Internal control


The board is responsible for overseeing internal control per the Swedish Companies Act and the Swedish Code of Corporate Governance.

Cybercom defines internal control as a process that is governed by the board, executive management, and other employees. Cybercom's internal control is designed to provide reasonable assurance that Cybercom achieves its objectives of purposeful, effective operation, reliable financial reporting, and compliance with applicable laws and regulations.

Cybercom's internal control process is based on a framework published by the Committee of Sponsoring Organization of the Treadway Commission (COSO).

COSO framework

Regarding the board's internal control of financial reporting report, various professional guidelines* identify the COSO as:

  • The most widely used, internationally accepted framework
  • Having a special status in defining good internal control.

Consequently, Cybercom chose to use the COSO framework as its internal control standard. The framework divides internal control into these components: control environment, risk assessment, control activities, information and communication, and monitoring.

* For example, those published by the Confederation of Swedish Enterprise and the Institute for the Accountancy Profession in Sweden (FAR SRS).