Respondents acknowledged the benefit of formalizing into principles internal control concepts introduced in the original framework, providing clarity for management in designing, implementing, and conducting internal control, and assessing the effectiveness of systems of internal control.

Some respondents suggested folding Principle 11, Selects and Develops General Controls over Technology, into Principle 10, Selects and Develops Control Activities, based on a view that selecting and developing technology general controls is a subset of selecting control activities in general, which are part of Principle 10.

Some also suggested combining Principle 8, Assessing Fraud Risk, with Principle 7, Identifies and Analyzes Risks, on the basis that fraud risk may be viewed as only one type of risk potentially impacting objectives.

The Framework carries forward the seventeen principles. It retains the principles that focus on the use of technology and the assessment of fraud risks, recognizing their important role in achieving effective internal control. Some principles were also enhanced or clarified based on respondents’ comments.