1

Case Study: COSO Components Principles

Your Name

University of

Course Number: Course Name

Instructor’s Name

April 30, 2023

2

Case Study: COSO Components Principles

According to Aytac and Cabuk (2020), the COSO framework is one of the most

effective approaches to establishing internal control over the risks an organization may face.

A mid-sized car manufacturer Ariel Motor Company Ltd has been chosen as a company

whose internal control system should be improved to ensure efficient management of

compliance risks, “reduce costs arising from risk,” and enhance the value of the

organization (Febrianti & Novita, 2021, p. 18; Prewett & Terry 2018).

Control Environment

The board of directors of Ariel Motor Company, together with middle management,

oversees the implementation and functioning of internal control. That approach contradicts

one of the COSO framework principles, which requires elevating responsibility for

enterprise risk management to the board of directors (Prewett & Terry, 2018). Therefore, the

board of directors of Ariel Motor Company should independently oversee the

implementation and functioning of internal control to deal with risk-related uncertainties

more constructively and ensure achieving business objectives. At the same time, the

organization has established a strong organizational culture. It is dedicated to its core

values. Besides, the company has adopted effective HRM practices, which is a basis for

attracting, developing, and retaining valuable qualified employees (Prewett & Terry, 2018).

Risk Assessment

Ariel Motor Company has failed to create an auto-control mechanism, which

increases the probability of fraud (Aytac & Cabuk, 2020). The certified public accountant

working for the company is the only employee who prepares financial statements. That

approach to the segregation of duties contradicts the COSO framework principle, which
3

emphasizes the need to take fraud risk factors into consideration in the risk assessment

process (Aytac & Cabuk, 2020). It is worth noting that even though Ariel Motor Company

has failed to create an auto-control mechanism, the organization has adopted tools for

assessing the severity of other types of risks, prioritizing those risks, and implementing risk

responses (Prewett & Terry, 2018).

Control Activities

Ariel Motor Company has not developed a serial chain system of quality control

activities that alters the organization’s compliance with ISO standards. Significantly, the

failure to implement the appropriate quality control activities may ultimately prevent the

company from taking advantage of its strengths to achieve organizational objectives.

Therefore, the organization should develop quality control activities and carry out an

internal quality audit, quality process audit, and overall audit. It is worth noting that a

process audit should be carried out to examine “whether the works are performed correctly

or not under the quality standards,” while the work and performance of all departments

should be evaluated within the framework of the overall audit (Aytac & Cabuk, 2020, p.

364).

Information and Communication

Ariel Motor Company has a horizontal organizational structure. The organization has

aligned how it communicates information internally with its organizational structure by

adopting horizontal communication. In other words, information flows from one department

to another at the same level, thus streamlining the communication process and allowing

timely information updates (Febrianti & Novita, 2021). That approach to aligning how the

company internally communicates information with its organizational structure is in line

4

with COSO’s information and communication principles. However, Ariel Motor Company

should improve its communication with external stakeholders “about matters affecting the

functioning of internal control” (Aytac & Cabuk, 2020, p. 358).

5

References

Aytac, A., & Cabuk, A. (2020). Assessment of the effectiveness of internal control

system and a case study. Journal of Accounting and Taxation Studies, 13 (2), 353-

376.

Febrianti, I., & Novita, N. (2021). COSO’s enterprise risk management framework in

agriculture startup to support the achievement of SDGs pillars. The International

Journal of Applied Business, 5(1), 18-36.

https://doi.org/10.20473/tijab.V5.I1.2021.18-36

Prewett, K., & Terry, A. (2018). COSO's updated enterprise risk management Framework –

A quest for depth and clarity. The Journal of Corporate Accounting & Finance,

29(3), 16-23. https://doi.org/10.1002/jcaf.22346

6