Internal controls protect the company’s assets as well as their shareholders’ investments in the company. Therefore, the SEC requires companies to report on internal controls as part of Management’s Report of Responsibilities.
The Committee of Sponsoring Organizations (COSO) of the Treadway Commission defines internal control as “a process, effected by an entity’s board of directors, management, and other personnel, designed to provide reasonable assurance regarding achievement of objectives in the following categories:
The COSO emphasizes the importance of the company’s top management’s values and integrity. Top management will set the course in which the rest of the company’s employees follow. Their operating style and ethical values influences the rest of the company’s behavior. They themselves must set a good example and work by a high ethical standard.
In addition to management’s incorruptibility, COSO recommends internal controls should be monitored regularly and updated when necessary in order to remain highly effective components of a company.
COSO advises the report of internal controls summarizes the following information:
Along with the recommendations of the COSO, the Sarbanes-Oxley Act also states its requirements for the formal reporting on the effectiveness of internal controls.