COSOframework

The COSO framework refers to a set of interrelated frameworks for internal control, enterprise risk management, and governance developed by the Committee of Sponsoring Organizations of the Treadway Commission. It provides a systematic approach to designing, implementing, and assessing controls and risk management to help organizations achieve objectives and comply with laws.

Its most widely used component is the Internal Control – Integrated Framework, first published in 1992 and

COSO also publishes the Enterprise Risk Management – Integrated Framework, released in 2004 and updated in 2017.

COSO was formed in 1985 by five private-sector organizations: the American Institute of CPAs, the American Accounting

Organizations implement COSO by mapping controls to the framework’s components or principles, conducting gap analyses, and

---