COSO委员会简介
COSO委员会(全美反舞弊性财务报告委员会发起组织,Committee of Sponsoring Organizations of the Treadway Commission,缩写COSO)
1985年,由美国注册会计师协会(AICPA)、美国会计学会(AAA)、财务经理人协会(FEI)、美国内部审计师协会(国际内部审计师协会的前身,IIA)、美国管理会计师协会(IMA)联合创建了反虚假财务报告委员会(通常称Treadway委员会),旨在探讨财务报告中的舞弊产生的原因,并寻找解决之道。
两年后,基于该委员会的建议,其赞助机构成立COSO(Committee of Sponsoring Organization,COSO)委员会,专门研究内部控制问题。1992年9月,COSO委员会发布《内部控制整合框架》(COSO-IC),简称COSO报告,1994年进行了增补。这些成果马上得到了美国审计署(GAO) 的认可,美国注册会计师协会(AICPA)也全面接受其内容并于1995年发布了《审计准则公告第78号》。由于COSO报告提出的内部控制理论和体系集内部控制理论和实践发展之大成,成为现代内部控制最具有权威性的框架,因此在业内倍受推崇,在美国及全球得到广泛推广和应用。
COSO的运行
自1992年美国COSO委员会发布《COSO内部控制整合框架》以来,该框架已在全球获得广泛的认可和应用,但理论界和实务界一直不断对其提出一些改进建议,强调内部控制整合框架的建立应与企业风险管理相结合。 2002年颁布的萨班斯法案也要求上市公司全面关注风险,加强风险管理,在客观上也推动了内部控制整体框架的进一步发展。与此同时,COSO委员会也意识到《内部控制整合框架》自身也存一些问题,如过分注重财务报告,而没有从企业全局与战略的高度来关注企业风险。正是基于这种内部和外部的双重因素,新框架必须出台以适应发展需求。
2003年7月,美国 COSO委员根据萨班斯法案的相关要求,颁布了“企业风险管理整合框架”的讨论稿(Draft),该讨论稿是在《内部控制整合框架》的基础上进行了扩展而得来的,2004年9月正式颁布了《企业风险管理整合框架》(COSO-ERM),标志COSO委员会最新的内部控制研究成果面世。
COSO企业风险管理的定义 :“企业风险管理是一个过程,受企业董事会、管理层和其他员工的影响,包括内部控制及其在战略和整个公司的应用,旨在为实现经营的效率和效果、财务报告的可靠性以及法规的遵循提供合理保证。”COSO-ERM框架是一个指导性的理论框架,为公司的董事会提供了有关企业所面临的重要风险,以及如何进行风险管理方面的重要信息。企业风险管理本身是一个由企业董事会、管理层、和其他员工共同参与的,应用于企业战略制定和企业内部各个层次与部门的,用于识别可能对企业造成潜在影响的事项并在其风险偏好范围内进行多层面,流程化的企业风险管理过程,它为企业目标实现提供合理保证。
在内部控制整合框架五个要素的基础上, COSO企业风险管理的构成要素增加到八个:(1)内部环境;(2)目标设定:(3)事项识别;(4)风险评估;(5)风险应对;(6)控制活动;(7)信息与沟通;(8)监控。八个要素相互关联,贯穿于企业风险管理的过程中。
COSO Board of Directors
Chairman Larry Rittenberg, Ph.D., CIA
Larry E. Rittenberg has been the Chair of COSO since January 1, 2005 and had previously served as the American Accounting Association’s representative to COSO. Professor Rittenberg is the Ernst & Young Professor of Accounting at the University of Wisconsin-Madison where he teaches courses on auditing, enterprise risk management, and corporate governance. He has served on the Executive Committees of both the American Accounting Association and The Institute of Internal Auditors. He has written over 50 articles, books, and research monographs in areas of auditing, governance, risk, and control. He has been a frequent and willing speaker on behalf of COSO discussing internal control and enterprise risk management.
Mark Beasley, Ph.D., CPA
Mark S. Beasley represents the AAA on the COSO Board and is the Deloitte Professor of Enterprise Risk Management and Professor of Accounting in the College of Management at North Carolina State University. Mark’s research focuses on issues related to corporate governance, risk, and controls. He has is a past President of the American Accounting Association’s Auditing Section and has served on several national task forces and working groups, including the Auditing Standards Board SAS No. 99 Fraud Task Force and the advisory board for The Conference Board’s research about board of director responsibility for ERM.
The American Accounting Association (the AAA) promotes worldwide excellence in accounting education, research, and practice. Founded in 1916, the AAA is a voluntary organization of persons interested in accounting education and research. The mission of the AAA is to foster worldwide excellence in the creation, dissemination, and application of accounting knowledge and skills. Membership currently exceeds 8,000 academics and practitioners from around the world.
Charles Landes, CPA
Charles E. Landes (Chuck) is Vice President Professional Standards and Services Group for the AICPA. In this capacity, Chuck directs the technical activities of the AICPA’s Audit and Attest Standards Team, which is responsible for the technical activities of the Auditing Standards Board (ASB) and the Accounting and Review Services Committee (ARSC). He is also responsible for overseeing the activities of the AICPA’s Accounting Standards team and Hotline team. Prior to joining the AICPA in October 2000, Chuck served as partner in charge of the accounting and auditing practice of Barnes, Dennig & Co. a large local firm located in Cincinnati, Ohio. He began his public accounting experience with Ernst & Whinney (now known as Ernst & Young) and was also a member of KMG Main Hurdman.
The American Institute of Certified Public Accountants (AICPA) is the national professional organization for all Certified Public Accountants. Its mission is to provide members with the resources, information, and leadership that enable them to provide valuable services in the highest professional manner to benefit the public as well as employers and clients
Michael Cangemi, CPA, CISA
Michael Cangemi is president and chief executive officer of Financial Executives International. He is the former president, chief executive officer, and director of Etienne Aigner Group, Inc. (Aigner), a leading designer of women’s accessories. He currently serves as a member of the Financial Accounting Standards Advisory Council and the International Accounting Standards Board-Standards Advisory Council and is a director and chair of the Audit & Governance Committee of New Jersey Reads, Inc. Prior to joining Aigner, Cangemi held positions at BDO Seidman, Phelps Dodge Corporation, and Ernst & Young. From 1987 to 2007 he was the editor-in-chief of the IS Control Journal, in which his regular column, Issues & Comments, appeared. Cangemi co-authored Auditing in an EDP Environment, and in 1993 he published his second book, Managing the Audit Function, which is now in its third edition.
Financial Executives International (FEI) is the leading advocate for the views of corporate financial management. Its 15,000 members hold policy-making positions as chief financial officers, treasurers, and controllers. FEI enhances member professional development through peer networking, career planning services, conferences, publications, and special reports and research. Members participate in the activities of 86 chapters, 75 of which are in the United States and 11 in Canada.
Jeff Thomson
Jeffrey Thomson is the president and CEO at the Institute of Management Accountants. Prior to his IMA assignment, Thomson worked at AT&T and last served as CFO of a multi-billion dollar unit. Thomson has written numerous articles and spoken globally on financial leadership, enterprise risk management, internal controls, business performance management and strategic planning. He has also provided testimony to the U.S. Congress on Sarbanes-Oxley implementation issues impacting U.S. competitiveness. Thomson is considered a global thought leader in the emerging area of Governance, Risk and Compliance.
With a worldwide network of more than 60,000 professionals, the Institute of Management Accountants (IMA) is the world’s leading organization dedicated to empowering accounting and finance professionals to drive business performance. IMA provides a dynamic forum for professionals to advance their careers through Certified Management Accountant (CMA®) certification, research, professional education, networking and advocacy of the highest ethical and professional standards.
David Richards, CIA, CPA
David Richards is president of The IIA and a member of The IIA International Board of Directors. Since taking his post in 2004, he has traveled the world to foster global advocacy of the profession and worked to help ensure internal audit professionalism and adherence to The IIA’s International Standards for the Professional Practice of Internal Auditing. He views his role as integral to raising global awareness of internal auditing as a vibrant and growing profession that is inherent in good governance, strong internal control, and effective risk management. Previously, Richards had a 33-year career at FirstEnergy Corp., where he was chief audit director for 24 years. Serving four million customers, FirstEnergy is a U.S. electric utility with assets of $38 billion and annual revenue of $12 billion.
Established in 1941, The Institute of Internal Auditors (IIA) is an international professional association with global headquarters in Altamonte Springs, Fla., USA, with members in 165 countries. The IIA is the internal audit profession’s global voice, recognized authority, acknowledged leader, chief advocate, and principal educator. Members work in internal auditing, risk management, governance, internal control, information technology audit, education, and security.