slide1 n.
Skip this Video
Download Presentation
Chicagoland IASA Spring Conference

Loading in 2 Seconds...

play fullscreen
1 / 28

Chicagoland IASA Spring Conference - PowerPoint PPT Presentation

  • Uploaded on

Chicagoland IASA Spring Conference. CNA Insurance 2013 COSO Framework. April 17, 2014. Today’s Goals. The goals of today’s presentation are to help you better understand:

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Chicagoland IASA Spring Conference' - aurora-yates

Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Chicagoland IASA Spring Conference

CNA Insurance

2013 COSO Framework

April 17, 2014

today s goals
Today’s Goals

The goals of today’s presentation are to help you better understand:

  • The updates to the COSO Framework, including the 17 principles required to be in placeand functioning within the 5 components of internal control
  • Key steps for transitioning to the new framework
  • Lessons learned from CNA’s adoption efforts
  • COSO Framework:
    • Overview & Background
    • 2013 Update
  • CNA’s Approach:
    • Project Plan
    • Initial Gap Analysis
    • Lessons Learned
  • Questions / Discussion
what is coso
What is COSO?
  • Committee of Sponsoring Organizations (COSO) of the Treadway Commission
  • Formed in 1985 to sponsor the National Commission on Fraudulent Financial Reporting (aka the Treadway Commission)
  • Joint initiative of five private sector organizations
    • American Accounting Association (AAA)
    • American Institute of Certified Public Accountants (AICPA)
    • Financial Executives International (FEI)
    • Institute of Management Accountants (IMA)
    • The Institute of Internal Auditors (IIA)
  • COSO established Framework over Internal Control (IC) in 1992

Source: COSO

1992 framework
1992 Framework

5 Components of Internal Control:

  • Control Environment- tone at the top; integrity and ethical values of the organization.
  • Risk Assessment- identifying and analyzing risks within the organization.
  • Control Activities- policies and procedures to mitigate risk.
  • Information & Communication- information required to carry out IC activities.
  • Monitoring Activities- on-going evaluation to assess IC.


Source: COSO

icfr attestation
ICFR Attestation
  • 1992 Framework is widely used today to comply with Section 404 of Sarbanes Oxley Act of 2002 in the certification of internal control over financial reporting.
what is changing
What is changing
  • Source: COSO
1992 vs 2013 framework
1992 vs. 2013 Framework

1992 Framework

2013 Framework

effective systems of internal control
Effective Systems of Internal Control

For effective internal control:

  • Each of the 5 components and 17 principles must be present and functioning.
    • Present is defined as “the determination that components and relevant principles exist in the design and implementation of the system of internal control to achieve specified objectives.”
    • Functioning is defined as “the determination that components and relevant principles continue to exist in the conduct of the system of internal control to achieve specified objectives.”
  • The five components must operate together in an integrated manner to reduce risk to an acceptable level.
points of focus
Points of Focus
  • For each principle COSO has identified points of focus to assist management in designing, implementing, and maintaining internal control.
  • The points of focus may (or may not) be relevant and there is no requirement to perform a separate evaluation. Presumption is for a sophisticated organization that most would be relevant.
coso aicpa reference materials
COSO/AICPA Reference Materials

Project deliverable #1 – Internal Control-Integrated Framework (2013 Edition)

  • Consists of three volumes:
    • Executive Summary
    • Framework and Appendices
    • Illustrative Tools for Assessing Effectiveness of a System of Internal Control
  • Sets out:
    • Definition of internal control
    • Categories of objectives
    • Components and principles of internal control
    • Requirements for effectiveness

Source: COSO

coso aicpa reference materials1
COSO/AICPA Reference Materials

Project deliverable #2 – Internal Control over External Financial Reporting: A Compendium....

  • Illustrates approaches and examples of how principles are applied in preparing financial statements
  • Considers changes in business and operating environments during past two decades
  • Provides examples from a variety of entities – public, private, not-for-profit, and government
  • Aligns with the updated framework

Source: COSO

  • Transition period ending December 15, 2014.
  • After which time COSO will consider the 1992 Framework to be superseded.
  • Any reporting between now and the end of the transition period should disclose which version of the Framework is being used.
cna s project plan1
CNA’s Project Plan
  • Step 1Develop Awareness, Expertise, and Alignment
  • Step 2Conduct Preliminary Impact Assessment
  • Step 3Facilitate Broad Awareness, Training, and Comprehensive Assessment
  • Step 4Develop and Execute COSO Transition Plan for SOX Compliance / Best Practice
  • Step 5Drive Continuous Improvement
step 1 develop awareness expertise and alignment

CNA’s Project Plan

Step 1Develop Awareness, Expertise, and Alignment
  • Gain senior leadership and board alignment and support
  • Build awareness and expertise
  • Educate management
  • Map principles to existing controls
  • Identify opportunities to expand applications of internal control
step 2 conduct initial analysis

CNA’s Project Plan

Step 2Conduct Initial Analysis
  • Evaluate the existing framework
  • Leverage the original mapping of components to controls
  • Identify key business owners
  • Identify COSO updates which may impact your framework
  • Identify gaps / opportunities for improvement
step 3 facilitate broad awareness training and comprehensive assessment

CNA’s Project Plan

Step 3Facilitate Broad Awareness, Training, and Comprehensive Assessment
  • Identify potential gaps and/or documentation enhancement opportunities
  • Engage business to enhance existing controls and/or add new controls to meet the update’s requirements
step 4 develop and execute coso transition plan for sox compliance

CNA’s Project Plan

Step 4Develop and Execute COSO Transition Plan for SOX Compliance
  • Phase 1: Formalize Framework (Documentation & Evaluation)
  • Phase 2: Validation: Business Acceptance and Auditor Acceptance
  • Phase 3: Establish Test Plan for 2014
  • Phase 4: Testing of 2014 Framework and External Review
step 5 drive continuous improvement

CNA’s Project Plan

Step 5Drive Continuous Improvement
  • There is a difference between an adequate and a best-in-class system of internal control
lessons learned
  • Limited Gaps
    • Refinement and Enhancement of Documentation
  • Non-SOX Participants
    • Education of IC and Attestation Process
    • Need Business to be Owners of the Process
  • No “Requirement” for Compliance and Operational Risks (Best Practice)
    • Financial Reporting Requirement from SOX