The Committee of Sponsoring Organizations of Treadway Commission - Research Paper

Introduction

The Committee of Sponsoring Organizations of Treadway Commission (COSO) was organized in 1985 with the intention of sponsoring the National Commission on Fraudulent Financial Reporting, a private-sector initiative which reviewed casual factors that can result in fraudulent financial reporting. The National Commission was a joint initiative comprising of five significant professional associations in the U.S, and it was tasked with creating a framework aimed at improving performance with a focus on reduction of fraud and bringing about thoughtful leadership in the field of internal control, risk management and fraud identification. Nonetheless, COSO also came up with recommendations for public companies and their independent auditors, for the SEC and other regulators, and educational institutions (Kalbers, 2009).

Is your time best spent reading someone else’s essay? Get a 100% original essay FROM A CERTIFIED WRITER!

Save 25%

In 1992, The COSO model was created, and its rise to fame came about in 2004 after the release of the Sarbanes-Oxley Act. During this period, COSO became an extensively employed framework for assessing the internal control of the organization. However, that is not the only purpose of COSO because the model is relevant to other institutions and companies in founding a framework of internal controls. With the current technology and business environments, there is a need to adopt the approach to internal control. In 2013, the COSO framework was updated to go along with the current complex working environment. However, the framework was not new but just a few changes introduced in the monitoring procedures. The enhancement has taken into consideration the advancements in the operating and business setting (Kalbers, 2009).

Five Components and 17 Principles of the COSO Framework

In 2013, COSO updated their framework. The revised framework comprises five internal control components along with 17 principles of effective internal control (Gupta, 2008). Highlighted below are the components along with the principles for each:

Risk Assessment

• Identify and assess risks
• Specify appropriate objectives
• Identification and analysis of changes that can significantly impact internal controls
• Evaluate fraud risks

Control Environment

• Ensure that the board of directors show independence
• Demonstrate the commitment to integrity and ethical values
• The organization holds individuals accountable
• Management shows commitment to keep the competent people
• Management establishes bodies responsible for the pursuit of objectives

Information and Communication

• Communicate internal control issues with internal stakeholders
• Communication with external parties on matters of internal control
• Organization use relevant information for quality support of internal control

Control Activities

• Develop control activities that help alleviate risks
• Develop technological control activities to achieve desired objectives
• Deploy control activities based on established policies and procedures

Monitoring

• Evaluation and communication of internal control deficiencies
• Organization perform periodic evaluations to assure the functioning of internal controls

For the paper, Apple Inc. is chosen for the Fiscal year ending September 24, 2016. The form 10-K reviews "Management's Annual Report on Internal Control over Financial Reporting" and also "Report of Independent Registered Public Accounting Firm" and it has the following:

Item 9A: Controls and Procedures

Evaluation of Disclosure Controls and Procedures

With critical evaluation, utmost supervision and with the participation of the Company's management, the Company's financial officer and principal executive officer have concluded that the company's disclosure controls and procedures as defined in Rules 13a-15(e) and 15d-15(e) under the Exchange Act were effective as of September 24, 2016 (Apple, 2016). The aim is to provide generous pledge that information needed to be disclosed by the company in reports under the Exchange act is:

Summarized, processed, recorded and reported within the time limit specified in the SEC rules and communicated to the company's management, as well as the company's principal executive officer and the principal financial officer, as suitable to allow timely decisions.

Inherent Limitations Over Internal Controls

According to Apple Inc., the company's internal control over financial reporting is designed to assure the reliability of financial reporting, and the preparation of financial statements for external purposes by the U.S. generally accepted accounting principles ("GAAP") (Apple, 2016). Policies and procedures of the company's internal control over financial reporting include:

Relate with the maintenance of records in detail, fairly and accurately reflect transactions of the company's assets:

• Assure that transactions are correctly recorded to allow the preparation of financial statements by GAAP. The company's expenditures and receipts are being made by authorizations of the company's management and directors; and
• Provide reasonable assurance concerning the prevention of unauthorized disposition/use of the company's assets which could affect financial statements.

The management does not expect that the company's internal controls will prevent, detect all errors and fraud. No matter how well-designed and well-operated a control system is, can provide only reasonable, not absolute, assurance that objectives of the control system are met. Nonetheless, the design of a control system must reflect on resource constraints and benefits of controls must be considered about their costs. It is because of inherent limitations of control systems that no evaluation can produce absolute assurance that all instances of fraud, if any, can be detected. There is a risk in the future that internal controls may become inadequate due to changes in business environments, or that the degree of compliance with procedures and policies may fade.

Management's Annual Report on Internal Control over Financial Reporting

The management of Apple Inc. is liable for setting up and maintaining adequate internal control over financial reporting as defined in the Exchange Act. Assessment of the effectiveness of the company's internal control over financial reporting was conducted, based on the criteria provided in the Integrated Framework by COSO, 2013 (Apple, 2016). From the assessment of the company, the management has concluded that its internal control over financial reporting was effective, as of September 24, 2016, to provide reasonable assurance on the reliability of financial reporting and preparation of financial statements by GAAP (Apple, 2016).

The company's independent registered public accounting firm, Ernst & Young LLP, has issued an audit report on the company's internal control over financial reporting, which appears in Part II, Item 8 of the Form 10-K (Apple, 2016). There were no changes in the company's internal control over financial reporting during the fourth quarter of 2016, which were identified in connection with management's evaluation required by paragraph (d) of Rules 13a-15 and 15d-15 under the Exchange Act, that have(or likely) materially affected the company's internal control over financial reporting (Apple, 2016). As specified by the evaluation disclosure, a procedure was done to establish that the information provided was correct and the SEC regulations met requirements.

References

Apple, Inc. (2016, September 30). Form 10-K. Retrieved from http://files.shareholder.com/downloads/AAPL/2456063358x8143945x913905/66363059-7FB6-4710-B4A5-7ABFA14CF5E6/10-K_2016_9.24.2016_-_as_filed.pdf

Gupta, P. P. (2008). Management's evaluation of internal controls under Section 404 (a) using the COSO 1992 control framework: Evidence from practice. International Journal of Disclosure and Governance, 5(1), 48-68.

Kalbers, L. P. (2009). Fraudulent financial reporting, corporate governance, and ethics: 1987-2007. Review of Accounting and Finance, 8(2), 187-209.