You are on page 1of 10

The COSO Financial Controls Framework: 1992 version

This page describes the original, 1992 COSO Financial Controls Framework. See also the
2004 Enterprise Risk Management (ERM) COSO Framework

The original COSO framework is outlined in a document: 1992 COSO Report: Internal
Control – An Integrated Framework.
This document identifies what the commission believed to be the fundamental and
essential objectives of any business or government entity:

• economy and efficiency of operations, including safeguarding of assets and
achievement of desired outcomes;
• reliability of financial and management reports; and
• compliance with laws and regulations.

Describes a unified approach for evaluation of the internal control systems that
management has designed to:

• provide reasonable assurance of achieving corporate mission, objectives, goals
and desired outcome,
• while adhering to laws and regulations
• allow the company to accurately report successes and outcomes to the public and
interested third parties.

• serves as a common basis for managements, directors, regulators, academics and
others to better understand enterprise risk management, its benefits and
limitations, and to effectively communicate about enterprise risk management

Control Components
The COSO Cube
The original COSO framework contains five control components needed to help assure
sound business objectives. The control components are:

• Control Environment.
• Risk Assessment.
• Control Activities.
• Information and Communication.
• Monitoring.

More specifically, the thought process behind these five components was that they would
work together to support efforts to achieve an organization's mission, strategies and
related business objectives. All five components would need to be in place to achieve an
"effective" internal control system.

COSO issued the Enterprise Risk Management – Integrated Framework in 2004.Company-wide Objectives .Quality of Information . This framework defines .Risk Identification and Analysis .Security (Application and Network) .Separate Evaluations .Process-level Objectives .Effectiveness of Communication Monitoring .Board of Directors and Audit Committee .Managing Change Control Activities .Policies and Procedures .Control Environment .Reporting Deficiencies The COSO Financial Controls Framework: 2004 Version This page describes the 2004 Enterprise Risk Management (ERM) COSO Framework.Integrity and Ethical Values . See also the original.Management’s Philosophy and Operating Style .Assignment of Authority and Responsibility .Human Resource Policies and Procedures Risk Assessment .Commitment to Competence .Organizational Structure . Why was the COSO framework updated? Here's the word from COSO: Enterprise Risk Management — Integrated Framework (2004) In response to a need for principles-based guidance to help entities design and implement effective enterprise-wide approaches to risk management.Outsourcing Information and Communication .On-going Monitoring . 1992 COSO Financial Controls Framework The original COSO framework is outlined in a document: 1992 COSO Report: Internal Control – An Integrated Framework.Application Change Management .Business Continuity / Backups .

FAQs Have questions? Click here to get answers to the following Frequently Asked Questions: FAQs for COSO's Enterprise Risk Management — Integrated Framework A. risk tolerance.essential enterprise risk management components. Control activities 7. Objective setting 3. Internal control environment 2. What is the framework and how do I get it? 1. discusses key ERM principles and concepts. What is in the framework? 2. Click here to view the Executive Summary of the 2004 COSO Document: Enterprise Risk Management (ERM) COSO Framework. and provides clear direction and guidance for enterprise risk management. Event identification 4. Is there such a thing as being overly conscientious about risk? C. Risk assessment 5. The guidance introduces an enterprise-wide approach to risk management as well as concepts such as: risk appetite. Monitoring. Information and communication 8. How might the framework assist organizations in structuring their entities to best manage exposure to risk? 3. Risk response 6. suggests a common ERM language. The new COSO framework consists of eight components: 1. View the New COSO Cube Overview The new Enterprise Risk Management (ERM) COSO framework emphasizes the importance of identifying and managing risks across the enterprise. The three new components of the COSO framework are Objective setting. Where can I find the framework? B. portfolio view. Why is this a framework that organizations should support? 1. Event identification. What are some of the key concepts established in this framework? . and Risk response. This framework is now being used by organizations around the world to design and implement effective ERM processes. What limitations of existing enterprise risk management models prompted creation of a new framework? 2.

Are you replacing the Internal Control Framework with the Enterprise Risk Management Framework? 2. and developing mechanisms to manage related risks. What is the role of internal auditors in enterprise risk management? How will this framework help them? 4. What is the relationship between effective enterprise risk management and improved financial reporting and transparency? 4. How do people in an organization intersect with this framework? 1. How might organizations view the framework in the context of their Sarbanes-Oxley 404 compliance process? 1.1. . What does the new framework offer clients that are focusing on internal control? E. If you have good internal control. and efficiently and effectively deploys resources in pursuit of the entity’s objectives. How does an organization determine the right amount of risk for the value it is trying to create for stakeholders and how should it communicate its risk policy to stakeholders? 3. With the significant amount of implementation efforts companies are currently undertaking for Sarbanes-Oxley compliance and adoption of new accounting standards. What is the role of the board in enterprise risk management? How does this framework help them? 2. Who are the potential implementers of the framework? Why the focus on Enterprise Risk Management? Here's what COSO says: Value is maximized when management sets strategy and objectives to strike an optimal balance between growth and return goals and related risks. How does this framework relate to COSO's Internal Control Framework? 1. setting related objectives. isn’t that a way of managing risk? 4. What makes this different from the internal control framework? How does it relate to Sarbanes-Oxley reporting? F. What is the role of the CFO and others in the financial management organization in enterprise risk management? How will this framework help them? 3. Enterprise risk management encompasses: • Aligning risk appetite and strategy – Management considers the entity’s risk appetite in evaluating strategic alternatives. Is this intended for private organizations? Is there any organization this is not intended for? D. What is the relationship between technology controls and effective enterprise risk management? 3. What is the difference between risk appetite and risk tolerance? 2. why should companies be motivated to implement enterprise risk management? 2.

These capabilities inherent in enterprise risk management help management achieve the entity’s performance and profitability targets and prevent loss of resources. and enterprise risk management facilitates effective response to the interrelated impacts. reduction. • Reducing operational surprises and losses – Entities gain enhanced capability to identify potential events and establish responses. • Seizing opportunities – By considering a full range of potential events. • Enhancing risk response decisions – Enterprise risk management provides the rigor to identify and select among alternative risk responses – risk avoidance. reducing surprises and associated costs or losses. In sum. . sharing. Enterprise risk management helps ensure effective reporting and compliance with laws and regulations. management is positioned to identify and proactively realize opportunities. and helps avoid damage to the entity’s reputation and associated consequences. enterprise risk management helps an entity get to where it wants to go and avoid pitfalls and surprises along the way. • Identifying and managing multiple and cross-enterprise risks – Every enterprise faces a myriad of risks affecting different parts of the organization. • Improving deployment of capital – Obtaining robust risk information allows management to effectively assess overall capital needs and enhance capital allocation. and acceptance. and integrated responses to multiple risks.

although it is now being phased out in favor of GSM/GPRS and CDMA2000 technology. particularly in the United States and Canada. a common multiple access technique which is used by multiple protocols. and Rogers Wireless in Canada. and an improved compression protocol. 6 billion people own a mobile phones so we are going to analyze the various generations of cellular systems as studied in the evolution of mobile communications from 1st . That name is based on the acronym for time division multiple access.[1] IS-136 added a number of features to the original IS-54 specification. shut down their TDMA network in February 2009. AT&T and Rogers Wireless have upgraded their existing IS-136 networks to GSM/GPRS. and the first to employ TDMA technology. and existing networks have mostly been replaced by GSM/GPRS or CDMA2000 technologies. D-AMPS uses existing AMPS channels and allows for smooth transition between digital and analog systems in the same area. A digital system also made calls more secure because analog scanners could not access digital signals. It was once prevalent throughout the Americas. circuit switched data (CSD). who primarily uses CDMA2000 technology but acquired a TDMA network from Western Wireless. as well as in IS-54 and IS-136. Rogers Wireless removed all 1900 MHz IS-136 in 2003. who now also primarily uses CDMA2000 technology. SMS and CSD were both available as part of the GSM protocol. shutting down both TDMA and AMPS. AT&T soon followed in February 2008. Former large IS-136 networks included AT&T in the United States. known as Digital AMPS (D-AMPS). This system is most often referred to as TDMA. Present Status of Telecom Services The telecommunication service in World had a great leap within a last few year. Alltel. 2007. D-AMPS is considered end-of-life. Capacity was increased over the preceding analog design by dividing each 30 kHz channel pair into three time slots (hence time division) and digitally compressing the voice data. D-AMPS has been competing against GSM and systems based on code division multiple access (CDMA) for adoption by the network carriers. although the algorithm used (CMEA) was later found to be weak. and has done the same with their 800 MHz spectrum as the equipment failed. and IS-136 implemented them in a nearly identical fashion. including GSM. including text messaging. Rogers deactivated their IS- 136 network (along with AMPS) on May 31. However. IS-54 is the first mobile communication system which had provision for security. . shut down their TDMA and AMPS networks in September 2008.IS-54 and IS-136 are second-generation (2G) mobile phone systems. Calls were encrypted. US Cellular. yielding three times the call capacity in a single cell.

It is being first introduced in the Swedish Capital city. 3G and 4G Services See all 17 photos 3G and 4G Services . the 3G service came into existence only by last February. 2G the second generation. Present Status of Telecommunication Services in Asian Countries Now we are in the midst of 4G. that it may take time for exposing to other states. Stockholm. Due to these reasons. 3G the third generation. We can analyze that this could be due to increase in the telecoms customers day by day.generation to 5th generation . Therefore. and then the 4G the forth generation. These are respectively 1G the first generation. Ericson a Swedish company is launching this high tech featured mobile into the market. In China. there are four generations in the mobile industry. The 3G (Third Generation) had also reached India recently. But we should also realize many other countries such as the Asian countries were using these services since last decade.Now almost all the service providers as well as the customers seek for availing these 3G and 4G services. There is no doubt that within a few years India will be the first in telecom users also. In the present time. Willie Lu. What's 4G Mobile Technology by Prof. we can hope that the 4G may enter within a few years.

Both the 1G and 2G deals with voice calls and has to utilize the maximum bandwidth as well as a limited till sending messages i. What is Packet Switching This is actually done by supplying various addressed packets.e. HubPoll: 5G Wireless Systems Interesting applications of 4G Mobile Phone What is 3G Generation But to overcome the limitations of 2G and 2.5G. These services are provided with circuit switching. 2.Voice calls are interpreted through Circuit Switching.5G the 3G had been introduced. Firstly. The data are sent through the technology called Packet Switching . But the greatest disadvantage as concerned to 1G is that with this we could contact with in the premises of that particular nation. where as in case of 2G the roaming facility a semi-global facility is available. It is not necessary to create a new dedicated path for sending the data. In this 3G Wide Brand Wireless Network is used with which the clarity increases and gives the perfection as like that of a real conversation. is not available in these generations. this mid generation was introduced mainly for involving latest bandwidth technology with addition to the existing 2G generation. Narrow band analogue wireless network is used. Analysis of 1G and 2G services In 1G. which will be interconnected to have the conversation. To be frank but this had not brought out any new evolution and so had not clicked to as much to that extend. The latest technologies such as GPRS. Then in case of 2G Narrow Band Wireless Digital Network is used. with this we can have the voice calls and can send text messages. It brings more clarity to the conversation and both these circuit-switching model. SMS.Analysis of Telecom Services Let us examine what these 3G & 4G have rather than that of 1G and 2G. Today’s the usual call starts from the beginning pulse to rate to the final rate.5 Generation In between 2G and 3G there is another generation called 2. It had been modified in such a way that the data can be send through .

any path. separate paths are being created and after analyzing each. hence. Packet Switching in Computer networks The data packs are also used in computer that is when we connected with internet this data pack helps to download the web pages that is being displayed in the monitor. This is due to the reason that by networking.Analog Motorola DynaTAC 8000X to Hitachi 3D Display Phones Click thumbnail to view full-size . the data are being transferred to the correct access point. Evolution of Mobile phones . this data will be received at a less time as compared to that of voice calls. For a Data Pack it does not need any separate path for downloading or displaying any objects in the computer or any other equipment.

is lacking. also to watch T. firstly it should be availed at a lower rate. So for us it is a higher one which could be used only by upper classes. Another reason for this is that it a cost bearing item especially for sending data. Another major defect of this is that Wide Band Frequency Spectrum. 3D gaming. Multi-Gaming etc are also available with 3G phones. Another thing to be noted in case of 3G is that Wide Band Voice Channel that is by this the world has been contracted to a little village because a person can contact with other person located in any part of the world and can even send messages too. Internet. Video Calls. we can access many new services too. Video Conferencing. Not only these but also have entertainments such as Fast Communication.V. so that it may take time to reach to Other countries. 3G and 4G Featuress Main 3G Services With the help of 3G. for which the rate of spectrum should be declined. If it should be accepted among all customers. . What is the reason for delay in implementing 3G and 4G Mobile services? It is very sad to say that the 3G services had only reached with in some towns of china.V programs with the clarity as to that of an ordinary T. which is needed for 3G. One such service is the GLOBAL ROAMING. Main 4G Features Then with the case of Fourth Generation that is 4G in addition to that of the services of 3G some additional features such as Multi-Media Newspapers. Mobile T. we can send Data much faster that that of the previous generations. In addition.V. Multi Media Messaging Service (MMS). Then the point to be noted is that 3G gives clarity of voice as well can talk with out any disturbance.1983 Motorola DynaTAC 8000X Analog Motorola DynaTAC 8000X Advanced Mobile Phone System mobile phone as of 1983.