Focus-News-Eventi > Focus > Risk management

CoSO Report (2013): le componenti del Sistema di controllo interno e i relativi principi


LE COMPONENTI DEL S.C.I.

Il cd. "CoSO Report", ossia l'Internal Control Integrated Framework, cd. CoSO Report (ultima versione del maggio 2013) individua le seguenti cinque componenti del Sistema di controllo interno (S.C.I.), tutte interessate dai tre obiettivi di : i) efficienza operativa (controllo di gestione); ii) adeguatezza informativa (controllo amministrativo-contabile); iii) conformità alla normativa(compliance), vale a dire:

 1. Ambiente di controllo (Control Environment): atmosfera di controllo e redazione dei report finanziari;

2. Valutazione del rischio (Risk Assessment): processo per la gestione dei rischi, a sua volta suddiviso in Event identification, Risk assessment e Risk response;

3. Attività di controllo (Control Activities): procedure e azioni intraprese per realizzare gli obiettivi aziendali;

4. Informazione e comunicazione (Information & Communication): scambio di informazioni per il controllo dell'azienda (sistema informativo aziendale);

5. Monitoring: monitoraggio del sistema di controllo.


Il 14 maggio 2013 il CoSO ha emesso la versione aggiornata del documento “Internal Control - Integrated Framework” (“2013 Framework”), composto da 140 pagine.
Il “Framework” include le seguenti appendici: “A: Glossary”; “B: Roles and Responsibilities”; “C: Considerations for Smaller Entities”; “D: Methodology for Revising the Framework”; “E: Public Comment Letters”; “F: Summary of Changes to the COSO Internal Control – Integrated Framework (1992)”; “G: Comparison with COSO Enterprise Risk Management – Integrated Framework”.

Per ulteriori informazioni sull’argomento e per l’ “Executive Summary” si rinvia al sito del CoSO (www.coso.org).


I PRINCIPI

Con riferimento a  ciascuna delle richiamate cinque componenti del S.C.I., il CoSO Report ha fissato i sotto indicati 17 principi:


<<CONTROL ENVIRONMENT


1. The organization demonstrates a commitment to integrity and ethical values.  

2. The board of directors demonstrates independence from management and exercises oversight of the development and performance of internal control.  

3. Management establishes, with board oversight, structures, reporting lines, and appropriate authorities and responsibilities in the pursuit of objectives.


4. The organization demonstrates a commitment to attract, develop, and retain com- petent individuals in alignment with objectives. 


5. The organization holds individuals accountable for their internal control responsibilities in the pursuit of objectives.


RISK ASSESSMENT


6. The organization specifies objectives with sufficient clarity to enable the identification and assessment of risks relating to objective.


7. The organization identifies risks to the achievement of its objectives across the entity and analyzes risks as a basis for determining how the risks should be managed.


8. The organization considers the potential for fraud in assessing risks to the achievement of objectives.


9. The organization identifies and assesses changes that could significantly impact the system of internal control.


CONTROL ACTIVITIES


10. The organization selects and develops control activities that contribute to the mitigation of risks to the achievement of objectives to acceptable levels.


11. The organization selects and develops general control activities over technology to support the achievement of objectives.


12. The organization deploys control activities through policies that establish what is expected and procedures that put policies into action. 


INFORMATION AND COMMUNICATION


13. The organization obtains or generates and uses relevant, quality information to support the functioning of internal control.


14. The organization internally communicates information, including objectives and responsibilities for internal control, necessary to support the functioning of internal control.


15. The organization communicates with external parties regarding matters affecting the functioning of internal control.


MONITORING ACTIVITIES


16. The organization selects, develops, and performs ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning.


17. The organization evaluates and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective action, including senior management and the board of directors, as appropriate.>>







 

























































1. 2.

3. 4. 5.

2


The organization2 demonstrates a commitment to integrity and ethical values.

The board of directors demonstrates independence from management and exer- cises oversight of the development and performance of internal control.

Management establishes, with board oversight, structures, reporting lines, and appropriate authorities and responsibilities in the pursuit of objectives.

The organization demonstrates a commitment to attract, develop, and retain com- petent individuals in alignment with objectives.

The organization holds individuals accountable for their internal control responsibili- ties in the pursuit of objectives.

 







 Questo sito utilizza i cookie per assicurarti la migliore esperienza di navigazione. Per saperne di più accedi alla Informativa sulla Privacy. Procedendo nella navigazione, acconsenti all'uso dei cookie. NOTE LEGALI
Il presente sito non è un prodotto editoriale diffuso al pubblico con periodicità regolare.
Curatore: dott. Fabrizio De Simone - Viale Bianca Maria, 24 - 20129 Milano - Partita I.V.A.: 04405300965 - CF: DSMFRZ60S10F839C
Attività professionale non organizzata in ordini o collegi disciplinata dalla Legge 14 gennaio 2013, n. 8 (G.U. 26 gennaio 2013, n. 22)
Copyright Fabrizio De Simone - 2015-2019 -Tutti i diritti riservati