Skip Ribbon Commands
Skip to main content

The IIA COSO Resource Exchange 

IIA Offers OnDemand COSO Internal Control Certificate Program

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) announces launch of a self-study, on-demand learning program toward earning the COSO Internal Control Certificate. The program is being offered by The Institute of Internal Auditors (IIA) and the American Institute of CPAs (AICPA). The Institute of Management Accountants (IMA) plans to offer the course in January. The on-demand learning program is geared to internal auditors, accountants, and other financial professionals, allowing candidates to demonstrate expertise in designing, implementing, and monitoring a system of internal control using COSO’s updated 2013 Internal Control-Integrated Framework.

Read Press Release

Comment Period for COSO ERM Framework Update Closed

COSO concluded its call for public comment to the proposed update to its ERM Framework: Enterprise Risk Management — Aligning Risk with Strategy and Performance. Written comments that were submitted will become part of the public record and will be available on the COSO ERM website through 15 December 2016.

Read COSO Press Release

New COSO Fraud Risk Management Guide Released

Fraud Risk Management GuideCOSO's latest release, Fraud Risk Management Guide, replaces the 2007 version, Managing the Business Risk of Fraud, with updated content, relevant case studies, technology developments, and revised terminology aligned with today’s standards. The guide is intended to be supportive of and consistent with the 2013 COSO Framework and can serve as best practices guidance for organizations to follow in performing a fraud risk assessment.

Purchase the revised COSO guide by visiting The IIA Bookstore.

ERM Framework Update Exposure Period Now Open

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has unveiled an update to its Enterprise Risk Management – Integrated Framework and is seeking public comment of the proposal, from 15 June through 30 September. The update, Enterprise Risk Management — Aligning Risk with Strategy and Performance, is designed to address the needs of all organizations to improve their approach to managing new and existing risks as a way to help create, preserve, sustain, and realize value.

Go to ERM Framework Update Page
Read Press Release

Video: Enterprise Risk Management — Aligning Risk with Strategy and Performance

Hear from members of the COSO ERM Framework Update Advisory Council as they offer their insights on the proposed changes to the Framework and the need for public input. The Committee of Sponsoring Organizations of the Treadway Commission (COSO) is accepting comments on the update, Enterprise Risk Management — Aligning Risk with Strategy and Performance, from 15 June through 30 September.

Watch the Video

Leveraging COSO Across the Three Lines of Defense: White paper explains how to leverage COSO framework, 3 Lines of Defense

In Leveraging COSO Across the Three Lines of Defense, The IIA's Audit Executive Center makes a strong case for using the Three Lines of Defense Model, which addresses how specific duties related to risk and control should be assigned and coordinated.

Read Thought Leadership

COSO in the Cyber Age: Report offers guidance on using Frameworks to assess cyber risks

The Committee of Sponsoring Organizations of the Treadway Commission (COSO) has released COSO in the Cyber Age, a thought leadership paper that provides direction on how the Internal Control-Integrated Framework (2013) and the Enterprise Risk Management-Integrated Framework (2004) can help organizations effectively and efficiently evaluate and manage cyber risks.

Read Thought Leadership

IIA Resources

Video Broadcasts

Considering COSO 2013 From a Risk Perspective Controls exist to manage risk and keep it at acceptable levels. Norman Marks, retired CAE and Ia Online blogger, discusses how COSO's 2013 Internal Control–Integrated Framework fits into a top-down, risk-based approach to audits. View now.

COSO's Updated Framework: Global Applicability ​​ COSO Chairman Bob Hirth says regardless of your company's size, maturity, industry, or location, the enhanced 2013 Internal Control–Integrated Framework can be used to help improve its system of internal control. View now.

2013 Pulse of the Profession Survey Results – IIA President and CEO Richard Chambers discusses the results of the latest survey. Internal audit departments are expecting a greater focus on compliance risks, with implementation of COSO 2013 and the U.S. Affordable Care Act on the horizon. View now.

COSO with Keith Kawashima – Keith Kawashima of The IIA's Sacramento chapter discusses the changes with COSO and how it affects internal auditors. View now.

Training and Events

NEW! Are You COSO Ready? A Free Webcast Overview of the Updated COSO Framework discusses key changes to the Framework and how they will impact your organization:

  • Why the change is occurring now and what factors influenced the update.
  • What has not changed from the original guidance.
  • The nine elements that have changed and which seven directly impact internal audit.
  • How to continue your education and understanding of the Framework.

This is a good starting point to assess how these changes will impact your current practices. Access now.

COSO Seminar Course: The IIA will offer a two-day course titled COSO 2013: Implementing the Framework in locations throughout the United States in 2014. Designed to support an organization’s implementation efforts, this course examines how a principles-based approach can be used to design, implement, and evaluate a system of internal controls. On-site training for this course is available globally. Learn more and register today.

Articles, Books, and Reports

Adding Value with COSO: Beyond Compliance – The Internal Audit Foundation announces the release of the follow up to the 2013 release of COSO’s Internal Control – Integrated Framework. Written by James Roth, Ph.D., CIA, CCSA, CRMA, Adding Value with COSO: Beyond Compliance shares firsthand research that focuses on how four organizations apply the COSO Framework to all three business objective categories — operations, reporting, and compliance. The new report includes an implementation toolkit with samples of the documentation used to implement the Framework so organizations can create a customized “plug-and-play” system of internal control. For more information, visit The IIA Bookstore.

COSO Internal Control‒Integrated Framework: Turning Principles into Positive Action Book – Larry Rittenberg, COSO’s chair emeritus, provides a high-level, 100-page companion guidebook that will help internal auditors in all industries to quickly identify the implications for their organizations. This easy-to-read guide, sponsored by The IIA's Milwaukee Chapter, is an indispensable companion for the 2013 Framework. The book is included with the two-day COSO 2013: Implementing the Framework course registration and is also available for purchase online through the IIA Bookstore.

Management’s Guide to Sarbanes-Oxley Section 404 – This new release provides detailed guidance to ensure programs reflect the updated 2013 COSO Framework and readers understand the relationship between Sarbanes-Oxley Sections 302 and 404.

COSO Features in IIA Publications

These features in Internal Auditor (Ia) magazine and IIA Today highlight the key changes, what you need to know, and resources available for implementation:

The Audit Executive Center COSO Roundtable Report provides insight gathered during the Center’s three roundtable sessions held in early 2012, where CAEs discussed proposed updates, revisions, and enhancements to the 1992 Framework. The sessions brought together more than 30 CAEs from Fortune 250 companies and other distinguished organizations.

COSO Roundtable Report

About COSO

The IIA is a member of the Committee of Sponsoring Organizations of the Treadway Commission (COSO), a joint initiative of five private sector professional associations collaborating to provide thought leadership, frameworks, and guidance on enterprise risk management, internal control, and fraud deterrence. As one of the five sponsoring organizations for COSO, The IIA provides its members with exclusive access and discounts through its COSO Resource Exchange.

About the COSO Resource Exchange

The IIA COSO Resource Exchange provides the most comprehensive and up-to-date list of resources, tools, and training to support implementation of the COSO Internal Control–Integrated Framework. The Framework is the most widely recognized guidance on what constitutes effective internal control, which is vital for the success of any organization. It is broad-based and can be applied by organizations, businesses, governmental agencies, and not-for-profit enterprises of all sizes.


12 September 2016 - Deadline for Comments to ERM Framework Update Approaches

16 June 2016 - ERM Framework Update Exposure Period Now Open

14 January 2015 - ​COSO in the Cyber Age

5 November 2014 - COSO Announces Online Survey for ERM Update

21 October 2014 - COSO Announces Project to Update Enterprise Risk Management-Integrated Framework

10 February 2014 - COSO Releases New Thought Leader Paper Demonstrating How Frameworks Improve Organizational Performance and Governance

25 June 2013 - Managing Sustainability Risks the Focus of COSO's Latest Thought Leadership

6 June 2013 - COSO Issues Article Discussing Transition to the 2013 Internal Control - Integrated Framework for SOX Section 404 Compliance

3 June 2013 - New COSO Chairman Announced

14 May 2013 - COSO Issues Updated Internal Control - Integrated Framework and Related Illustrative Documents

COSO Resources

Improving Organizational Performance and Governance: How the COSO Frameworks Can Help

Demystifying Sustainability Risks

The 2013 COSO Framework & SOX Compliance: One Approach to an Effective Transition

Internal Control — Integrated Framework Executive Summary


COSO Framework Overview (PPT)

2013 COSO Framework

Additional information regarding the release of the updated Framework may be found on the COSO website and the following products may be purchased through the IIA Bookstore.

Member Savings

The IIA is a sponsoring organization of COSO. IIA members may purchase the COSO Framework and related documents at a reduced rate through the IIA Bookstore.