Guidance on Internal Control


Internal Control — Integrated Framework (2013)

The 2013 Framework is expected to help organizations design and implement internal control in light of many changes in business and operating environments since the issuance of the original Framework, broaden the application of internal control in addressing operations and reporting objectives, and clarify the requirements for determining what constitutes effective internal control.

COSO has also issued Illustrative Tools for Assessing Effectiveness of a System of Internal Control and the Internal Control over External Financial Reporting (ICEFR): A Compendium of Approaches and Examples. The Illustrative Tools are expected to assist users when assessing whether a system of internal control meets the requirements set forth in the updated Framework. The ICEFR Compendium is particularly relevant to those who prepare financial statements for external purposes based upon requirements set forth in the updated Framework.

Related article "The 2013 COSO Framework & SOX Compliance: One Approach to an Effective Transition" (article)
To read click here.

Download Executive Summary

For individual print or eBook.

Internal Control - Integrated Framework: Executive Summary, Framework and Appendices, and Illustrative Tools for Assessing Effectiveness of a System of Internal Control (3 volume set)

Internal Control - Integrated Framework, Internal Control Over External Financial Reporting: A Compendium of Approaches and Examples

Internal Control - Integrated Framework and Compendium Bundle

For multi-user licensing, please contact

For requests to reprint or use portions of the Internal Control – Framework, please complete the COSO Copyright Permission Request Form and return to



Internal Control — Integrated Framework (1992)

Produced after the release of the Treadway Commission’s recommendations, this document provides principles-based guidance for designing and implementing effective internal controls. COSO developed the framework in response to senior executives’ need for effective ways to better control their enterprises and to help ensure that organizational objectives related to operations, reporting, and compliance are achieved. This framework has become the most widely used internal control framework in the U.S. and has been adapted or adopted by numerous countries and businesses around the world. Available for purchase in the AICPA Store. Click “Order Here” above.


Guidance on Monitoring Internal Control Systems (2009)

Effective monitoring of internal control is one of the five components of effective internal control delineated in COSO's Internal Control - Integrated Framework. COSO has developed detailed interpretative guidance that will help organizations monitor the quality of their internal control systems.


Internal Control over Financial Reporting — Guidance for Smaller Public Companies (2006)

This document contains guidance targeted towards smaller public companies, to help them apply concepts in the 1992 Internal Control – Integrated Framework. The guidance demonstrates the applicability of those concepts to help smaller public companies design and implement internal controls to support the achievement of financial reporting objectives. It highlights 20 key principles of the 1992 framework, providing a principles-based approach to internal control. While targeted toward smaller public companies, the 2006 guidance applies to entities of all sizes and types. Available for purchase in the AICPA Store. Click “Order Here” above.


Internal Control Issues in Derivatives Usage (1996)

This guidance was issued in response to derivatives-related problems in recent years, many of which resulted from misunderstanding their risks and their use for risk management purposes. The document provided best-practice guidance for the development of internal controls related to derivative activities.