Facebook-f Twitter Youtube Linkedin Instagram Tiktok

One Month to More Effective Internal Controls – COSO Objective V: Monitoring Activities

The fifth and final Objective is Monitoring Activities. As with all other components of the COSO Cube, Monitoring Activities are part of an interrelated whole and cannot be taken singularly. Monitoring Activities have grown in importance for the CCO or compliance practitioner over the past few years. They will continue to do so in the future, as is reinforced in the COSO 2013 Internal Controls Framework.

The Monitoring Activities objective consists of two principles: 1) The organization selects, develops, and performs ongoing and/or separate evaluations to ascertain whether the components of internal control are present and functioning, and 2) the organization evaluates and communicates internal control deficiencies timely to those parties responsible for taking corrective action, including senior management and the Board of Directors, as appropriate.

Principle 16: Ongoing evaluation.
Principle 17: Evaluation and communication of deficiencies.

Monitoring Activities should bring together your entire compliance program and tell you whether it is running properly. The CCO and compliance practitioner should use both ongoing monitoring and auditing in support of this objective.
The most important item is that all the controls must be sustainable. You cannot just build one-off controls and not have a process to help you monitor all the controls you need to cover. Controls cannot just be a one-and-done. Many companies will find that their initial approach to this is one-and-done.
There must also be a mechanism to communicate controls that do not work or can readily be overridden. From there, you must be able to remediate your controls going forward. This will align with the compliance professional’s requirement to prevent, detect and remediate going forward.
Three key takeaways:

  1. Monitoring activities are interrelated with all other Principles and cannot be taken singularly.
  2. Monitoring activities helps to ensure that all controls are present and functioning.
  3. Monitoring Activities should bring together your entire compliance program and tell you whether it is running properly.

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2024 The Compliance Evangelist. All Rights Reserved
You subscribed to a blog or podcast or downloaded content from
Tom Fox or www.compliancepodcastnetwork.net

What are you looking for?