COSO 2013 Solution

Here are some important frequently asked questions about the change from COSO 1992 to COSO 2013 and what this could mean to your company.

Jump to the topic you are looking for:

  1. What is COSO 2013?

  2. Why has COSO changed?

  3. How do I know if COSO 2013 applies to me?

  4. I am a non-accelerated filer so this doesn't apply to me, right?

  5. What changes should I expect?

  6. When is the due date?

  7. What is the best approach to adopting COSO 2013?

  8. Why should I talk to Vibato about COSO 2013?

  9. I'm an external auditor looking for information.

  10. How should I get started?

  11. Help me understand what I'm in for...

  12. Will the SEC's financial reporting requirements change because of COSO 2013?

SEC Statement on COSO




COSOs Updated Internal Control Integrated Framework

TOP

1. What is COSO 2013?

COSO 1992 has been the most widely adopted internal control framework used since the passage of the Sarbanes-Oxley Act of 2002. COSO 2013 is an update to the 1992 version. 

COSO 2013 is:

  • Due 12/15/2014
  • Expands the risk assessment significantly
  • Management must define & demonstrate compliance with Objectives & Principles
  • Expands the compliance requirements to the “Operations” and “Compliance” areas

 


COSO Update

TOP

2. Why has COSO changed?

The intention of the COSO 2013 edition is to:

  • Refresh objectives relating to changes in business & operating environments such as the use of the internet as a sales platform.
  • Broaden the application of a typical COSO application to operations and reporting rather than just compliance.
  • Provide clarification and instruction on how to facilitate and evaluate internal controls.

COSO 1992 vs 2013

TOP

3. How do I know if COSO 2013 applies to me?

This change applies to all public companies traded on the US exchanges and any company trying to maintain compliance with the Sarbanes-Oxley Act of 2002.


COSO Change 2014

TOP

4. I am a non-accelerated filer so this doesn't apply to me, right?

WRONG! If your company is required to attest to Section 404(a) compliance typically via your 10-Q Item 4, 10-K Item 9, 302, or 906 certifications (so all public companies of any size), this change applies to you. 


SOX Update 2014

TOP

5. What changes should I expect?

Some changes include:

  • Evidence of adoption of the 3 Objectives, 5 Components, and 17 Principles defined by the new Framework.
  • Documented control coverage over the operations, reporting, and compliance sections if the COSO Cube (previously, only documented evidence over the 'reporting' slice of the cube was required).
  • Documented objective setting for each material process.
  • The addition of controls over the operational and compliance levels of the COSO cube (COSO 1992 only required financial reporting controls).
  • Additional/enhanced Entity level controls & Risk Assessment procedures.
  • Documented policies & procedures over each material process.
  • Required communication to each level of the organization.

SOX Change 2014 COSO

TOP

6. When is the due date?

Adoption of the new standards must be demonstrated by your next fiscal year-end after December 15, 2014. This means if you are a calendar year-end filer, then you must demonstrate compliance by 12/31/2014.


COSO 2014

TOP

7. What is the best approach to adopting COSO 2013?

The change will require a reassessment of your current control environment by people familiar with the COSO 2013 requirements to determine how much work is needed to bring your internal control infrastructure up to the new standards. We recommend starting this work as early in 2014 as possible since the changes are substantial. This change will be different for each company but we have a strategy to get you through this process very quickly.


COSO 1992 versus 2013

TOP

8. Why should I talk to Vibato about COSO 2013?

Vibato has created a complete COSO 2013 Made Simple to help complete the transition in an efficient and effective manner. We would be happy to speak with you about where you are now and what you will need to do to demonstrate compliance with the new requirements. Please call us at 1-888-4-VIBATO, 415.240.4867, or email us by clicking this link: COSO 2013 Inquiry


COSO SEC Update

TOP

9. I'm an external auditor looking for information.

We hold regular web-based training's on available via our Webinars page. We also offer on site training and technology licensing options. Please call 1-888-4-VIBATO or 415.240.4867 for more information. CPE is available for all training options.


PCAOB_Controls_Update_2014

TOP

10. How should I get started?

  • Give us a call! We would be happy to talk to you about your unique needs and share war stories about things we've encountered. 1-888-4-VIBATO or 415.240.4867.
  • We hold regular web-based training's available via our Webinars page. Additionally, we will be holding several "Lunch & Learn" sessions across the US. Talk to a COSO 2013 Expert for our upcoming schedule or to be put on our notification list. Private, on site training is also available. CPE is available for all training options.
  • The official guidance material is also available for purchase from COSO called “Internal Control – Integrated Framework (2013)” via this link: COSO.org Guidance

Internal Control Change 2014

TOP

11. "Help me understand what I'm in for..."

First, know it will be all right. You've come to the right place. 

We have pre-drafted controls - by process - that meet the new COSO 2013 compliance requirements. Typically, in less than 1 day, we can assess your current controls against the new COSO 2013 control requirements and provide you with a detailed list of what you’ll need to change to meet the new requirements.

Additionally, we have ready-to-use accounting templates (ex. policies, procedures, forms, spreadsheets, etc.) already prepared to show you exactly what you need to do to execute the new COSO 2013 controls. You may use these as a replacement for your current documents or you may use these as a guide and training materials.

Now, register to your right to start your complimentary assessment of your current internal control structure to learn what the change to COSO 2013 may require for your company.


COSO SEC Update

TOP

Will the SEC's financial reporting requirements change because of COSO 2013?

It appears that the SEC is in a wait and see mode right now:

"I understand that COSO intends to supersede their 1992 Framework as of December 15, 2014, and we expect there will be questions about whether the SEC will provide management with any transition or implementation guidance to change from the existing framework to the new framework...SEC staff plans to monitor the transition for issuers using the 1992 framework to evaluate whether and if any staff or Commission actions become necessary or appropriate at some point in the future. However, at this time, I’ll simply refer users of the COSO framework to the statements COSO has made about their new framework and their thoughts about transition." Paul Beswick, Chief Accountant, Office of the Chief Accountant, U.S. Securities and Exchange Commission, May 30, 2013"




COSO 2013 Solution