COSO’s five elements have been essentially adopted by more and more professionals as the cornerstone of SOX though SOX does not specify which internal control framework to follow.
a) the control environment,
b) risk assessment,
c) control activities,
d) information and communication and
e) monitoring