Question

According to the COSO framework, when are internal controls effective and what does this means?

a. Complete elimination of all risks
b. Absolute certainty in achieving objectives
c. Providing reasonable assurance of achieving objectives
d. Meeting regulatory requirements regardless of effectiveness

Answer 1

Internal controls are effective under the COSO framework when they provide reasonable assurance for achieving objectives, recognizing that no system can guarantee absolute certainty due to inherent limitations.

Step-by-step explanation:

According to the COSO framework, internal controls are considered effective when they provide reasonable assurance of achieving an entity's objectives. This means that internal controls should be designed and functioning in a manner that helps prevent, or detect and correct, material misstatements or losses. However, no internal control system can provide absolute assurance due to inherent limitations. Hence, the correct answer to the question is option c, Providing reasonable assurance of achieving objectives, as this acknowledges that while internal control systems may reduce the likelihood and impact of risks, they cannot guarantee that all objectives will be met or that all risks will be eliminated.