Customer Service: 800-778-7436     

To access your product click the Log In link at the top right of the screen. Once inside your account, you will be able to access your Packages, Self-Study Product, and Webinar Registrations.

Sign In to Your Surgent Account

Forgot Username or Password | Register for an Account

Internal Controls That Matter: Managing Risk With the Updated COSO Framework (COSF)

Choose CPE Format:

Self-Study SELECT STARTING AT $125 (On Demand)

Downloadable PDF

Credits: 8

Qualifies For: CPE



Credits: 8

Qualifies For: CPE

Self Study, topic
Laurie L.

Interested in bringing this course into your firm?


Internal Controls That Matter: Managing Risk With the Updated COSO Framework (COSF)

  • Customer Rating
  • Field of Study
  • Level
  • Credits
  • Qualifies for



Technological advances, cybersecurity threats, increased regulatory scrutiny, globalization, and other challenges have caused entities and auditors to struggle with proper consideration of the cost-benefit of internal controls, recognizing that a well-designed system does not have to prevent or detect all internal control deficiencies -- just ones that matter most to the entity’s objectives related to financial reporting, compliance, operations and strategy. This course provides practical guidance on what a sound system of internal controls “looks like” and its impact on the reliability of financial statements, particularly for smaller entities. In addition, a broader discussion of enterprise-wide risk management will be discussed in accordance with COSO’s Enterprise Risk Management – Integrated Framework.

Major Topics:

  • The evolution of internal controls theory and practice, including emerging guidance specific to smaller entities
  • Key components of internal control per the COSO Integrated Framework, and the significant role each plays in reliable financial reporting
  • Key concepts of the COSO Enterprise Risk Management Framework that expands on internal control, providing a more robust and extensive focus of broader risk management and alignment of strategy and enterprise-wide risk management
  • The critical role of information technology (IT) controls in reliable financial reporting, including both general and application controls, and the latest on the AICPA Cybersecurity Risk Management Framework
  • Evaluating the design and implementation of an entity’s design on internal controls, focusing on smaller businesses, and the resulting impact on risk of material misstatement in financial statements
  • Testing controls for operating effectiveness and determining the appropriateness of the nature, timing, and extent of control testing
  • Considerations related to the use of outside service organizations
  • Differentiating an auditor’s responsibilities under various professional and regulatory standards
  • The financial statement auditor’s responsibility for evaluating and communicating deficiencies in internal controls over reliable financial reporting        

Learning Objectives

  • Explain the evolution of internal control concepts since the origination of the 1992 version of COSO’s Internal Control-Integrated Framework
  • Be familiar with a more extensive enterprise-wide risk management approach guided by COSO’s Enterprise Risk Management Framework
  • Describe important internal control concepts, including identifying "key controls" in a "top-down" approach to evaluating the design and implementation of internal control over reliable financial reporting, including considerations of IT and use of outside service providers
  • Discuss the difference between evaluating "design and implementation" and "operating effectiveness" to evaluate the on-going performance of internal control over a period of time
  • Explain differences between "material weakness" and "significant deficiency" regarding internal control over reliable financial reporting, especially for smaller business environments
  • Be familiar with numerous examples and illustrations of designing, implementing, maintaining and monitoring a sound system of internal control over reliable financial reporting

Designed for:

Accountants responsible for designing, evaluating, and/or monitoring internal controls over financial reporting


Experience with designing, evaluating, or monitoring internal controls

Advanced Preparation:


Interested in bringing this course into your firm?




Thank You!



Thank You!

Thank You! Your request has been submitted.

Get More with a Surgent CPE package

Unlimited Self-Study Package

  • Unlimited 24/7 access to 200+ downloadable self-study courses

  • Courses range from 2-20 credits

  • Provides online grading & CPE certificates by email

  • Does NOT include Premium courses


Buy Now

Unlimited Webinar Package

  • Unlimited access to all non-premium live CPE webinars

  • Includes 1-, 2-, 3-, 4-, and 8-hour webinars, including Saturday and evening options

  • Access through December 31st of the year in which you purchase

  • Does NOT include Premium courses


Buy Now


Unlimited Plus Package

  • Unlimited access to ALL live CPE webinars

  • Includes all premium courses and virtual conferences

  • Unlimited 24/7 access to all self-study courses

  • Includes all on-demand webcasts

  • Access for a year from purchase date


Buy Now

Explore Additional Courses by Topic

  • CPE Continuing Professional Education for CPAs

  • IRS Continuing Education for EAs and the AFSP program

  • CFP Accepted by the CFP® Board

  • YB YellowBook Continuing Education

  • CTEC Approved for CE by CTEC

QAS Approval Surgent IRS Approval Surgent CFP Approval Surgent CTEC Approval Surgent
CPE Webinars
CPE Webinars

Thank You!

Thank You! Your subscription has been submitted.