The Cost Structure in the Insurance Industry
February 12, 2025
What is the Chain of Command and how it worked in the Satyam and Infosys Crises’ We often hear the term Chain of Command mentioned in terms of how corporates need to have well defined rules for who becomes the decision maker when the CEO or the Chief Executive Officer is unable to or barred […]
Gustation (Sense of Taste) The gustatory system comprise of three crucial parts: the mouth, tongue and also the taste buds which helps us in perceiving the sense of taste. Both the gustatory system and the olfactory system (sense of smell) follow chemoreception process. The process of Chemoreception allows the human sense organs to interpret the […]
Risk and control self-assessment (RCSA) is an internal procedure used to identify, assess, and mitigate operational risks within a company.1 In this article, we will discuss the purpose and benefits of this process, before exploring the key stages involved in conducting a thorough RCSA. What is the Purpose of an RCSA? Regular engagement in RCSAs […]
The business landscape of the 21st century is characterized by ever changing trends and events that happen with so much rapidity that they take most business leaders by surprise. Considering the high turnover of ideas and fads, it is no wonder that companies’ and their offerings in terms of products and services fail to click […]
A team is formed when individuals with a common goal come together on a common platform. The team members must complement each other and avoid silly conflicts among themselves. Communication plays a very important role in team building and extracting the best out of the team members. A team member must clearly understand what his […]
Internal frauds are a big part of the operational risk faced by any organization. This is truer of multinational companies who have business interests in various countries across the globe. This is because there are thousands of people in important positions making business decisions on behalf of the company. Hence, ensuring that all these employees always act in conformity with the company’s principles is a difficult task.
This issue shot into prominence during the turn of the century. The Enron scandal which shook the entire world economy in the early 2000’s also accentuated the need for having proper internal controls in any organization. In response to the Enron Scandal, the United States government passed a landmark piece of legislation called the Sarbanes Oxley Act or SOX. As per the provisions of this act, the management and the auditors of the company are jointly responsible for clearly documenting the internal controls processes and having them certified.
Research has suggested that the lack of properly defined internal controls is the reason for more than 50% of internal frauds in the world. Now, since each company has to document these processes, the Committee of Sponsoring Organizations (COSO) has come up with a framework that can be followed by all organizations in order to develop and document their internal controls. This system has been designed by experts and can be used by any organization to augment its risk management endeavors. The COSO is a committee which composes of five major associations
The COSO framework was first developed in the year 1992. Over the years, it has gone through several iterations and has been revised several times. The model has three dimensions which are why it is often displayed on a cube.
The COSO framework mentions actions that need to be taken within three different functions. They are:
The COSO framework suggests that the organization must be divided into various levels for the purpose of managing internal controls. The internal controls should be continuously monitored at various levels such as subsidiary level, business-unit level, division level as well as entity level.
The COSO model emphasizes that all five components work together as an integrated system. The malfunction of any one component would also impact all the other components as well. The idea behind the framework is to provide a set of tools that will have to be used by every company. The specific organization can then go ahead and decide on the specific methods that they want to follow for controls or for information management. The standardized model makes the implementation of risk management comparatively easier.
Your email address will not be published. Required fields are marked *