Datasec - IT Security & Control

Meycor COSO AG Print
Meycor COSO AG is a tool aimed at supporting the assessment or the implementation of an effective and efficient internal control system, fully complying with the requirements of the COSO Report.

 Image

 Image

 Image

 Image

 Image

This tool includes a self-assessment questionnaire for each component and templates for objectives, risks and controls, offering an agile and secure system with charts, risk maps and management reports.

Meycor COSO AG includes two modules, one for documenting and self-assessing and one for auditing.

It can be used to:

  • Assess operational and technological risks.
  • Comply with the requirements of the Sarbanes Oxley law.
  • Create and document business procedures.
  • Support the entire audit cycle (planning, project creation, auditing work, documentation and follow-up of findings).

The COSO Report is imposing itself, considering the actions of several auditing organizations and companies, as a firm reference regarding work methodology to assess internal control. To management, risk assessment and its administration can be put aside in favor of the major goal of procuring business opportunities, while in fact risk avoidance contributes to that goal. One of the goals sought, the decrease of financial reporting fraud, render it more useful for users of that information. COSO originated in the recommendations issued by the National Commission on Fraudulent Financial Reporting, whose goal was to define common concepts regarding internal control that could be applied to any organization type. Internal control is a process, effected by an entity’s board of directors, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in the following categories:

  • Effectiveness and efficiency of operations
  • Reliability of financial reporting
  • Compliance with applicable laws and regulations

Internal control is integrated to business processes such as planning, execution and monitoring. We have three elements to integrate to our analysis:

  • The three objective categories that need to be complied with: operations, financial reporting and compliance are represented on the vertical columns.
  • The five components comprised in internal control, represented by rows.
  • The units and processes (activities) that must fulfill the organization's goals and their own objectives by executing the internal control process through its components.

The tool comprises two modules: MEYCOR COSO AG – ASSESSMENT and MEYCOR COSO AG – AUDIT.

The MEYCOR COSO AG – ASSESSMENT module gathers the organization's information, assessing its internal controls and risks. This module allows to enter the Organizational Chart of the organization, its Business Processes and Goals, and any tasks performed in order to fulfill each process

The MEYCOR COSO AG - AUDIT module allows to audit the risk assessments performed by the MEYCOR COSO AG - ASSESSMENT module. The product allows supervisors to create Audit Projects, including the definition of project auditors, the assignment of risks to be audited and the assignment of risks to specific auditors. Audit Procedures are then entered, with the supervisors defining which procedures will be used to audit each risk.