• Home
  • About
  • Contact

The Phat Startup

The Ultimate Lifestyle Blog for Entrepreneurs

  • Blog
  • Blogger Lifestyle
  • Money & Finance
  • Motivation
  • Personal Growth

Blog

What are the differences between COBIT & COSO?

The Control Objectives for Information and Related Technologies (COBIT) and the Committee of Sponsoring Organizations of the Treadway Organization (COSO) have more in common than the pleasant alliteration. Both entities work with establishments to help them in the management of financial reporting controls. Organizations can protect data by creating solid internal control objectives by understanding the differences, overlaps, and similarities between COSO and COBIT.

COSO Vs. COBIT

What is COSO?
In 1995, five significant professional associations came together and founded COSO with the primary objective of sponsoring National Commission on Fraudulent Financial Reporting. The five were: IMA (Institute of Management Accountants), IIA (Institute of Internal Auditors), FEI (Financial Executives International), AICPA (American Institute of Certified Public Accountants), AAA (The American Accounting Organization). These five organizations developed guidance and frameworks on internal control, enterprise risk, and fraud deterrence.

ISACA
Information Systems and Audit Control Association, now known as ISACA was founded in 1967. The IT professional association creates IT certifications that are recognized all over the world and also develops guidelines for auditing control.

COSO Framework

COSO framework gives internal controls an applied risk management approach. Its latest version was updated in 2016. The structure applies to both internal and financial reporting and focuses on five interrelated strategic points, which are:

  • Governance and Culture: This relates to ERM (Enterprise Risk Management) oversight to day to day activities.
  • Strategy and Objective Setting: The strategy argues that the goals set by risk tolerance have to be measured objectively.
  • The Performance: Requires effective reporting and priority of risks.
  • The Review Revision: Involves monitoring and internal audit on a continuous basis and when necessary revise the controls.
  • Information, Communication, and Reporting: Requires communication across both external and internal stakeholders.

COBIT 5 Framework
While COBIT 5 also comprises five strategic principles, its goals and purpose differ from the COSO despite the matching numbers. COBIT 5 incorporates:

  • Meeting Stakeholders Needs: Requires that those receiving benefits and bearing risks are included in the organizational decisions to determine the resources needed.
  • Covering the Enterprise End to End: This principle ensures that besides the IT Function, ERM incorporates all information and technology related details like applications as assets.
  • Applying a Single Integrated Framework: acts to create a single enterprise management and governance framework from the multiple standards.
  • Enabling a Holistic Approach: Interconnects governance across the establishment by integrating processes, culture, organizational structures, information, policies, and infrastructure.
  • Separating Governance and Management: Sets a prioritized direction by need evaluation while separating the governance body from tracking activities.

Differences between COSO and COBIT 5
These two have very different functions in organizations while they seem similar. COBIT 5 gives a framework that builds best practice controls in organizations. COSO on the other hand, guides organizations on how to reduce fraud and establish risk tolerances.

Entities that choose to establish models of financial risk reporting aligning with COSO will also find COBIT 5 helpful in the organization of their control landscape. In a new house example, COSO is the building plans as it lays out the locations of the rooms in general. It allows an organization to frame the building. But walking through a home that is framed shows only an outline of how the final plan will look.

COBIT 5 shows establishments with details like where to put plumbing, electrical systems then put up the wall. The COBIT 5 framework sets COSO into action with more information to enable organizations to secure IT environment.

Why organizations need both COSO and COBIT
COSO and COBIT 5 work together in creating a controlled landscape and a governance and risk model to allow security to comply with what is needed.

COSO responds to controls that are related to fiduciary duty only. COSO is designed to primarily enable SOX (Sarbanes-Oxley) 404 requirements and limits itself to a particular area of an entity’s IT environment. The two, therefore, overarch risk, governance program, compliance as well as complement each other.

Trust services organizations, for example, that govern their compliance under COSO can align the strategies to the COBIT 5 processes and decide which practice goals cover both.

For example, AICPA helps to visualize the mapping through an excel spreadsheet. With the COSO approach, it is crucial for establishments to take a risk assessment for mitigation and determine critical environments.  External financial reporting ought to reflect the underlying events and transactions as part of the process. Since COBIT 5 offers particular risk assessment ways for risk assessment, it aligns with this requirement. Example, COSO risk assessment component and COBIT PO 8 Manage Quality dovetails. As per COBIT, the satisfaction of the stakeholders with the IT formal process QA that meet objectives and goals, receiving QA reviews process, and IT quality defines measurement.

Author Bio

Ken Lynch is an enterprise software startup veteran, who has always been fascinated about what drives workers to work and how to make work more engaging. Ken founded Reciprocity to pursue just that. He has propelled Reciprocity’s success with this mission-based goal of engaging employees with the governance, risk, and compliance goals of their company in order to create more socially minded corporate citizens. Ken earned his BS in Computer Science and Electrical Engineering from MIT.


« 5 Steps To Securing Your Company Online From The Get-Go
7 Benefits Of Working From Home »

About The Phat Startup

The Phat Startup was created by Mike McOwen to create a space where entrepreneur lifestyle could be focused on. We tend to live a different lifestyle than most. Entrepreneurs tend to be interested in maximizing their life, not only their profit.

Connect With Me

  • Email
  • RSS
  • Twitter
  • YouTube

Twitter Feed

Mike McOwenFollow

Mike McOwen
PhatStartupsMike McOwen@PhatStartups·
29 Dec 2017

Why is content marketing so important? Find out here: http://thephatstartup.com/money-finance/why-your-business-needs-a-content-marketing-strategy-in-2018/

Reply on Twitter 946751505146707968Retweet on Twitter 946751505146707968Like on Twitter 9467515051467079681Twitter 946751505146707968
PhatStartupsMike McOwen@PhatStartups·
9 Oct 2017

http://yescincinnati.com/

Reply on Twitter 917521630162759681Retweet on Twitter 917521630162759681Like on Twitter 9175216301627596811Twitter 917521630162759681
PhatStartupsMike McOwen@PhatStartups·
25 Sep 2017

Wow, interesting

Forbes@Forbes

Millennial men are more likely than women to default on student debt http://on.forbes.com/60148NudC

Reply on Twitter 912458136849698816Retweet on Twitter 912458136849698816Like on Twitter 9124581368496988162Twitter 912458136849698816
PhatStartupsMike McOwen@PhatStartups·
25 Sep 2017

I LOVE Toronto! Miss that place

GO Transit@GOtransit

Explore Toronto’s art scene with GO! Enjoy special late night service during Nuit Blanche on Sept 30. https://cards.twitter.com/cards/v2l8b/4ttwx

Reply on Twitter 912458028355670017Retweet on Twitter 912458028355670017Like on Twitter 912458028355670017Twitter 912458028355670017
Retweet on TwitterMike McOwen Retweeted
BuffaloSabresBuffalo Sabres@BuffaloSabres·
25 Sep 2017

Batter's up! ⚾️ Spending quality time with our friends at @MiracleLeagueWN.

4
Reply on Twitter 912457252057034754Retweet on Twitter 91245725205703475454Like on Twitter 912457252057034754319Twitter 912457252057034754
Load More...

Blog Ideas That Make Money

Reduce the risk of car accidents and stay away from critical injuries

The Pros and Cons of Buying Bitcoins with Cash

Top 5 Celebrity Endorsements That Actually Worked

Search

Copyright © 2023 · The Phat Startup

Copyright © 2023 · Divine Theme on Genesis Framework · WordPress · Log in