Understanding the COSO 2013 Framework: Four Short Cases for Use in AIS and Auditing Courses

Abstract

ABSTRACT Since our students will be auditors or accountants after they graduate, they need to understand how to apply and assess the components of the COSO 2013 framework in their evaluations of a client's internal controls and the reports used for decision-making. We present four short cases addressing the components of the COSO 2013 Internal Control—Integrated Framework. The short cases we provide focus on the interaction of the components to help students see how these components combine to form a strong internal control system. Learning objectives of the cases are to help students: 1) practice performing a risk assessment and making recommendations to respond to the identified risks, 2) identify non-accounting information that could be used to monitor operations, 3) evaluate the control environment of an organization in terms of the five principles of the COSO 2013 control environment component, and 4) evaluate potential fraud risk, identifying the information and monitoring activities that could be used to mitigate that risk. A pre- and post-test analysis shows that students, especially undergraduates, exhibited significant improvement in their understanding of the components of the COSO 2013 framework. Implementation guidance and other feedback are included.