This section presents the notable and more widely applied internal control frameworks. Generally, internal control frameworks explain internal control in a broader form. These internal control frameworks offer definitions of internal control taking into account their respective components.
Internal control integrated framework (COSO). The Committee of Sponsoring Organizations of the Treadway Commission (COSO) was formed in 1985 by a coalition of the American accounting bodies. Its mandate was to study the reasons behind firms engaging in fraudulent reporting of their financial activities and to make appropriate recommendations to stem the tide, thereby enabling such firms to set up and improve their systems of internal control. As an effort to streamline the meaning of internal control, the committee issued a report that, once adopted, established an internal control integrated framework. This framework provides a common platform for managers and business leaders to evaluate and report on the effectiveness of their internal control system towards the achievement of their corporate objectives. The main ideas that emanate from the framework are:
1. The process of internal control is a necessary means of effectively attaining organizational objectives.
2. The internal working of a company should include understanding and setting up a system of internal control that is not just adequate but also effective.
3. Internal control aims for the attainment of goals in similar categories.
The COSO Report (1992) contained a holistic definition of internal control as a management process that involves the active participation of every strata of an organization with a view to achieving operational effectiveness and efficiency, accuracy and dependability of financial reporting, and adherence to relevant statutes and internal policies. Going beyond the objectives of accounting controls, COSO definition reveals three broad objectives that are classified as operational, financial reporting, and compliance (Jokipii, 2010). Following from the report, all positive steps taken by the board of directors, management and staff towards the attainment of organizational objectives are considered as internal control; the control environment, risk assessment, control activities, information and communication, and monitoring are the five interrelated components of internal control; and to achieve an effective internal control system, these five components, which are applicable to all sizes of entities must be present and functioning properly. The COSO Report has gained world-wide and industry-wide acceptance and application because of the general awareness that internal control transcends finance and accounting, extending to every area of an organization (Pfister, 2009). It has, therefore, been generally acknowledged as the definitive standard for the assessment of the effectiveness of an internal control system.