The Committee of Sponsoring Organizations of the Treadway Commission’s (COSO) model that evaluates internal controls has recently been revised.

Considered the generally accepted framework for internal control, COSO’s ERM framework focuses on five key components which include control environment, risk assessment, control activities, information and communication, and monitoring activities. After updates made on the framework in September, the framework’s new title is “Enterprise Risk Management Integrating with Strategy and Performance,” Bob Hirth, Chairman of COSO, recently told Internal Audit Insights during an interview at MISTI’s SuperStrategies Conference & Expo in Las Vegas, Nevada.

“We looked at the original 2004 framework and what’s going on in the marketplace and concluded there had been enough chance in how companies approach ERM…[and realized] that if we revised the framework we could get significant value for readers with some new ideas and concepts,” Hirth said.

What do the recent updates to the ERM framework mean for internal audit? In the video interview below, Hirth answers that question and advises on how internal auditors could best leverage the framework.


Interested in learning more about this topic? This upcoming seminar is the perfect opportunity for you to learn more.