COSO is a control framework for financial processes. This aligns quite neatly of course with COBIT, which is a framework for information technology.

It is in fact the 'Committee of Sponsoring Organizations of the Treadway Commission. It was originally formed in 1985 to "sponsor the National Commission on Fraudulent Financial Reporting", and developed recommendations for public companies and their independent auditors.

COSO's definition of internal control identifies four key concepts:
Internal control is a process.
Internal control is effected by people.
Internal control can be expected to provide only reasonable assurance, not absolute assurance
Internal control is geared to the achievement of objectives in one or more separate but overlapping categories.

A number of publications expanding upon this are available from the COSO website.

Recently Changed
Contributors Page (ages ago)
Implementation Toolset (ages ago)
Management Guidelines (ages ago)