COSO Fraud Risk Management Guide Executive Summary

Download as pdf or txt
Download as pdf or txt
You are on page 1of 13
At a glance
Powered by AI
The document discusses establishing an effective fraud risk management program and provides guidance on assessing and managing fraud risks.

The document provides guidance for organizations on how to design and implement a fraud risk management program that meets their needs and reduces the risk of fraud.

The document discusses that an effective fraud risk management program should have 5 key components: governance and tone at the top, fraud risk assessment, fraud risk response, control activities, and communication and monitoring.

Risk Management Guide

EXECUTIVE SUMMARY

Committee of Sponsoring
Organizations of the
Treadway Commission
B | Fraud Risk Management Guide - Executive Summary | COSO/ACFE

Principal Authors
David L. Cotton, CPA, CFE, CGFM
Chairman, Cotton & Company LLP

Sandra Johnigan, CPA/CFF, CFE


Owner, Johnigan, P.C.

Leslye Givarz, CPA


Technical Editor, Public Company Accounting Oversight Board (Retired)

Acknowledgements
COSO and ACFE thank each of the Fraud Risk Management Task Force and Advisory Panel
members (see Page vii) for their generous contributions of time, resources and knowledge.

In particular, COSO and ACFE gratefully acknowledge David L. Cotton,


Chair of the Fraud Risk Management Task Force, for his outstanding leadership
and efforts toward the completion of this guide.

COSO Board Members


Robert B. Hirth, Jr. Mitchell A. Danaher, CMA
COSO Chair Financial Executives International

Douglas F. Prawitt, Ph.D., CPA Sandra Richtermeyer, Ph.D., CMA, CPA


American Accounting Association Institute of Management Accountants

Charles Landes, CPA Richard F. Chambers, CIA, QIAL, CGAP, CCSA, CRMA
American Institute of CPAs (AICPA) The Institute of Internal Auditors

Preface
This project was commissioned by the Committee of Sponsoring Organizations of the Treadway Commission
(COSO), which is dedicated to providing thought leadership through the development of comprehensive
frameworks and guidance on enterprise risk management, internal control, and fraud deterrence designed to
improve organizational performance and governance and to reduce the extent of fraud in organizations.
COSO is a private-sector initiative jointly sponsored and funded by the following organizations:

American Accounting Association (AAA) The Institute of Management Accountants (IMA)


aaahq.org imanet.org

American Instituteof CPAs (AICPA) The Institute of Internal Auditors (IIA)


aicpa.org theiia.org

Financial Executives International (FEI)


financialexecutives.org

coso.org
Risk Management Guide
EXECUTIVE SUMMARY

September, 201 6
Research Commissioned by

Committee of Sponsoring
Organizations of the
Treadway Commission

coso.org
COSO/ACFE | Fraud Risk Management Guide | v

Foreword

In 1992 the Committee of Sponsoring Organizations of the For organizations desiring to establish a more comprehensive
Treadway Commission (COSO) released its Internal Control approach to managing fraud risk, this guide includes more
— Integrated Framework (the original framework). The than just the information needed to perform a fraud risk
original framework has gained broad acceptance and assessment. It also includes guidance on establishing an
is widely used around the world. It is recognized as a overall Fraud Risk Management Program including:
leading framework for designing, implementing, and
conducting internal control and assessing the • Establishing fraud risk governance policies
effectiveness of internal control.
• Performing a fraud risk assessment
COSO revised the original framework in 2013 (2013
framework). The 2013 framework incorporates 17 principles.1 • Designing and deploying fraud preventive and detective
These 17 principles are associated with the five internal control activities
control components, and provide clarity for the user in
designing and implementing systems of internal control and • Conducting investigations, and
for understanding requirements for effective internal control.
COSO makes clear that for a system of internal control to be • Monitoring and evaluating the total fraud risk
effective, each of the 17 principles is present, functioning, management program
and operating together in an integrated manner.
This guide is designed to be familiar to COSO Framework
users. It contains principles and points of focus.2 This guide’s
five principles are consistent with the five COSO Internal
Principle 8, one of the risk assessment Control Components3 and the 17 COSO principles.
component principles, states:
The organization considers the potential This guide draws from and updates a 2008 product
for fraud in assessing risks to the published and sponsored by the American Institute of
achievement of objectives. CPAs (AICPA), Institute of Internal Auditors (IIA), and
Association of Certified Fraud Examiners (ACFE). This
prior publication, Managing the Business Risk of Fraud: A
Practical Guide, contained similar guidance for establishing
This publication, Fraud Risk Management Guide (guide), is a comprehensive Fraud Risk Management Program and
intended to be supportive of and consistent with the 2013 has been used by many organizations to manage fraud risk.
Framework and can serve as best practices guidance for COSO is appreciative of the work done by the task force
organizations to follow in addressing this new fraud risk that produced this prior publication. This new guide builds
assessment principle. on that previous product by updating it for more recent
developments, revising terminology to be consistent with
newer COSO terminology, and adding important information
related to technology developments — specifically
data analytics.

1
Per the 2013 COSO Framework, relevant principles “represent fundamental concepts associated with components” of internal control.
2
Per the 2013 COSO Framework, points of focus are “important characteristics of principles.”
3
Per the 2013 COSO Framework, a component is “one of five elements of internal control. The internal control components are the Control
Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring Activities.”

coso.org
vi | Fraud Risk Management Guide | COSO/ACFE

The guide’s executive summary provides a high-level COSO has also published Enterprise Risk Management
overview intended for the board of directors and senior — Integrated Framework (ERM Framework). This guide,
management and is designed to explain the benefits of the 2013 COSO Framework, and the ERM Framework, are
establishing strong anti-fraud policies and controls. The intended to be complementary. Depending on how an
guide’s appendices contain valuable templates, samples, organization implements the Internal Control Framework, the
examples, and tools to assist users in implementing the ERM Framework, and this guide, there may be overlapping
guide’s best practices. and interconnecting areas. Fraud risk can affect areas
beyond accounting and financial management activities.
In addition, the guide contains hyperlinks to several valuable Indeed, an organization seeking to minimize the adverse
automated tools and templates that can be used to make impacts of fraud needs to consider fraud risk in all areas of
implementation and documentation of a comprehensive the enterprise and its operations.
Fraud Risk Management Program more effective.
The COSO Board would like to thank members of the
Task Force that developed this guide, the Advisory Panel
that reviewed drafts of the guide and provided valuable
feedback, and the COSO Advisory Council for their
contributions in reviewing the guide.

Finally, the COSO Board gratefully acknowledges David


L. Cotton, Chair of the Task Force, for his outstanding
leadership and efforts toward the completion of this guide.

Robert B. Hirth, Jr.


COSO Chair

James D. Ratley
ACFE President and CEO

coso.org
COSO/ACFE | Fraud Risk Management Guide | vii

Fraud Risk Management Task Force


Barbara Andrews Bert Edwards Bill Leone Jeffrey Steinhoff
AICPA Formerly State Department Norton Rose Fulbright KPMG

Michael Birdsall Frank Faist Andi McNeal William Titera


Comcast Corporation Charter Communications ACFE Formerly EY

Toby Bishop Eric Feldman Linda Miller Michael Ueltzen


Formerly ACFE, Deloitte Affiliated Monitors, Inc. GAO Ueltzen & Company

Margot Cella Dan George Kemi Olateju Pamela Verick


Center for Audit Quality USAC General Electric Protiviti

David Coderre John D. Gill Chris Pembroke Vincent Walden


CAATS ACFE Crawford & Associates, PC EY

David L. Cotton, Chair Leslye Givarz J. Michael Peppers Bill Warren


Cotton & Company LLP Formerly AICPA, PCAOB University of Texas PwC

James Dalkin Cindi Hook Kelly Richmond Pope Richard Woodford


GAO Comcast Corporation DePaul University U.S. Coast Guard
Investigative Service
Ron Durkin Sandra K. Johnigan Carolyn Devine Saint
Durkin Forensic, Inc. Johnigan, PC University of Virginia

Fraud Risk Management Advisory Panel


Dan Amiram Michael Justus
Columbia University Business School University of Nebraska

Zahn Bozanic Theresa Nellis-Matson


The Ohio State University New York Office of the State Comptroller

Greg Brush Jennifer Paperman


Tennessee Comptroller of Treasury New York Office of the State Comptroller

Tamia Buckingham Daniel Rossi


Massachusetts School Building Authority New York Office of the State Comptroller

Ashley L. Comer Lynda Harbold Schwartz


James Madison University Upland Advisory LLC

Molly Dawson Rosie Tomforde


Cotton & Company LLP Regional Government

Eric Eisenstein
Cotton & Company LLP

The COSO Board gratefully acknowledges David L. Cotton, Chair of the Fraud Risk Management Task Force, for his
outstanding leadership and efforts toward the completion of this guide.

coso.org
viii | Fraud Risk Management Guide | COSO/ACFE

Executive Summary | Fraud Risk Management

Fraud is any intentional act or omission designed to deceive others, resulting in the
victim suffering a loss and/or the perpetrator achieving a gain.4

All organizations are subject to fraud risks. It is impossible • Includes a thorough fraud risk assessment periodically
to eliminate all fraud in all organizations. However,
implementation of the principles in this guide will maximize the • Designs, implements, and maintains preventive and
likelihood that fraud will be prevented or detected in a timely detective fraud control processes and procedures
manner and will create a strong fraud deterrence effect.
• Takes swift action in response to allegations of fraud,
The board of directors5 and top management and personnel including, where appropriate, actions against those
at all levels of the organization — including every level involved in wrongdoing
of management, staff, and internal auditors — have
responsibility for managing fraud risk. Particularly, they are This guide provides implementation guidance that defines
expected to understand how the organization is responding principles and points of focus6 for fraud risk management
to heightened risks and regulations, as well as public and and describes how organizations of various sizes and types
stakeholder scrutiny; what form of Fraud Risk Management can establish their own Fraud Risk Management Programs.
Program the organization has in place; how it identifies The guide includes examples of key program components
fraud risks; what it is doing to better prevent fraud, or at and resources that organizations can use as a starting
least detect it sooner; and what process is in place to place to develop a Fraud Risk Management Program
investigate fraud and take corrective action. This Fraud Risk effectively and efficiently. In addition, the guide contains
Management Guide (guide) is designed to help address references to other sources of guidance to allow for
these complex issues. tailoring a Fraud Risk Management Program to a particular
industry or to government or not-for-profit organizations.
This guide recommends ways in which governing boards, Each organization needs to assess the degree of emphasis
senior management, staff at all levels, and internal auditors to place on fraud risk management based on its size and
can deter fraud in their organization. Fraud deterrence is a circumstances.
process of eliminating factors that may cause fraud to occur.
Deterrence is achieved when an organization implements a The guide also contains valuable information for users who
fraud risk management process that: are implementing a fraud risk management process. For
example, it addresses fraud risk management roles and
• Establishes a visible and rigorous fraud governance responsibilities, fraud risk management considerations for
process smaller organizations, data analytics employed as a part
of fraud risk management, and managing fraud risk in the
• Creates a transparent and sound anti-fraud culture government environment.

4
For purposes of this guide, the authors developed this practical definition. The authors recognize that many other definitions of fraud exist,
including those developed by the Auditing Standards Board of the American Institute of Certified Public Accountants, the Public Company
Accounting Oversight Board, and the Government Accountability Office.
5
Throughout this guide, the terms board and board of directors refer to the governing or oversight body or those charged with governance of
the organization.
6
Per COSO’s Internal Control — Integrated Framework (May 2013) (2013 COSO Framework), Relevant Principles represent fundamental
concepts associated with components of internal control. Points of Focus are important characteristics of principles.

coso.org
COSO/ACFE | Fraud Risk Management Guide | ix

Relationship Between the 2013 COSO Framework’s Five Components


and 17 Internal Control Principles and this Guide’s Five Fraud Risk
Management Principles
COSO revised its 1992 Internal Control — Integrated Framework in 2013 to incorporate 17 principles. These 17 principles
are associated with the five internal control components COSO established in 1992. This guide’s five fraud risk management
principles fully support, are entirely consistent with, and parallel the 2013 COSO Framework’s 17 internal control principles.7
The correlation between the fraud risk management principles and the 2013 COSO Framework’s internal control components
and principles is as follows:
COSO Framework Components and Principles Fraud Risk Management Principles

1. The organization demonstrates a commitment to integrity and ethical values.

2. The board of directors demonstrates independence from management and


exercises oversight of the development and performance of internal control.
1. The organization establishes and communicates a
Environment

Fraud Risk Management Program that demonstrates


Control

3. Management establishes, with board oversight, structures, reporting lines, the expectations of the board of directors and senior
and appropriate authorities and responsibilities in the pursuit of objectives. management and their commitment to high integrity
and ethical values regarding managing fraud risk.
4. The organization demonstrates a commitment to attract, develop, and retain
competent individuals in alignment with objectives.

5. The organization holds individuals accountable for their internal control


responsibilities in the pursuit of objectives.

6. The organization specifies objectives with sufficient clarity to enable the


identification and assessment of risks relating to objectives.

7. The organization identifies risks to the achievement of its objectives


Assessment

across the entity and analyzes risks as a basis for determining how the 2. The organization performs comprehensive fraud
risks should be managed. risk assessments to identify specific fraud schemes
Risk

and risks, assess their likelihood and significance,


8. The organization considers the potential for fraud in assessing risks to the evaluate existing fraud control activities, and
achievement of objectives. implement actions to mitigate residual fraud risks.

9. The organization identifies and assesses changes that could significantly


impact the system of internal control.

10. The organization selects and develops control activities that contribute to the
mitigation of risks to the achievement of objectives to acceptable levels.
Activities

3. The organization selects, develops, and deploys


Control

11. The organization selects and develops general control activities over preventive and detective fraud control activities to
technology to support the achievement of objectives. mitigate the risk of fraud events occurring or not
being detected in a timely manner.
12. The organization deploys control activities through policies that establish
what is expected and procedures that put policies into action.

13. The organization obtains or generates and uses relevant, quality information
to support the functioning of other components of internal control.
Communication
Information &

4. The organization establishes a communication


14. The organization internally communicates information, including process to obtain information about potential fraud
objectives and responsibilities for internal control, necessary to support and deploys a coordinated approach to investigation
the functioning of internal control. and corrective action to address fraud appropriately
and in a timely manner.
15. The organization communicates with external parties regarding matters
affecting the functioning of other components of internal control.

16. The organization selects, develops, and performs ongoing and/or 5. The organization selects, develops, and performs
separate evaluations to ascertain whether the components of internal ongoing evaluations to ascertain whether each
Monitoring
Activities

control are present and functioning. of the five principles of fraud risk management is
present and functioning and communicates Fraud
17. The organization evaluates and communicates internal control Risk Management Program deficiencies in a timely
deficiencies in a timely manner to those parties responsible for taking manner to parties responsible for taking corrective
corrective action, including senior management and the board of action, including senior management and the board
directors, as appropriate. of directors.

7
The 2013 COSO Framework’s 17 internal control principles have been adopted by the U.S. federal government in the Standards for Internal
Controls in the Federal Government, issued by the Comptroller General of the United States. The Federal Managers’ Financial Integrity Act of
1982 requires federal agencies to follow the Comptroller General’s standards. In addition, the Government Accountability Office (GAO) has
issued a Framework for Managing Fraud Risks in Federal Programs, which was developed based on leading practices as a tool for federal
agencies to use in developing Fraud Risk Management Programs. [See gao.gov/assets/680/671664.pdf.]

coso.org
x | Fraud Risk Management Guide | COSO/ACFE

The most obvious correlation between these two sets fraud schemes and risks, assess their likelihood and
of principles is 2013 COSO Framework principle 8 (The significance, evaluate existing fraud control activities,
organization considers the potential for fraud in assessing and implement actions to mitigate residual fraud risks). In
risks for the achievement of objectives) and fraud risk addition, as the above exhibit displays, all of the 2013 COSO
management principle 2 (The organization performs Framework and fraud risk management principles correlate
comprehensive fraud risk assessments to identify specific and support each other.

Summary of Fraud Risk Management Components and Principles


Fraud Risk Governance
Fraud risk governance is an integral component of corporate reporting, and legal responsibilities to stakeholders.
governance and the internal control environment. Corporate The internal control environment creates the discipline
governance addresses the manner in which the board of that supports the assessment of risks to the achievement
directors and management meet their respective obligations of the organization’s goals.
to achieve the organization’s goals, including its fiduciary,

Control
Principle
1 The organization establishes and communicates a Fraud Risk
Management Program that demonstrates the expectations of the
board of directors and senior management and their commitment to
high integrity and ethical values regarding managing fraud risk.
Environment

Fraud Risk Assessment


A fraud risk assessment is a dynamic and iterative process corruption). Organizations can tailor this approach to
for identifying and assessing fraud risks relevant to the meet their individual needs, complexities, and goals. Fraud
organization. Fraud risk assessment addresses the risk risk assessment is not only an integral component of risk
of fraudulent financial reporting, fraudulent non-financial assessment and internal control, it also is specifically linked
reporting, asset misappropriation, and illegal acts (including to 2013 COSO Framework principle 8.

Risk
Assessment
Principle
2 The organization performs comprehensive fraud risk assessments
to identify specific fraud schemes and risks, assess their likelihood
and significance, evaluate existing fraud control activities, and
implement actions to mitigate residual fraud risks.

coso.org
COSO/ACFE | Fraud Risk Management Guide | xi

Fraud Control Activity


A fraud control activity is an action established after the initial processing has occurred). The selection,
through policies and procedures that helps ensure that development, implementation, and monitoring of fraud
management’s directives to mitigate fraud risks are carried preventive and fraud detective control activities are crucial
out. A fraud control activity is a specific procedure or elements of managing fraud risk. Fraud control activities
process intended either to prevent fraud from occurring or are documented with descriptions of the identified fraud
to detect fraud quickly in the event that it occurs. risk and scheme, the fraud control activity that is designed
to mitigate the fraud risk, and the identification of those
Fraud control activities are generally classified as either responsible for the fraud control activity. Fraud control
preventive (designed to avoid a fraudulent event or activities are integral to the ongoing fraud risk assessment
transaction at the time of initial occurrence) or detective component of internal control.
(designed to discover a fraudulent event or transaction

Control
Activities
Principle
3 The organization selects, develops, and deploys
preventive and detective fraud control activities to
mitigate the risk of fraud events occurring or not being
detected in a timely manner.

Fraud Investigation and Corrective Action


Control activities cannot provide absolute assurance against and allegations involving fraud and misconduct. An
fraud. As a result, the organization’s governing board organization can improve its chances of loss recovery, while
ensures that the organization develops and implements minimizing exposure to litigation and damage to reputation,
a system for prompt, competent, and confidential review, by establishing and carefully preplanning investigation and
investigation, and resolution of instances of non-compliance corrective action processes.

Information &
Communication
Principle
4 The organization establishes a communication process to obtain
information about potential fraud and deploys a coordinated
approach to investigation and corrective action to address fraud
appropriately and in a timely manner.

Fraud Risk Management Monitoring Activities


The fifth fraud risk management principle relates to monitoring the fraud monitoring activities. Similar to the 2013
the overall fraud risk management process. Organizations COSO Framework, ongoing evaluations in a Fraud Risk
use fraud risk management monitoring activities to ensure Management Program that are built into the organization’s
that each of the five principles of fraud risk management is business processes at varying levels provide timely
present and functioning as designed and that the organization information. In contrast, organizations conduct separate
identifies needed changes in a timely manner. evaluations periodically that vary in scope and timing based
on numerous factors, including the results of ongoing
Organizations use ongoing and separate (periodic) evaluations.
evaluations, or some combination of the two, to perform

Monitoring
Principle
5 The organization selects, develops, and performs ongoing evaluations to
ascertain whether each of the five principles of fraud risk management is
present and functioning and communicates Fraud Risk Management Program
deficiencies in a timely manner to parties responsible for taking corrective
Activities
action, including senior management and the board of directors.

coso.org
xii | Fraud Risk Management Guide | COSO/ACFE

Effective Fraud Risk Management

The 2013 COSO Framework clarifies that for a system of internal control to be effective, each of its 17 principles is present,
functioning, and operating in an integrated manner.

Principle 8, one of the risk assessment


component principles, states:
The organization considers the potential
for fraud in assessing risks to the
achievement of objectives.

This guide is intended to be supportive of and consistent with the 2013 COSO Framework and can serve as best practices
guidance for organizations to follow in performing a fraud risk assessment.

Recommended Use of the Fraud Risk Management Guide


The guide is designed for use by any organization regardless This guide’s authors recommend that organizations
of its status as public, private, government, academic, or implementing the 2013 COSO Framework implement this
not-for-profit; its relative size; or its industry. Obviously, guide as a separate, compatible, and more comprehensive
each specific implementing organization will adapt these process for specifically assessing the organization’s fraud
fraud risk management principles. In particular, smaller risk as part of a broader Fraud Risk Management Program
organizations and owner-managed organizations without or process. That approach, in addition to the fraud risk
governing boards can adapt the guide to their particular assessment, also encompasses fraud risk governance,
circumstances. Governments have much different designing and implementing fraud control activities,
governance structures, with elected officials, branches of fraud investigation and corrective action, and fraud risk
government, and high-level political appointees. management evaluation and monitoring. Once the guide is
implemented, its results will support and will be consistent
The terms identified in these chapters are generic and are with the overall 2013 COSO Framework.
adaptable to the implementing organization. For example,
and as noted previously, the guide uses the terms “board”
or “governing board” to refer to the body exercising overall
management oversight and organizational governance,
regardless of what such a body is called within a
particular organization.

coso.org
COSO/ACFE | Fraud Risk Management Guide | xiii

This rigorous approach results in an ongoing, comprehensive fraud risk management process as follows:

Figure 1. Ongoing, Comprehensive Fraud Risk Management Process

Establish a fraud
risk management
policy as part of
organizational
governance

Monitor the fraud risk Perform a


management process, comprehensive
report results and fraud risk
improve the process assessment

Establish a fraud Select, develop and


reporting process and deploy preventive
coordinated approach and detective fraud
to investigation and control activities
corrective action

This comprehensive approach recognizes and emphasizes Implementing a specific and more focused fraud risk
the fundamental difference between internal control assessment as a separate fraud risk management process
weaknesses resulting in errors and weaknesses resulting in provides greater assurance that the assessment’s focus
fraud. This fundamental difference is intent. An organization remains on intentional acts.
that simply adds the fraud risk assessment to the existing
internal control assessment may not thoroughly examine The comprehensive approach is also likely to result in
and identify possibilities for intentional acts designed to: a more robust and comprehensive assessment of fraud
risk. It also provides the additional structure needed for
• Misstate financial information comprehensive fraud risk management. If organizations use
the more simplified approach (just performing the fraud risk
• Misstate non-financial information assessment), they can combine those results with the 2013
COSO Framework’s results to yield more robust prevention
• Misappropriate assets and detection mechanisms.

• Perpetrate illegal acts or corruption

coso.org
xiv | Fraud Risk Management Guide | COSO/ACFE

Use by Interested Parties

Board of Directors and Audit Committee Internal Audit


A well-performing and engaged board discusses with Internal auditors review their internal audit plans and how
senior management the state of the entity’s Fraud Risk the plans are applied to the entity’s Fraud Risk Management
Management Program and provides oversight as needed. Programs in connection with implementation of this
Senior management has overall responsibility for the guidance. Internal auditors will review this guide and
design and implementation of a Fraud Risk Management consider possible implications of changes to the entity’s
Program, including setting the tone at the top that creates fraud risk program on audit plans, evaluations, and any
the culture for the entire organization. The board establishes reporting on the entity’s fraud risk management and system
policies and procedures explaining how the board provides of internal control.
oversight, including defining expectations about integrity
and ethical values, transparency, and accountability Independent Auditors
for the implementation and operation of the Fraud Risk In many situations, an independent auditor is engaged to
Management Program. Senior management informs the audit or examine the effectiveness of the client’s internal
board of the residual risks of fraud from its fraud risk control over financial reporting in addition to auditing the
assessments, as well as any incidents of fraud or suspected entity’s financial statements. The 2013 COSO Framework
fraud. The board challenges management and asks the introduced principle 8: the organization considers the
tough questions, as necessary. It seeks input from internal potential for fraud in assessing risks to the achievement of
auditors, independent auditors, external reviewers, and objectives. Auditors can assess the entity’s implementation
legal counsel and utilizes these resources as needed to of that principle using this guide.
investigate any issues.
Other Professional Organizations
Senior Management Other professional organizations providing guidance
Senior management assesses the entity’s Fraud Risk on fraud risk as it relates to operations, reporting, and
Management Program in relation to this Fraud Risk compliance may consider their standards and guidance in
Management Guide, focusing on how the organization comparison to the guide. To the extent diversity in concepts
applies the five principles in support of its Fraud Risk and terminology is eliminated, all parties benefit.
Management Program. Further, they assess the entity’s
fraud risk in compliance with principle 8 of the 2013 COSO Educators
Framework. With the presumption that the guide attains broad
acceptance, its concepts and terms will find their way into
Other Management and Personnel university curricula.
Managers and other personnel consider how they are
conducting their responsibilities in light of this guide and
discuss with more senior personnel ideas for strengthening
fraud risk controls. More specifically, they consider how
existing controls affect the relevant principles within the five
components of fraud risk management, as well as principle 8
of the 2013 COSO Framework.

coso.org

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy