative effort of these five organizations is now known as the Committee of Sponsoring Organizations of the Treadway Commission (COSO or Committee). COSO is a private-sector initiative funded and sponsored by these five professional organizations.
The Committee conducted an eleven-year research study to analyze instances of fraudulent financial reporting and determine contributing factors that lead to financial statement fraud (COSO, 2006). This research would help the Committee and other organizations to combat the serious problem of financial fraud. Out of 300 available organizations, the Committee randomly selected 200 companies for final and intensive evaluation. According to COSO's (2006) website, the research showed "the average financial statement misstatement or misappropriation of assets was $25 million and the median was $4.1 million while the average company had assets totaling $533 million, the median company had total assets of only $16 million." Moreover, the Committee's research showed that key organizational leaders such as the chief executive officer (CEO) and chief financial officer (CFO) were involved in the fraud. In fact according to COSO's study, the CEOs were involved in 72% of the cases and the CFOs were involved in 43% of the fraudulent incidents. The research showed that in an astonishing 83% of the cases, either or both CEO and CFO were involved with financial statement fraud. Controllers, chief operating officers (COO), and other key executives and board members were also found to be involved in these illegal acts.
In an effort to minimize or eliminate financial fraud, the Committee has created a framework or model for describing and analyzing internal controls implement by organizations. This framework consist of five key and interrelated components namely control environment, risk assessment, control activities, information and communication and monitoring (Hubbard, Roth, and Espersen, 2002). By understanding and applying these five critical components, the board of directors and/or senior management can design better internal controls for their organizations. Additionally, by establishing internal controls organizations are able to comply with the mandates of Sarbanes-Oxley Act of 2002 (SOX). There are several provisions within SOX but Section 404 stands out because it specifically relates the effectiveness of internal controls. Section 404 creates an accountability on the part of corporate officers and board of directors on the accuracy of its financial statements as well as the evaluation of internal controls. Additionally, Section 404 makes officers and board members responsible for processes for financial disclosures, liabilities, and weaknesses of the internal controls. In order to comply to SOX, organizations must successfully show documentations and evaluations proving that their financial reporting processes are accurate, operating effectively, and are closely monitored. General Master's (2006) website states that "the Security and Exchange Commission (SEC) rule-making for Sarbanes-Oxley Section 404 mandated that a company's internal control over financial reporting should be based upon a ...
Organizations of today must take proactive approach in enterprise risk management not only to comply with federal and state mandates, specifically the Sarbanes-Oxley Act of 2002, but to also avert any incidents of fraud, inside trading, and other illegal acts within the organization. Organizations must establish measures and/or internal controls to prevent, identify, and management risks, exposures and incidents. The continued commitment and dedication of all stakeholders are necessary for the success of the enterprise risk management plan. This corporate compliance paper is approximately 2500 words with seven references.