COBIT and COSO are two alliterations that have a lot in common. COSO stands for The Committee of Sponsoring Organizations while COBIT stands for Control Objectives for Information and Related Technologies. These two organization’s function is to help companies organize and monitor financial reporting controls.

However, there are a few differences between the two organizations, and in this article, you will understand those in detail.

Understanding COSO

COSO was established in 1985 by five professional associations. Their main aim was to sponsor the National Commission on Fraudulent Financial Reporting.  These five associations included:

  • Institute of Internal Auditors
  • the American Accounting Organization
  • Institute of Management Accountants
  • The American Institute of Certified Public Accountants
  • Financial Executives International

The body’s main goal is to help to provide guidance on risk management and to develop an enterprise framework, fraud deterrence, and internal control.

Understanding ISACA

ISACA was established in 1967. The initials stand for Information Systems and Audit Control Association.  It is an IT professional body. The organization main role is to develop auditing control guidance and create world recognized IT certification.

The Framework of COSO

In 2016, COSO updated its framework. The new framework uses a risk management approach in managing internal controls.  The framework applies to both internal and external financial reporting. The framework is based on five crucial strategic points.

They include:

  1. Governance and culture
    This point relates to ERM and oversees daily activities
  2. Strategy and Objective Setting
    This principle states that risks must be measured objectively.
  3. The performance
    This approach stipulates that there should be effective reporting of risks.
  4. The Review and Revision
    This element involves internal audit and monitoring of controls.
  5. Information, Communication, and Reporting
    This requirement says there should be communication between internal and external members.

The Framework of COBIT

COBIT also have five crucial principles. The role of these principles differs from those of COSO.

The five principles include:

  1. Meeting Stakeholders Needs
    The decision of the organization should comprise of those who bear risk and those who receive benefits to determine the needed resources.
  2. Covering the Enterprise end to end
    This principle makes sure ERM takes into consideration information and technologies like assets and applications instead of focusing on IT.
  3. Applying a Single Integrated Framework
    This rule aims at mapping several standards to one business governance and management.
  4. Enabling a Holistic Approach
    Culture, integrates processes, policies information, organizational structures, as well as people to manage and govern the enterprise.
  5. Separating governance and management
    This element involves evaluating ways to offer direction and to separate tracking activities from those who are governing.

Comparison of COSO with COBIT

Although the two organizations appear to have some form of similarities, they carry out different functions for various institutions. COSO offers guidance that companies can refer to when creating risk tolerances to minimize theft and fraud. On the other hand, COBIT gives organization guidelines that provide best-practice controls.

Companies that choose to create financial risk reporting architecture that is compatible with COSO can also implement COBIT to create their control landscape. COSO let companies to frame their building.

Why your company needs COSO and COBIT?

COSO and COBIT are designed to make control landscape as well as risk and governance infrastructure that lets security align with requirements.

COSO responds to controls that are associated with a fiduciary duty which are meant to comply with Sarbanes-Oxley requirements.  The problem with COSO is that it limits itself to a particular segment of an organization.  For COBIT, it provides a specific manner through which risk is assessed. For instance, the PO 8 Manage Quality is compatible with the risk assessment element of COSO.

As soon as a company aligns its control with COBIT, it can do the same to COSO and other viable frameworks through the use of gap analysis. With the gap analysis tools, the organization can control across different standards to avoid the issue of compliance with various frameworks.


Feel free to ask questions, send feedback and even point out mistakes. Great conversations start with just a single word. How to write better comments?
Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You May Also Like
Read More

Why Staff Training is important?

As an employer, there are many ways that you can help your staff. The best employers are continuously looking at how they can improve their company’s performance, and they understand that looking after their employees is one of the best ways to ensure that the business moves forward. Consistent and continuous training is one way for employers to make the…
Read More

5 Ways to Determine if You’re Ready to Quit Your Day Job

When you are just starting a business unless you have a round of venture capital funding or some angel investors, you will probably be bootstrapping your way along. This means you’ll probably keep your day job and work on your business at night and on the weekends. Don’t worry, that is how a lot of us started out. Eventually you…
Read More

How Social Media can help you build your sale network?

Ad networks are becoming a necessity for business growth. And most popular online advertising networks are Ad knowledge, Apple Advertising, Google AdSense, Yahoo Network, Facebook Audience Network Ads etc. As you could view, users global are going on to herd to social media networks such as Facebook, Twitter, and Pinterest. These sites afford your case a basic possibility to join…
Read More

Four Simple Ways to Reduce Start-up Costs

It’s no secret that launching a start-up can be costly. Even today with more and more opportunities available to new business owners, particularly those starting up online-only businesses, getting together the funds to keep your business running successfully can be a monthly struggle. The easiest way to make sure that your business is able to grow is by keeping as…
ModernPOSA.jpg
Read More

6 Modern POS Apps to Supercharge & Modernize Small Retail Businesses

E-commerce continues to contribute and drive growth for economies around the globe. As consumers demand more options for satisfying a hunger for a more enjoyable life, businesses are set to continuously profit as long as they can supply the demand. In addition, with the prevalence and greater ease of access to high-end mobile technologies, advanced distribution channels and startups pushing…
entrepreneur
Read More

Pros (and Cons) of Online Education for Entrepreneurs

Technology has taken the world by storm and changed almost every area of society. One area in particular is learning. Instead of traditional colleges where you attend in person, many schools offer online programs or are completely based online. However, while they do have their advantages for entrepreneurs, they have their set of drawbacks as well. Here are some of…