This questionnaire template provides a number of COSO elements and the related control objectives for entity-level controls. Within the questionnaire, you can document whether the control exists, whether it was designed properly, related test procedures, and management's action plan for deficiencies. This document should be used as a general guide to use when creating an entity-level controls questionnaire. It does not address all controls that could be assessed during this process. Subscribers are encouraged to customize the questionnaire so that it reflects specific company practices and business operations.
Example control objectives in this tool include:
- A positive workplace environment exists that minimizes employees' sense of feeling abused, threatened or ignored.
- Effective policies exist that minimize the chance of hiring or promoting individuals with low levels of honesty, especially for positions of trust.
- A formal fraud policy exists that defines fraud and appropriate actions to be taken with respect to instances of fraud. The policy is formally communicated and available on the company intranet.
- The company reacts to and deals with acts of fraud, or suspected fraud, in a manner that sends a strong message throughout the company that helps reduce the likelihood of future incidents.