900.01 - Internal Control Policy - Internal Control Standards
State agencies will adopt the Internal Control – Integrated Framework (the COSO Framework) issued by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), guidance titled Internal Control over Financial Reporting – Guidance for Smaller Public Companies, issued by COSO, and Control Objectives for Information and related Technology (COBIT) issued by the Information Systems Audit and Control Association (ISACA) and the IT Governance Institute (ITGI). All state agencies will use the COSO Framework, COSO guidance, and COBIT in its annual assessment and evaluation of internal control as interpreted and applied in guidance issued by the State Controller.