COSO의 내부통제시스템의 모니터링에 관련한 가이던스(공개초안)를 통해서 본 내부통제에서의 모니터링

Committee of Sponsoring Organization of the Treadway Commission, Guidance on Monitering Internal Control System, Exposure Draft 2008, Executive

The objectives of COSO’'s Monitoring Guidance are two-fold : ∙To help organizations improve the effectiveness and efficiency of their internal control systems. The COSO Framework emphasizes that organizations with effective internal control systems monitor the effectiveness of those systems over time-just as a manufacturing organization monitors the continued effectiveness of its manufacturing procedures. This guidance is designed to help organizations recognize and maximize the use of monitoring when it is effective and enhance monitoring in areas where improvement may be warranted. ∙To provide practical guidance that illustrates how monitoring can be incorporated into an organization’'s internal control processes. The ““Applying the Concepts”” sections in Volume Ⅱ of the guidance provide easy reference points - demonstrating how organizations might apply the general concepts of monitoring. Volume III goes further by providing a variety of monitoring examples from organizations interviewed during the project. This guidance is designed to apply to all three objectives addressed in the COSO Framework : the effectiveness and efficiency of operations, the reliability of financial reporting, and compliance with applicable laws and regulations. However, recognizing that its primary application may be related to monitoring internal control over financial reporting (ICFR), most of the examples concentrate on the financial reporting objective. The COSO Framework states that ““monitoring ensures that internal control continues to operate effectively.”” COSO’'s 2006 Guidance enhances the understanding of monitoring by articulating the following two related principles : ∙Ongoing and/or separate evaluations enable management to determine whether the other components of internal control continue to function over time. ∙Internal control deficiencies are identified and communicated in a timely manner to those parties responsible for taking corrective action and to management and the board as appropriate. Properly designed and executed monitoring (1) provides persuasive information to the right people regarding the internal control system’'s effectiveness, and (2) identifies and communicates internal control deficiencies in a timely manner to those parties responsible for taking corrective action and to management and the board as appropriate. In doing so, it facilitates the correction of control deficiencies before they materially affect the achievement of the organization’'s objectives.