About
Foundational Principles In the Community Diversity, Equity & Inclusion Technical Excellence Alumni TIAG Membership
Careers
Why Cohen & Company Our Culture Total Rewards & Benefits Intern & Entry Level Opportunities Experienced Opportunities
Contact
Akron, OH Baltimore, MD Chicago, IL Cleveland, OH Detroit, MI Milwaukee, WI New York, NY Philadelphia, PA Pittsburgh, PA St. Clair Shores, MI Youngstown, OH
Client Portal
Services Industries Knowledge Center People

About Our Services

We offer tailored solutions — whether private company or owner; public or private fund, adviser or fund service provider; or Fortune 1000 enterprise. Learn how we can help you.

Learn More

Assurance Services

Employee Benefit Plan Audits Internal Controls Investment Company Audits Private Company Audits SOC Readiness & Compliance

Tax Services

Federal Tax Planning & Compliance High Net Worth & Wealth Transfer International Filings & Structuring Investment Company Tax State & Local Tax Tax Credits & Incentives Transaction Tax Planning

Advisory Services

Business Valuations Data & Insights Digital Finance Solutions IT Strategy & Implementation M&A Advisory Outsourced Accounting Solutions Risk Assurance & Advisory Transaction Services Turnaround & Restructuring

Our Industry Expertise

Our industry experience means you can find professionals who speak your language and bring earned insights to the table. Learn how we can help you.

Learn More

Key Industries

Digital Assets Investment Companies Manufacturing Private Companies Private Equity Real Estate & Construction Technology & Life Science
VIEW THE COMPLETE LIST

Knowledge Center

Our team wants to help your team stay up to date. Browse our thought leadership, events and news for insights and a point of view on business-critical topics.

Learn More

Insights

Browse valuable articles and publications our experts have written to help you and your organization answer key questions — and consider new ones.

Read Our Insights

Events

Join us in person and online for events that address timely topics and key business considerations.

Explore Our Events

News

Find out what is happening at Cohen & Company, from industry recognitions and growth updates, to where we are contributing to important media stories.

Read Our News
People
Foundational Principles In the Community Diversity, Equity & Inclusion Technical Excellence Alumni TIAG Membership
Why Cohen & Company Our Culture Total Rewards & Benefits Intern & Entry Level Opportunities Experienced Opportunities
Akron, OH Baltimore, MD Chicago, IL Cleveland, OH Detroit, MI Milwaukee, WI New York, NY Philadelphia, PA Pittsburgh, PA St. Clair Shores, MI Youngstown, OH
Client Portal
Back to Insights

Key Questions to Determine Whether Your Governance Structure is Meeting COSO Requirements

by Steve Guarini

October 12, 2020 Investment Company Audits, Private Company Audits, SOC Readiness & Compliance

It is nearly impossible to overstate the importance of organizational governance. After all, effective governance ensures accountability, drives organizational ethics and values, and enables your business to achieve objectives.

While there are numerous highly reputed frameworks that address governance, the internal control framework created by the Committee of Sponsoring Organizations (COSO) of the Treadway Commission can help your business achieve the gold standard. COSO is sponsored by major industry associations such as the AICPA and IIA and is the de facto standard for evaluating the effectiveness of internal controls in compliance with Sarbanes Oxley.

Why is Governance Important?

Let’s step back for a minute and talk briefly about why governance is important. Often viewed as unnecessary bureaucracy, organizational governance or the lack thereof, instrumentally affects everything from your organization’s ability to raise capital, meet stakeholder expectations, and achieve growth targets, to your effectiveness in attracting and retaining top talent and maintaining an effective system of internal controls. Governance is in fact, one of the most pervasive and important aspects of your organization.

Before you can have effective governance, you first must have a well-designed governance structure.  Governance structure is the mechanisms by which you implement governance practices throughout your organization. Governance structure generally includes processes to enable board oversight, and to translate organizational goals and strategic objectives into routine practices and procedures.

COSO Governance Requirements

The COSO internal control framework suggests the foundation of an effective system of internal controls is a strong control environment, one that can be described as having management’s and the organization’s governing body committed to competence and integrity, and valuing the assignment of responsibility over internal control.

More specifically, COSO requires organizations maintain processes that demonstrate behaviors consistent with a commitment to integrity and ethical values, enable sufficient management oversight, appropriately assign authority, accountability and responsibility, and ensure a high degree of competence.

Evaluating Your Governance Structure

An evaluation of your governance structure can help identify potential gaps in your governance processes and should be completed at least annually.

Below are some key questions to consider when evaluating your organization’s governance structure against the requirements of COSO:

  • Does my organization have processes in place that facilitate an environment of high integrity and ethical values? Consider the existence and sufficiency of processes around establishing and communicating standards of conduct, evaluating adherence to standards and addressing deviations from standards of conduct. Also consider the maturity of these processes, whether they are informal processes relying on tribal knowledge or implemented via formally documented policies and procedures. Such policies should reflect leadership’s commitment to ethics and integrity, such as conflicts of interest and whistleblower policies.
  • Does my organization structure sufficiently support the achievement of objectives? Consider the sufficiency of assigned roles, responsibilities, and reporting lines and whether department leaders and managers have sufficient authority and access to senior executive leaders. Also consider the sufficiency of the frequency and nature of board and senior leadership meetings. Keep in mind that when it comes to organizational structure, one size does not fit all. Factors such as organization size, industry, legal and regulatory requirements, and risk appetite, among others, should be considered when evaluating your organization structure design.
  • Does my organization demonstrate a commitment to attracting and retaining competent personnel? Consider the adequacy of processes around talent recruiting and hiring, succession planning, performance evaluations, and the availability of training and continuous learning initiatives for employees. Similar to your evaluation of organizational structure, also keep in mind that a one size fits all approach is not appropriate.
  • Does my organization adequately manage risk? Consider the processes in place to identify and assess risks regarding achieving organizational objectives, including risk appetite and the effectiveness and frequency of risk assessments. Consider the sufficiency of risk management processes to identify and evaluate all significant risks to the organization, including internal and external factors, fraud, IT and cybersecurity, and risks from third parties such as vendors and contractors. Note that while your governance assessment should consider the processes in place to identify and manage risk, it does not substitute a well-designed and executed risk assessment.

Read “The 2 Questions (and More) Your Company Should Be Asking About Internal Controls and Fraud During COVID-19”

The above are just a few items to consider when evaluating your organizational governance. In addition to your own initial evaluation, outside advisors can help you perform value added assessments of your governance structure tailored to meet your unique environment.

Contact Steve Guarini at sguarini@cohencpa.com or a member of your service team to discuss this topic further.

Cohen & Company is not rendering legal, accounting or other professional advice. Information contained in this post is considered accurate as of the date of publishing. Any action taken based on information in this blog should be taken only after a detailed review of the specific facts, circumstances and current law.

About the Author

Steve Guarini, CPA

Partner, Assurance
sguarini@cohencpa.com
586.541.7736

Sign Up for Our Emails & Events

Receive insights from our specialists in a variety of areas and timely information on upcoming events directly to your inbox as they go live in our online Knowledge Center.

Subscribe Today
Subscribe to our newsletter
About Contact Submit RFP Privacy Policy
LinkedIn Twitter Facebook
© 2023 Cohen & Company