Professional Documents
Culture Documents
COSO’S INTEGRATED 3
FRAMEWORK OF
INTERNAL CONTROLS COSO Overview – Internal Control
Publications
Chapter 3
Auditing Dept. – School of Accounting – COB - UEH 1992 2006 2009 2013
1 3
Auditing Dept. – School of Accounting – COB - UEH Auditing Dept. – School of Accounting – COB - UEH
2 4
Chapter 3 - Framework of IC (UEH)
5 A. CONTROL ENVIRONMENT
5 7
6 8
Chapter 3 - Framework of IC (UEH)
Integrity is an important ethical and moral principle. BODs and management at all levels demonstrate through
their directives, actions, behaviors the importance of
Morality helps people distinguish between right and integrity and ethical values.
wrong; it enables them to see the consequences of their
actions, and it motivates and direct them to do what is Top management:
right. Develops and communicate the expectations of integrity and
ethical values through the entity’s mission and values statements,
People that want to be respected should behave code of conduct, policies and practices, directives and guidelines,
ethically. actions and decisions of management of all levels and of BODs.
Enterprises that want to create and maintain a good Leads by example and applied consistently lam guong
reputation as well as develop sustainably should adhere to Tone is impacted by the operating style and personal conduct of
ethical principles, in which integrity is the most important. management and BODs.
Auditing Dept. – School of Accounting – COB - UEH 9 Auditing Dept. – School of Accounting – COB - UEH 11
9 11
10 12
Chapter 3 - Framework of IC (UEH)
Auditing Dept. – School of Accounting – COB - UEH 13 Auditing Dept. – School of Accounting – COB - UEH 15
hdqt doc lap voi ban dieu hanh
13 15
-> percentage of independence
(so nguoi doc lap)
-> co the khuyen nghi gia tang
tinh doc lap
2. EXERCISES OVERSIGHT (2)&(3) Independence and relevant
RESPONSIBILITY expertise -> female percentage
-> gian lan ??
Point of focus: BODs is independent from management (board
independence and size); and
(1)Establishes oversight responsibilities The board demonstrates relevant skills and expertise in
carrying out its oversight responsibilities (board
composition). so nam kinh nghiem, bang cap, trinh do -> should
(2)Applies relevant expertise
relevant with the industry the company is in
The board should be actively engaged at all times and
be prepared to question and scrutinize management’s
(3)Operates independently
activities, present alternative views, and have the
courage to act in the face of obvious or suspected
(4)Provide oversight for IC system wrongdoings. tham gia toan tgian : moi cuoc hop co bao nhieu
thanh vien tham du (annual report)
Auditing Dept. – School of Accounting – COB - UEH 14 Auditing Dept. – School of Accounting – COB - UEH 16
17 19
18 20
Chapter 3 - Framework of IC (UEH)
21 23
INTERNAL CONTROL
22 24
Objectives Objectives Objectives Objectives
Objectives
Entity - wide Explicit Operations Financial
Compliance
Controls Non-
Activity-level Implicit
financial
Risks
Reporting
Auditing Dept. – School of Accounting – COB - UEH Auditing Dept. – School of Accounting – COB - UEH
22 24
Chapter 3 - Framework of IC (UEH)
Auditing Dept. – School of Accounting – COB - UEH 25 Auditing Dept. – School of Accounting – COB - UEH 27
25 27
Activity-level objectives
(1) Operations objectives
Flow from and are linked with entity-wide objectives Reflects management’s choices (e.g., providing
customers with a broad range of products at prices
Consistent with each other
consistently lower than its competitors
Frequently stated as goals with specific targets and
deadlines for all significant business processes Considers tolerances for risk
(Operations, Marketing, Sales, Procurement, HR; Includes operations and financial performance goals
Inbound, outbound, …) (e.g., increasing net income by 5% the following year)
Management has identified what activity-level Forms a basis for committing of resources.
objectives are important (critical success factors) to
achieve entity-wide level.
Auditing Dept. – School of Accounting – COB - UEH 26 Auditing Dept. – School of Accounting – COB - UEH 28
26 28
Chapter 3 - Framework of IC (UEH)
29 31
Operations objectives:
Reflects external laws and regulations - Do not based on external requirements.
- The achievement may change due to changes in the
external environment.
Auditing Dept. – School of Accounting – COB - UEH 30 Auditing Dept. – School of Accounting – COB - UEH 32
30 32
Chapter 3 - Framework of IC (UEH)
Auditing Dept. – School of Accounting – COB - UEH 33 Auditing Dept. – School of Accounting – COB - UEH 35
33 35
34 36
Chapter 3 - Framework of IC (UEH)
37 39
- Infrastructure
- Management Structure: a change in
management responsibilities
- Personnel: the quality of personnel hired
Risk Risk Internal - Access to Assets
Risk Analysis
Identification Response factors - Technology: A disruption of IS processing
Auditing Dept. – School of Accounting – COB - UEH Auditing Dept. – School of Accounting – COB - UEH
38 40
Chapter 3 - Framework of IC (UEH)
41 43
42 44
Chapter 3 - Framework of IC (UEH)
45 47
Auditing Dept. – School of Accounting – COB - UEH 46 Auditing Dept. – School of Accounting – COB - UEH 48
46 48
Chapter 3 - Framework of IC (UEH)
49 51
Controls are designed to detect and compensate for Duties should be divided or segregated among
the lack or deficiency of desired controls. different people to reduce the risk of error or
inappropriate of fraudulent actions.
E.g., Bank reconciliation
Entails generally dividing the responsibility of
recording, authorizing and approving transactions,
and handling the related assets.
Separation among the following functions:
tach biet chuc nang phe chuan va bao
Approval and custody of assets quan/duy tri ( nhap kho/xuat kho)
Recording/book-keeping and custody of assets
Approval and recording -> search for approved document and show them to
Auditing Dept. – School of Accounting – COB - UEH
cashier -> cashier xuat tien
Auditing Dept. – School of Accounting – COB - UEH 55
53 55
Auditing Dept. – School of Accounting – COB - UEH 54 Auditing Dept. – School of Accounting – COB - UEH 56
54 56
Chapter 3 - Framework of IC (UEH)
57 59
58 60
Chapter 3 - Framework of IC (UEH)
Auditing Dept. – School of Accounting – COB - UEH 61 Auditing Dept. – School of Accounting – COB - UEH 63
61 63
62 64
Chapter 3 - Framework of IC (UEH)
Supervisory controls
65 67 Information & Communication
Assess whether other transaction control
activities are being performed
completely, accurately, and according to
the policy and procedures.
Information & 13. The organization obtains or generates and uses
are typically performed by the manager of Communication relevant, quality information to support the
functioning of internal control.
a business process or executive team 14. The organization internally communicates
truyen thong
members. information, including objectives and
ben trong
responsibilities for internal control, necessary to
Some types of supervisory controls: support the functioning of internal control.
Review and double check over high 15. The organization communicates with external
truyen thong
risk transactions parties regarding matters affecting the
ben ngoai
functioning of internal control.
Employee performance reviews
Budget vs actual analysis
Auditing Dept. – School of Accounting – COB - UEH
65 67
66 68
Chapter 3 - Framework of IC (UEH)
No 10. -> show which system(s) is(/are) used -> ERP, MISA, FAST, Oracle...
Information quality 15. COMMUNICATES EXTERNALLY
-> show tiktok/fb/yt/fanpage accounts
Accessible: easy to obtain by those who need it -> show dai su thuong hieu
Point of focus -> show tv shows/competitions sponsored
Correct: accurate and complete Communicate to external parties
Current: updated
Protected: Access to sensitive info is restricted to
Enable inbound communications
authorized persons. Communicate with BODs
Retained: Available over an extended period of time
Provide separate communication lines: whistle-
Sufficient: enough info at the right level of detail blower hotlines
relevant to info requirement
Timely: available when needed. Select relevant methods of communication
Valid: Obtained from authorized sources
Verifiable: Supported by evidence
Auditing Dept. – School of Accounting – COB - UEH 69 Auditing Dept. – School of Accounting – COB - UEH 71
69 71
70 72
Chapter 3 - Framework of IC (UEH)
73 75
74 76
Chapter 3 - Framework of IC (UEH)
77 79
Documented evaluations
78 80