COSO has created and provided Fraud Risk Management Tools to help prevent and deter fraud from any company. In 2013, COSO created categories for 17 Principles and Components into 5 sections - Control Environment, Risk Assessment, Control Activities, Information and Communication, and Monitoring. Now COSO has created a fraud management tool for each of the 5 categories.
The 5 Fraud Risk Management tools COSO recommends:
- The organization establishes and communicates a Fraud Risk Management Program that demonstrates the expectations of the board of directors and senior management and their commitment to Control high integrity and ethical values regarding managing fraud risk.
- The organization performs comprehensive fraud risk assessments to identify specific fraud schemes and risks, assess their likelihood and significance, evaluate existing fraud control activities, and Risk implement actions to mitigate residual fraud risks.
- The organization selects, develops, and deploys preventive and detective fraud control activities to mitigate the risk of fraud events occurring or not being Control detected in a timely manner.
- The organization establishes a communication process to obtain information about potential fraud and deploys a coordinated approach to investigation and corrective action to address fraud Information & appropriately and in a timely manner.
- The organization selects, develops, and performs ongoing evaluations to ascertain whether each of the five principles of fraud risk management is present and functioning and communicates Fraud Risk Management Program deficiencies in a timely manner to parties responsible for taking corrective action, including senior management and the board of directors
These 5 Risk Management Tools work along side with the COSO 2013 framework and enhance this framework. To see the full details of the tools, take a look at the Fraud Risk Management Guide provided by COSO.