Professional Accounting Societies Applaud COSO Small Business Guidance

The American Institute of Certified Public Accountants (AICPA) and the Institute of Management Accountants have both affirmed support for new guidance for smaller public companies released during a webcast on July 11 by the Committee of Sponsoring Organizations of the Treadway Commission (COSO).

The guidance is intended to assist smaller public companies in implementing more effective internal control systems and ultimately resulting in more proficient compliance with the Section 404 internal control reporting requirements of the Sarbanes-Oxley Act.

“IMA continues to support any guidance which, directly or indirectly, enables smaller publicly traded companies to implement high standards of internal control, comply with regulation, and drive growth in the U.S. economy,” IMA president and CEO Paul A. Sharman said in a prepared statement.

The new guidance is a supplement to COSO’s 1992 guidance Internal Control – Integrated Framework illustrating essential internal control over financial reporting using real-world small company examples.

“COSO’s guidance Internal Control Over Financial Reporting – Guidance for Smaller Public Companies, offers smaller public companies previously unavailable, but much needed, direction about how to design and implement cost-effective internal financial controls,” John Morrow, AICPA Vice President of the New Finance, said in a prepared statement. “Companies’ management teams and audit committee members are going to find this guidance invaluable.”

Jeff Thomson, IMA vice president of research and COSO board member concurs, adding “The COSO small business guidance, much like the underlying 1992 control framework, is a comprehensive framework containing principles that define elements of ‘good’ internal control. From this perspective, COSO 1992 has stood the test of time and has clearly achieved the original objectives of the Treadway Commission 15 years ago. Additionally, the small business guidance contains many real world examples as a starting point for small business to design and implement their own assessment processes in alignment with the broad principles-based COSO 1992 framework.”

According to Thomson, however, more work is necessary in enabling organizations to assess the effectiveness of their internal controls which company chief executive officers (CEOs) and chief financial officers (CFOs) must attest to in writing per provisions of the Sarbanes-Oxley Act (SOX). “We have stated that the principles-based COSO 1992 framework by itself does not provide the cost-effective, top-down and risk-based assessment guidance necessary for decision-support CFOs, business process owners and others working inside organizations who are in the best position to affect a positive audit outcome and drive business performance,” Thomson continued. “In short, cost effective management guidance should include a control model and a practical risk-based assessment methodology which addresses the key question of ‘how much control is enough?’”

Speakers at the COSO webcast, which is archived online at, discussed how the guidance can be used by preparers of financial statement and internal control systems, as well as auditors. The Executive Summary of the guidance and Frequently Asked Questions are also available online at

IMA has taken two major actions to help make SOX work for business and allow organizations of all sizes to realize the value in their compliance programs. IMA commissioned a landmark study to identify SOX root cause issues conducted by Dr. Parveen Gupta, Professor at Lehigh University. Preliminary results of the study revealed that a lack of management implementation guidance is a significant cost driver for companies complying with Section 404 requirements. IMA is also developing, for comment later this year, a risk-based assessment methodology called CARD ME (Collaborative Assurance and Risk Design - Management Edition), which will allow organizations of all sizes to cost effectively comply with regulation and focus on value-creating initiatives in accordance with the principles underlying the COSO 1992 internal control framework.

"We will continue to work with the COSO Board, the SEC and all other interested parties -- including global organizations -- to implement the management implementation guidance so desperately needed to get SOX costs under control and get on with the business of doing business," Sharman concluded.

You may like these other stories...

Hertz withdraws full-year forecast, cites accounting review, challengesRental car company Hertz Global Holdings Inc. said on Tuesday it is withdrawing its full-year financial forecast and expects 2014 results to be “...
Amelia Emmert, a tax manager in Assurance at EY, always had a quiet concern for conservation: taking little steps to make small differences to better the environment, like turning off the lights and "vampire"...
How are you planning? What tools do you use (or fail to use) for forecasting? PlanGuru is a business budgeting, forecasting, and performance review software company based in White Plains, N.Y. AccountingWEB recently spoke...

Already a member? log in here.

Upcoming CPE Webinars

Aug 21
Meet budgets and client expectations using project management skills geared toward the unique challenges faced by CPAs. Kristen Rampe will share how knowing the keys to structuring and executing a successful project can make the difference between success and repeated failures.
Aug 26
This webcast will include discussions of recently issued, commonly-applicable Accounting Standards Updates for non-public, non-governmental entities.
Aug 28
Excel spreadsheets are often akin to the American Wild West, where users can input anything they want into any worksheet cell. Excel's Data Validation feature allows you to restrict user inputs to selected choices, but there are many nuances to the feature that often trip users up.
Sep 9
In this session we'll discuss the types of technologies and their uses in a small accounting firm office.