Benchmark: CC3.1 COSO Principle 6: The entity specifies objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives

Description

Operations Ojectives:

• Reflects Management's Choices - Operations objectives reflect management's choices about structure, industry considerations, and performance of the entity.
• Considers Tolerances for Risk - Management considers the acceptable levels of variation relative to the achievement of operations objectives.

External Financial Reporting Objectives:

• Complies With Applicable Accounting Standards - Financial reporting objectives are consistent with accounting principles suitable and available for that entity. The accounting principles selected are appropriate in the circumstances.

External Nonfinancial Reporting Objectives:

• Complies With Externally Established Frameworks - Management establishes objectives consistent with laws and regulations or standards and frameworks of recognized external organizations.
• Reflects Entity Activities - External reporting reflects the underlying transactions and events within a range of acceptable limits.
• Considers the Required Level of Precision—Management reflects the required level of precision and accuracy suitable for user needs and based on criteria established by third parties in nonfinancial reporting.

Internal Reporting Objectives:

• Reflects Management's Choices - Internal reporting provides management with accurate and complete information regarding management's choices and information needed in managing the entity.
• Considers the Required Level of Precision—Management reflects the required level of precision and accuracy suitable for user needs in nonfinancial reporting objectives and materiality within financial reporting objectives.
• Reflects Entity Activities—Internal reporting reflects the underlying transactions and events within a range of acceptable limits.

Compliance Objectives:

• Reflects External Laws and Regulations - Laws and regulations establish minimum standards of conduct, which the entity integrates into compliance objectives.
• Considers Tolerances for Risk - Management considers the acceptable levels of variation relative to the achievement of operations objectives.
• Additional point of focus specifically related to all engagements using the trust services criteria: Establishes Sub-objectives to Support Objectives—Management identifies sub-objectives related to security, availability, processing integrity, confidentiality, and privacy to support the achievement of the entity’s objectives related to reporting, operations, and compliance.