Focus on monitoring activities concludes five-part series on COSO framework
An emphasis on monitoring activities is the final COSO internal standard being examined in a series of five articles.
Ongoing evaluations, separate evaluations or some combination of the two are monitoring activities used to determine whether each of the five components of internal control, including controls to affect the principles within each component, is present and functioning.
Ongoing evaluations built into business processes at different levels of the University provide timely information on performance to process owners. A number of compliance-focused departments on campus conduct separate evaluations that vary in scope and frequency depending on assessment of risks, effectiveness of ongoing evaluations and other management considerations. The Internal Audit Department develops and executes its annual audit plan to provide another level of monitoring driven by the University’s strategic objectives and identified risks to their success. Findings are evaluated against criteria established by governing bodies and documents, and deficiencies are communicated to management for appropriate corrective actions.
Monitoring activities at the department level should include regular financial status reports as well as progress reports for major department initiatives. The University’s Compliance Calendar is a great resource for monitoring compliance requirements. The Internal Audit Department’s self-assessment guides also provide tools for monitoring department level activities.
Employees who have questions about the articles or who want to talk about how the framework applies to their department should call the Internal Audit Department at 704-687-5693 or email Internal_Audit@uncc.edu.
Control environment was outlined in the initial article.
Risk assessment was the second COSO standard of control featured.
Control activities were covered in the third article.
Information and communication were addressed in the fourth article.