The COSO Framework consists of five interrelated components as follows:
a) Control environment.
b) Risk assessment.
c) Control activities.
d) Information and communication.
e) Monitoring.
These five components are linked together, thus forming an integrated system that can react dynamically to changing conditions. The internal control system is intertwined with the organization’s operating activities, and is most effective when controls are built into the organization’s infrastructure, becoming part of the very essence of the organization.