What organization developed guidance for internal control and enterprise risk management?

The Committee of Sponsoring Organizations (COSO) is the organization that developed the widely recognized framework for internal control and enterprise risk management. COSO provides a comprehensive structure that helps organizations design and implement effective internal controls to achieve their objectives with regard to operations, reporting, and compliance. Its guidance, particularly the 2013 update to the Internal Control – Integrated Framework and the Enterprise Risk Management – Integrating with Strategy and Performance framework, has been instrumental in promoting best practices in risk management and internal control processes.

COSO's frameworks emphasize the importance of a structured approach to risk management, integrating risk considerations into strategic decision-making, and ensuring accountability across all levels of an organization. As a result, many organizations reference COSO's frameworks when establishing or assessing their internal control and risk management systems, underscoring COSO's pivotal role in setting standards in this field.