COSO
COSO
Control Environment
Risk Assessment
Control Activities
Information & Communication
Monitoring Activities
Business Actor
Communication Systems
1. Control Environment
5. Accountability
2. Board Independence and Oversight
4. Commitment to Competence
1. Commitment to Integrity and Ethical Values
3. Organizational Structure
2. Risk Assessment
6. Suitability of Objectives
7. Risk Identification and Analysis
8. Fraud Risk Assessment
9. Significant Change Assessment
3. Control Activities
10. Control Activities Selection and Development
11. Control Activities through Policies and Procedures
12. Control Activities Deployment
4. Information & Communication
13. Relevant Information Identification, Capture, and Use
14. Internal Communication
15. External Communication
5. Monitoring Activities
16. Ongoing and Separate Evaluations
17. Deficiencies Communication
Goals
Reliability of Financial Reporting
Compliance with Laws and Regulations
Operational Efficiency
1. Control Environment (Business Layer)
4. Information & Communication (Application Layer)
2. Risk Assessment (Motivation Layer)
3. Control Activities (Operational Layer)
5. Monitoring Activities (Infrastracture Layer)
(4. Information & Communication (Application Layer) - Business Actor)
(4. Information & Communication (Application Layer) - 13. Relevant Information Identification, Capture, and Use)
(4. Information & Communication (Application Layer) - 14. Internal Communication)
(4. Information & Communication (Application Layer) - 15. External Communication)
(1. Control Environment (Business Layer) - 1. Commitment to Integrity and Ethical Values)
(1. Control Environment (Business Layer) - 2. Board Independence and Oversight)
(1. Control Environment (Business Layer) - 3. Organizational Structure)
(1. Control Environment (Business Layer) - 4. Commitment to Competence)
(1. Control Environment (Business Layer) - 5. Accountability)
(Communication Systems - 13. Relevant Information Identification, Capture, and Use)
(Communication Systems - 14. Internal Communication)
(Communication Systems - 15. External Communication)
(1. Control Environment (Business Layer) - Compliance with Laws and Regulations)
(1. Control Environment (Business Layer) - Operational Efficiency)
(1. Control Environment (Business Layer) - Reliability of Financial Reporting)
(Communication Systems - Information & Communication)
(Risk Assessment - Compliance with Laws and Regulations)
(2. Board Independence and Oversight - Operational Efficiency)
(4. Commitment to Competence - Operational Efficiency)
(5. Accountability - Reliability of Financial Reporting)
(Monitoring Activities - Reliability of Financial Reporting)
(2. Risk Assessment (Motivation Layer) - 6. Suitability of Objectives)
(2. Risk Assessment (Motivation Layer) - 7. Risk Identification and Analysis)
(2. Risk Assessment (Motivation Layer) - 8. Fraud Risk Assessment)
(2. Risk Assessment (Motivation Layer) - 9. Significant Change Assessment)
(3. Control Activities (Operational Layer) - 10. Control Activities Selection and Development)
(3. Control Activities (Operational Layer) - 11. Control Activities through Policies and Procedures)
(3. Control Activities (Operational Layer) - 12. Control Activities Deployment)
(5. Monitoring Activities (Infrastracture Layer) - 16. Ongoing and Separate Evaluations)
(5. Monitoring Activities (Infrastracture Layer) - 17. Deficiencies Communication)
(Operational Efficiency - 3. Organizational Structure)
(Compliance with Laws and Regulations - 1. Commitment to Integrity and Ethical Values)
(3. Control Activities (Operational Layer) - Control Activities)
(1. Control Environment (Business Layer) - Control Environment)
(4. Information & Communication (Application Layer) - Information & Communication)
(5. Monitoring Activities (Infrastracture Layer) - Monitoring Activities)
(2. Risk Assessment (Motivation Layer) - Risk Assessment)
Layered View
×
Archi®
×