Internal Controls, Risk Management and COSO

What are Internal Controls?

Questions and misunderstandings about “internal controls” are commonplace. Often, internal controls are perceived as being simply more “red tape.” They encompass high ethical standards and moral values that are communicated throughout the institution. The resources and tools listed below explain what internal controls are, why they are necessary, and can be used to evaluate and improve the level of internal control in your particular area of influence.


American USA Flag with Crouse College
American Flag and Crouse College

Internal Control – Integrated Framework  – This document is an executive summary published by the non-profit Committee of Sponsoring Organizations (COSO) outlining the basic concepts and principles of internal control. (see for more guidance from COSO).


Internal Control Concepts and Applications  – This PowerPoint presentation was prepared by the Syracuse University office of Audit & Management Advisory Services (AMAS). It parallels the COSO internal control model and attempts to relate its concepts and principals to the Syracuse University environment.


Self-Evaluation Questionnaire  – This document allows the user to apply the COSO risk management review process to his/her own organization to evaluate the effectiveness of internal controls at the local school, college, department level. Please contact AMAS with any questions you may have in evaluating internal controls in your area of responsibility.