But the importance of the COSO mode

But the importance of the COSO model did not stop there. Recent events have made the model even more significant.
Sarbanes-Oxley Section 404
With the passage in the US of the Sarbanes-Oxley Act of 2002 in July 2002, publicly traded companies had to comply with section 404, which requires management to evaluate internal controls every year and requires financial auditors to opine on the evaluation. Everyone concerned wondered how that process would be standardized and if the SEC or Public Company Accounting Oversight Board (PCAOB), created by the Sarbanes-Oxley Act, would require some standard model or benchmark for evaluating controls.
Auditing Standard No. 2
PCAOB had been given responsibilities in the area of standard setting for financial reporting and began to issue auditing standards. The first one, Auditing Standard (AS) No. 1, accepted all previous auditing standards set by the AICPA. The second one, AS2,4 was published in June 2004 and addressed the issue of complying with Sarbanes-Oxley section 404. In it, PCAOB recommended the COSO model as a way to evaluate and report on internal controls. Thus, AS2 entrenched the COSO model as a tool that auditors, internal and external, needed to understand, especially in applying it to section 404 evaluations of internal controls.