Control
Saturday, December 6, 2008 at 11:32AM (1) A noun, used as a subject, e.g., existence of a control — a policy or procedure that is part of internal control. A control can exist within any of the five components. (2) A noun, used as an object, e.g., to effect control — the result of policies and procedures designed to control; this result may or may not be effective internal control. (3) A verb, e.g., to control — to regulate; to establish or implement a policy that effects control.
Source : COSO Integrated Internal Controls Framework
1. A noun, denoting an item, e.g., existence of a control – a policy or procedure that is part of internal control. A control can exist within any of the eight components. 2. A noun, denoting a state or condition, e.g., to effect control – the result of policies and procedures designed to control; this result may or may not be effective internal control. 3. A verb, e.g., to control – to regulate; to establish or implement a policy that effects control.
Source : COSO Integrated Risk Management Framework
Measure to modify risk.
Note 1: Controls are the result of risk treatment.
Note 2: Controls include any process, policy, device, practice, or other actions designed to modify risk.
Source : BS31100:2008 [ISO Guide 73]
Andrew Smart
A control is a process or process step designed to maintain process integrity and reduce the likelihood and impact of risks. These must be specific enough to enable ownership by an individual role.
Source: Client Contribution
Reader Comments