Catching Fraud During a Recession Through Superior Internal Controls. FICPA s 25 th Annual Accounting Show. J. Stephen Nouss September 29, 2010
|
|
- Verity Chambers
- 6 years ago
- Views:
Transcription
1 Catching Fraud During a Recession Through Superior Internal Controls FICPA s 25 th Annual Accounting Show J. Stephen Nouss September 29,
2 Session Objectives Fraud Facts (2008 Association of Certified Fraud Examiners, Inc.) Risks COSO Framework Internal Controls COSO Monitoring Controls Enterprise Risk Management (ERM) Internal Audit Possible Governance Considerations Potential Benefits from Focusing on Process Improvement 2
3 How Occupational Fraud is Committed Breakdown of All Occupational Fraud Schemes Frequency 3
4 How Occupational Fraud is Committed Breakdown of All Occupational Fraud Schemes Median Loss 4
5 How Occupational Fraud is Committed Median Duration of Fraud Based on Scheme Type 5
6 Detection of Fraud Schemes Initial Detection of Occupational Frauds 6
7 Detection of Fraud Schemes Initial Detection Method of Frauds in Small Businesses 7
8 Victim Organizations Organization Type of Victim Median Loss 8
9 Victim Organizations Methods of Fraud Small Business vs. All Cases 9
10 Victim Organizations Frequency of Anti-Fraud Controls 10
11 Victim Organizations Primary Internal Control Weakness Observed by CFE 11
12 Victim Organizations Internal Controls Modified or Implemented in Response to Fraud 12
13 The Perpetrators 13
14 Examples of Risk E N V I R O N M E N T R I S K Catastrophic Competitor Loss Sovereign/Political Sensitivity Legal Shareholder Regulatory Relations Industry Capital Financial Availability Markets P R O C E S S R I S K OPERATIONS RISK Customer Satisfaction Human Resources Product Development Efficiency Capacity Performance Gap Cycle Time Sourcing Obsolescence/Shrinkage Compliance Business Interruption Product/Service Failure Environmental Health and Safety Trademark/Brand Name Erosion EMPOWERMENT RISK Leadership Authority/Limit Outsourcing Performance Incentives Change Readiness Communications INFORMATION PROCESSING/ TECHNOLOGY RISK Relevance Integrity Access Availability Infrastructure INTEGRITY RISK Management Fraud Employee Fraud Illegal Acts Unauthorized Use Reputation Price Liquidity Credit FINANCIAL RISK Interest Rate Currency Equity Commodity Financial Instrument Cash Flow Opportunity Cost Concentration Default Concentration Settlement Collateral I N F O R M A T I O N F O R D E C I S I O N M A K I N G R I S K OPERATIONAL Pricing Contract Commitment Performance Measurement Alignment Regulatory Reporting FINANCIAL Budget and Planning Accounting Information Financial Reporting Evaluation Taxation Pension Fund Investment Evaluation Regulatory Reporting STRATEGIC Environmental Scan Business Portfolio Valuation Performance Measurement Organization Structure Resource Allocation Planning Life Cycle 14
15 The COSO ERM Framework The original COSO Internal Control Integrated Framework started out as a tool to help organizations ensure that they had procedures in place to consistently achieve their objectives in the following categories: Effectiveness and efficiency of operations Reliability of financial reporting Compliance with applicable laws and regulations 15
16 COSO Control Environment Integrity and Ethical Values Sound integrity and ethical values, particularly of top management, are developed and understood and set the standard of conduct for financial reporting. Board of Directors The board of directors understands and exercises oversight responsibility related to financial reporting and related internal control. Management's Philosophy and Operating Style Management's philosophy and operating style support achieving effective internal control over financial reporting. 16
17 COSO Control Environment, cont'd Organizational Structure The company's organizational structure supports effective internal control over financial reporting. Financial Reporting Competencies The company retains individuals competent in financial reporting and related oversight roles. Authority and Responsibility Management and employees are assigned appropriate levels of authority and responsibility to facilitate effective internal control over financial reporting. Human Resources Human resource policies and practices are designed and implemented to facilitate effective internal control over financial reporting. 17
18 COSO Risk Assessment Financial Reporting Objectives Management specifies financial reporting objectives with sufficient clarity and criteria to enable the identification of risks to reliable financial reporting. Financial Reporting Risks The company identifies and analyzes risks to the achievement of financial reporting objectives as a basis for determining how the risks should be managed. Fraud Risk The potential for material misstatement due to fraud is explicitly considered in assessing risks to the achievement of financial reporting objectives. 18
19 COSO Control Activities Integration with Risk Assessment Actions are taken to address risks to the achievement of financial reporting objectives. Selection and Development of Control Activities Control activities are selected and developed considering their cost and their potential effectiveness in mitigating risks to the achievement of financial reporting objectives. Policies and Procedures Policies related to reliable financial reporting are established and communicated throughout the company, with corresponding procedures resulting in management directives being carried out. Information Technology Information technology controls, where applicable, are designed and implemented to support the achievement of financial reporting objectives. 19
20 COSO Information and Communication Financial Reporting Information Pertinent information is identified, captured, used at all levels of the company, and distributed in a form and timeframe that supports the achievement of financial reporting objectives. Internal Control Information Information used to execute other control components is identified, captured, and distributed in a form and timeframe that enables personnel to carry out their internal control responsibilities. Internal Communication Communications enable and support understanding and execution of internal control objectives, processes, and individual responsibilities at all levels of the organization. External Communication Matters affecting the achievement of financial reporting objectives are communicated with outside parties. 20
21 Monitoring Ongoing and Separate Evaluations Ongoing and/or separate evaluations enable management to determine whether internal control over financial reporting is present and functioning. Reporting Deficiencies Internal control deficiencies are identified and communicated in a timely manner to those parties responsible for taking corrective action, and to management and the board as appropriate. 21
22 What is Internal Audit today? The IIA defines internal audit as: an independent, objective assurance and consulting activity designed to add value and improve an organization's operations. It helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes. The key question every internal auditor must answer is: "What objectives are we to address?" 22
23 COSO: Guidance on Monitoring Internal Control Systems (January 2009) Supported Conclusions Regarding Control Effectiveness The Monitoring Process 23
24 The COSO ERM Framework The COSO ERM Framework: 1 2 Adds the "Strategic" objective Broadens the "Financial Reporting" objective to all Reporting, and Enhances the components to more effectively address objective setting and risk assessment
25 The ERM value proposition Focuses management attention on the truly important risks risks with potential to significantly impact earnings or even endanger company survival Makes ALL risks known to management, rather than some risks Develops a strategic, company-wide approach to risk management and mitigation using all the available tools: derivatives, insurance, internal controls and strategic action Integrates risk management into critical decision-making processes, such as strategic planning 25
26 The ERM value proposition continued Identifies the risks inherent in current strategy and business model before the competition to provide sustainable competitive advantage Determines risk appetite of the company in context of management & community expectations 26
27 The Simplicity of ERM In the end, effectively controlling those risks boils down to four key steps: Set objectives What do you want to accomplish? Identify and prioritize risks What events/actions could significantly prevent the organization from achieving those objectives? Plan and execute a response Avoid, reduce, share, or accept the risk (or a combination) Monitor and continuously re-evaluate Develop a plan to ensure that the conclusions above are still relevant and operating as intended 27
28 The Universe of Objectives Every successful organization lives within an operational world that includes four critical elements: Strategic intent (i.e., what we want to accomplish and when) Operational reality (i.e., the processes, people and technology we employ to achieve the strategic vision) Reporting needs and requirements (i.e., internal and external reporting) Legal and regulatory compliance requirements (i.e., what we can and cannot do, when and where) 28
29 The Universe of Risks Every organization faces risks on three primary fronts: In their environment (e.g., competitors, governments, lenders, regulators, innovators, etc.) In their operations (e.g., production quality, efficiency, information systems, employee capabilities and integrity, etc.) In the information they use and/or publish that is critical for making decisions (e.g., production planning, product pricing, purchase commitments, budgeting, financial reporting, etc.) 29
30 ERM capability maturity Basic Determine risk treatment strategies Establish business risk inventory Align business unit risks with objectives Create common language for risks, control activities and monitoring Communicate risk taking expectations to senior managers 30
31 ERM capability maturity Intermediate Basic ERM plus Quantify key risks to best extent possible Identify key risk metrics to report on Create risk policy and procedure manual Analyze risks' root cause and impact Integrate effects of risk types 31
32 ERM capability maturity Advanced Intermediate ERM plus Strategic planning Annual budget process Stakeholder communications Management scorecards Remuneration 32
33 ERM approach Keep it simple to succeed Leverage other risk management initiatives Utilize a quantitative and standard questionnaire Interview all key stakeholders to ensure all perspectives are captured the first time Incorporate known organization and industry risks up front Focus on pervasive risks first (top-down) 33
34 Example of "Basic" ERM Approach Leverage Other Risk Assessment Initiatives Quantitative Questionnaire Qualitative Questionnaire -Top 3 Objectives -Risks to Achieve Interviews Add Additional Risks - From Exec Management - From Industry and -Outside Initial Risk Universe Narrow to Common Theme Risks based on review of risk universe Risk Ranking Meeting with Management Based on Significance/Likelihood of Risk, Risk Appetite and How Well Doing Today Develop Cost/Benefit Analysis and Work Plan Present to Audit Committee Re-ranking of Risks 2010 Audit Plan Address Pervasive Risks 34
35 The role of Internal Audit Provide assurance on risk management processes Provide assurance that risks are correctly evaluated Evaluate risk management processes Evaluate the reporting of key risks Review the management of key risks Source: the IIA's position paper, The Role of Internal Auditing in Enterprise-wide Risk Management 35
36 The role of Internal Audit with safeguards Facilitate identification and evaluation of risks Coach management in responding to risks Coordinate ERM activities Consolidate the reporting on risks Maintain and develop the ERM framework Champion establishment of ERM Develop risk management strategy for board approval Source: the IIA's position paper, The Role of Internal Auditing in Enterprise-wide Risk Management 36
37 The role of Internal Audit Play an important role in monitoring ERM but do not have primary responsibility for its implementation or maintenance Assist management and the board or audit committee in the process by: Monitoring Examining improvements Evaluating Reporting Recommending 37
38 The role of Internal Audit Do not.. Set the risk appetite Impose risk management processes Management assurance on risks Make decisions on risk management or responses Implement risk responses on management's behalf Become accountable for risk management 38
39 ERM best practices and lessons learned Do Establish a Risk Management Committee and Charter Identify a risk champion supported by the CEO Understand that ERM is a journey and not a project Provide a holistic definition of business risk Include consultants, but do not let them drive ERM 39
40 ERM best practices and lessons learned Do not Underestimate the impact of existing culture Undersell ERM as a business risk assessment Implement ERM as a part-time job Take on too much at one time 40
41 Improving The Nature of Certain Controls Possible Governance Consideration Has the company tagged its key controls by attribute (i.e., preventative vs. detective and automated vs. manual)? What areas rely heavily on detective or manual controls? Is there a business or control reason why these detective or manual controls are needed? What impact could shifting these controls to be more preventive or automated have on the reliability of a given process? 41
42 Centralizing Operations Possible Governance Considerations What processes in the company operate in a decentralized manner? Is there a business reason why control over these processes is decentralized? Could the company improve both control and efficiency by centralizing some or all of these processes? How much would the centralization effort cost in relation to the expected benefits? 42
43 Improving the Flow and Reliability of Information Possible Governance Considerations Does the company periodically inventory its reports and evaluate user needs and the efficiency of the report generation process? Does the company rely on manual report distribution or are electronic means utilized where possible? Has the company explored the possibility of real-time user access to selected information? 43
44 Implementing Business Process Improvements Possible Governance Considerations Does the company's control documentation contain enough information for users to understand the underlying business processes? Does the company use this information to identify possible inefficiencies in operations and business processes? Does the company consider technology and organizational issues when evaluating process improvement opportunities? 44
45 Potential Benefits From Focusing on Process Improvement Financial Close Performance Management & Financial Reporting Budgeting & Planning Improved quality, accuracy and timeliness of financial information Reduced time to close the books each period Eliminating unnecessary and/or manual activities Better aligned strategic and business goals Better information for decision making Elimination of unnecessary or redundant reports Reduced budget complexity and cycle time Enhanced ability to respond to market changes Increased quality, accuracy and timeliness of information Eliminating unnecessary and/or manual activities 45
46 Potential Benefits From Focusing on Process Improvement, cont'd Order to Cash Procure to Pay/ Supply Chain Inventory Management Decreased cost and cycle time associated with billing and collecting Increased accuracy on orders and bills Increase in cash flow More efficient purchasing process Increase in cash flow Better supplier relations Reduced inventory costs Reduced warehouse space Increase in cash flow 46
47 Contact information Steve Nouss Senior Vice President - Finance, Accounting & Operations Republic Metals Corporation Cell S.Nouss@republicmetalscorp.com 47
Enterprise Risk Management
Enterprise Risk Management Identifying & Assessing Enterprise Risk Steve Nouss, Partner Adam Ross, Senior Manager 1 Session objectives Define and understand the importance of enterprise risk management
More informationAsset Acceptance Capital Corp.
Asset Acceptance Capital Corp. A Practical Approach to Enterprise Risk Management Detroit Chapter IIA September 14, 2010 1 Presenters Jeffrey S. Bankowski, CIA, CPA, CFF Jeff is currently the Vice President
More informationFrom Dictionary.com. Risk: Exposure to the chance of injury or loss; a hazard or dangerous chance
Sharon Hale and John Argodale May 28, 2015 2 From Dictionary.com Enterprise: A project undertaken or to be undertaken, especially one that is important or difficult or that requires boldness or energy
More informationEnterprise Risk Management Program Development Update. Finance & Audit Committee Meeting September 25, 2015
Enterprise Risk Management Program Development Update Finance & Audit Committee Meeting September 25, 2015 Enterprise Risk Management Presentation Topics Enterprise Risk Management ( ERM ) Overview Lead
More informationSession 7: Corporate Governance
Session 7: Corporate Governance New York Bankers Association-Community Bank Auditors Group 2016 Internal Audit Training-June 6-8, 2016 MEMBER OF ALLINIAL GLOBAL, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS
More informationAPM Risk SiG Conference 26 th October 2006 Reporting risks to the board
APM Risk SiG Conference 26 th October 2006 Reporting risks to the board Purpose The purpose of this paper is to summarise the key points from the various presentations and knowledge sharing session held
More informationCGEIT Certification Job Practice
CGEIT Certification Job Practice Job Practice A job practice serves as the basis for the exam and the experience requirements to earn the CGEIT certification. This job practice consists of task and knowledge
More informationAgenda. Enterprise Risk Management Defined. The Intersection of Enterprise-wide Risk Management (ERM) and Business Continuity Management (BCM)
The Intersection of Enterprise-wide Risk (ERM) and Business Continuity (BCM) Marc Dominus 2005 Protiviti Inc. EOE Agenda Terminology and Process Introductions ERM Process Overview BCM Process Overview
More information2012 CliftonLarsonAllen LLP. A Practical & Tactical Approach to. Management (ERM) Cooperatives (NSAC) Jennifer Leary, Partner National Risk Management
A Practical & Tactical Approach to Implementing Enterprise Risk Management (ERM) National Society of Accountants for Cooperatives (NSAC) Jennifer Leary, Partner National Risk Management 1 1 Speaker Bio
More informationSuccessful ERM Program Standards. Definitions of Enterprise Risk Management (ERM)
1 Successful ERM Program Standards Enterprise Risk Management Vendor Management Business Continuity IT GRC Internal Audit Regulatory Compliance Manager William C. Hord V.P. of Enterprise Risk Management
More informationFigure 1: COSO Enterprise Risk Management Cube
Figure 1: COSO Enterprise Risk Management Cube Source: Committee of Sponsoring Organizations (COSO), "Enterprise Risk Management- Integrated Framework: Executive Summary" 5. As shown in the COSO ERM cube,
More informationSAMPLE BEC SuperfastCPA Review Notes
BEC 2018 SuperfastCPA Review Notes Table of Contents Corporate Governance 1 Internal Control Frameworks 1 Enterprise Risk Management Frameworks 6 Other Regulatory Frameworks and Provisions 10 Economic
More informationFraud Risk Management
Fraud Risk Management Fraud Risk Management Overview 2017 Association of Certified Fraud Examiners, Inc. Discussion Questions 1. Does your organization follow a specific risk management model? If so, which
More informationSarbanes-Oxley: Company Case Study - Viacom Inc. IT General Controls - Sustaining Compliance Efforts. Anthony Noble VP, IT Internal Audit
Sarbanes-Oxley: A Focus on IT Controls Company Case Study - Viacom Inc. IT General Controls - Sustaining Compliance Efforts Anthony Noble VP, IT Internal Audit Today s Agenda Introduction Viacom Methodology
More informationRisk Management Culture: The Linkage Between Ethics & Compliance and ERM September 14, 2009
2009 Compliance and Ethics Institute Risk Management Culture: The Linkage Between Ethics & Compliance and ERM September 14, 2009 Table of contents Section 1 2 3 4 5 6 Learning objectives Why measure risk
More informationA Practical Approach to Enterprise Risk Management
A Practical Approach to Enterprise Risk Management Presented by: Amit Govil Managing Partner, P&G Associates John McIsaac President, McIsaac Risk Solutions Today s Agenda I. Defining ERM II. Implementation
More informationEnterprise Risk Management (ERM) How Internal Audit Can Add Great Value
ASSOCIATION OF HEALTHCARE INTERNAL AUDITORS 2009 ANNUAL CONFERENCE Charting a Course for Excellence Enterprise Risk Management (ERM) How Internal Audit Can Add Great Value to Your Organization s ERM Process
More informationThe COSO Risk Framework: A reference for internal control? Transition from COSO I to COSO II
The COSO Risk Framework: A reference for internal control? Transition from COSO I to COSO II S P E A K E R : D O T T. FA B I O A C C A R D I C O U R S E O F B U S I N E S S A U D I T I N G U N I V E R
More informationGRM OVERSEAS LIMITED RISK MANAGEMENT POLICY
GRM OVERSEAS LIMITED RISK MANAGEMENT POLICY As approved by the Board of Directors at their meeting held on 11.11.2014. 1 P a g e Contents 1. Risk Management...3 2. Policy...3 3. Risk Management Philosophy...3
More informationREPORT 2016/033 INTERNAL AUDIT DIVISION
INTERNAL AUDIT DIVISION REPORT 2016/033 Advisory engagement on the Statement on Internal Control project at the United Nations Joint Staff Pension Fund 25 April 2016 Assignment No. VS2015/800/01 CONTENTS
More informationStandards for Internal Control in New York State Government 2016 Update
Standards for Internal Control in New York State Government 2016 Update Presented to the New York State Internal Control Association John F. Buyce Audit Director April 28, 2016 1 Last Revised in 2007 A
More information5 Core Must-Haves for Improved Internal Audit Performance. Copyright 2018 AuditBoard Inc. 1
5 Core Must-Haves for Improved Internal Audit Performance Copyright 2018 AuditBoard Inc. 1 Introductions Built by experienced auditors, AuditBoard allows enterprises to collaborate, manage, analyze and
More informationCharter for Enterprise Risk Management
for Enterprise Risk Management Prepared by: Shannon Sinclair Version: 1.2 Document Id: Date: Release Date TABLE OF CONTENTS TABLE OF CONTENTS... i 1. Background... 1 2. Objectives... 1 3. Scope... 2 3.1
More informationCertified Internal Auditor (CIA ) Exam Syllabus
Certified Internal Auditor (CIA ) Exam Syllabus Part 1 Internal Audit Basics 125 questions 2.5 Hours (150 minutes) The CIA exam Part 1 topics tested include aspects of mandatory guidance from the IPPF;
More informationAligning and Integrating ERM and Business Process. Federal ERM Summit September 9, :00-12:00
Aligning and Integrating ERM and Business Process Federal ERM Summit September 9, 2013 11:00-12:00 1 Agenda Defining Risk and ERM The ERM Value Proposition An Integrated ERM Framework Aligning ERM with
More informationMore than 2000 organizations use our ERM solution
5 STEPS TOWARDS AN ACTIONABLE RISK APPETITE Contents New Defining Pressures Risk Appetite and Risk Tolerance Benefits The 5 Best of Practices Risk Assessments Benefits of an Actionable Risk Appetite More
More informationEvolving Core Tasks for Improved Internal Audit Performance. Copyright 2018 AuditBoard Inc. 1
Evolving Core Tasks for Improved Internal Audit Performance Copyright 2018 AuditBoard Inc. 1 Introductions Built by experienced auditors, AuditBoard allows enterprises to collaborate, manage, analyze and
More informationStrengthening Your Enterprise Risk Management Process
Strengthening Your Enterprise Risk Management Process Belinda Mumma, Senior Consultant, Enterprise Risk Management Services bmumma@sollievo.com (866) 605-5664 x3400 Discussion Topics Definition of Enterprise
More informationGleim CIA Review Updates to Part Edition, 1st Printing June 2018
Page 1 of 15 Gleim CIA Review Updates to Part 1 2018 Edition, 1st Printing June 2018 Study Unit 3 Control Frameworks and Fraud Pages 66 through 69 and 76 through 77, Subunit 3.2: In accordance with the
More informationRisk Management in the 21 st Century Ameren Business Risk Management
Management in the 21 st Century Ameren Business Management Charles A. Bremer V.P. Ameren Service Center/Information Technology Ameren Services Co. November, 2007 Ameren s History 2 Ameren Today Electric
More informationNOGDAWINDAMIN FAMILY AND COMMUNITY SERVICES
This dictionary describes the following six functional competencies and four enabling competencies that support the differentiated territory for professional accountants in strategic management accounting:
More informationEnterprise Risk Management Demystified
Enterprise Risk Management Demystified Charles W. Soucy, CPCU, CLU, ARM Joe C. Underwood, CPCU, ARM, AIC October 27, 2010 Agenda 1. What is it? A formal definition of ERM How it s different 2. Why do it?
More informationTactical Implementation of Enterprise Risk Management
Tactical Implementation of Enterprise Risk Management Presented by: Glen Cooper Copyright Tactical Implementation of ERM CONGRATULATIONS YOU HAVE SUCCESSFULLY MADE YOUR BUSINESS CASE AND ACHIEVED MANAGEMENT
More informationAdvisory Services Governance, Risk & Compliance
Advisory Services Governance, Risk & Compliance Caribbean Association of Audit Committee Members Inc. 2010 Conference Caretakers of Integrity and Accountability: The Role of Internal Audit in Corporate
More informationIn Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015
In Control: Getting Familiar with the New COSO Guidelines CSMFO Monterey, California February 18, 2015 1 Background on COSO Part 1 2 Development of a comprehensive framework of internal control Internal
More informationInternational Standards for the Professional Practice of Internal Auditing (Standards)
INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) Attribute Standards 1000 Purpose, Authority, and Responsibility The purpose, authority, and responsibility of the
More informationCSR / Sustainability Governance and Management Assessment By Coro Strandberg President, Strandberg Consulting
Introduction CSR / Sustainability Governance and Management Assessment By Coro Strandberg President, Strandberg Consulting www.corostrandberg.com November 2015 Companies which adopt CSR or sustainability
More informationSan Francisco Chapter. Presented by Scott Perry - Slalom Consulting
Presented by Scott Perry - Slalom Consulting Introductions Session Objectives Overview of Enterprise Risk Management The Role Of IT IT Governance Model IT Risk Assessment How IT Auditors Add Value Key
More informationComparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining)
Comparison of the PCAOB s Auditing Standards No. 5 and No. 2 (Certain key differences are highlighted by underlining) Topic AS No. 5 AS No. 2 Objective of ICFR Audit Planning the ICFR Audit Integration
More informationB U S I N E S S R I S K M A N A G E M E N T L T D
B U S I N E S S R I S K M A N A G E M E N T L T D Governance, Risk and Compliance (GRC) After completing this course you will be able to Course Level Understand the requirements and benefits of GRC Develop
More informationFraud Risk Management
Fraud Risk Management Introduction Bethmara Kessler, CFE, CISA Campbell Soup Company 2017 Association of Certified Fraud Examiners, Inc. CPE Information 2017 Association of Certified Fraud Examiners, Inc.
More informationA Guide to IT Risk Assessment for Financial Institutions. March 2, 2011
A Guide to IT Risk Assessment for Financial Institutions March 2, 2011 Welcome! Housekeeping Control panel on the right side of your screen. Audio Telephone VoIP Submit Questions in the pane on the control
More informationControl Environment Toolkit: Internal Audit Function
III. MODEL DOCUMENT: INTERNAL AUDIT DEPARTMENT CHARTER ADOPTED BY THE AUDIT COMMITTEE OF THE COMPANY MEETING MINUTES NO OF 20 SIGNATURE OF THE CHAIRPERSON OF AUDIT COMMITTEE DATED THIS DAY OF, 20 Approved
More informationEnterprise Risk Management: Aligning Risk with Strategy & Performance June 26, :45 p.m. 4:45 p.m.
Enterprise Risk Management: Aligning Risk with Strategy & Performance June 26, 2017 3:45 p.m. 4:45 p.m. Presented by: Marc Winkler Director P&G Associates 646 Highway 18 East Brunswick, NJ 08816 P: 877-651-1700
More informationGuidance Note: Corporate Governance - Board of Directors. January Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Board of Directors January 2018 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance - Board of Directors (the Guidance
More informationGuidance Note: Corporate Governance - Audit Committee. January Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Audit Committee January 2018 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance Audit Committee (the Guidance Note
More informationRoad to Self Governance
Road to Self Governance Transform internal controls; sustain business performance 8 January 2015 Contents 1. Setting the Context 2. What needs to be done 3. Perspectives on IFC coverage 4. Leveraging IFC
More informationTranslate stakeholder needs into strategy. Governance is about negotiating and deciding amongst different stakeholders value interests.
Principles Principle 1 - Meeting stakeholder needs The governing body is ultimately responsible for setting the direction of the organisation and needs to account to stakeholders specifically owners or
More informationAn Overview of the 2013 COSO Framework. August 2013
An Overview of the 2013 COSO Framework August 2013 Introduction Dean Geesler, KPMG Senior Manager Course Objectives Summarize the key changes from the 1992 Framework to the 2013 Framework including the
More informationPractices in Enterprise Risk Management
Practices in Enterprise Risk Management John Foulley Risk Management Practices Head SAS Institute Asia Pacific What is ERM? Enterprise risk management is a process, effected by an entity s board of directors,
More informationQuality Assurance and Improvement Program
Internal Audit Foundations Standards 1000, 1010, 1100, 1110, 1111, 1120, 1130, 1300, 1310, 1320, 1321, 1322, 2000, 2040 There is an Internal Audit Charter in place Internal Audit Charter is in place The
More informationrisk management ERM Roles & Responsibilities In Community Banks: Who is Responsible for What?
risk management ERM Roles & Responsibilities In Community Banks: Who is Responsible for What? By: John Hurlock, President JohnHurlock@smarterriskmanagement.com Kelly Lutinski, National Director KellyLutinski@smarterriskmanagement.com
More informationEFFICIENT USE OF AUDIT COMMITTEES
AGENDA EFFICIENT USE OF AUDIT COMMITTEES BRENT YOUNG, CPA JERRY GAITHER, CPA Best practices related to: Audit Committee Process Internal Audit Risk Management 2 AUDIT COMMITTEE PROCESS AND PROCEDURES Audit
More informationRisk Advisory SERVICES. A holistic approach to implementing effective governance, managing risk and maintaining compliance
Risk Advisory SERVICES A holistic approach to implementing effective governance, managing risk and maintaining compliance Contents Weaver's Risk Advisory Services 1 Enterprise Risk Management 4 Assessing
More informationInternal Controls and Risk Management Report
42 Internal Controls and Risk Management Report Responsibility Our Board of Directors has the overall responsibility to ensure that sound and effective internal controls are maintained, while management
More informationCharter for Group Internal Audit. Approved by the Chairman on behalf of the Board of Directors on 18 January 2018.
Charter for Group Internal Audit 2018 Approved by the Chairman on behalf of the Board of Directors on 18 January 2018. Charter for Group Internal Audit 2017 Table of contents 1. Introduction... 3 1.1 GIA
More informationAssistance Options to New Applicants and Sponsors in connection with Internal Controls over Financial Reporting
Technical Bulletin - AATB 1 Issued March 2008 Technical Bulletin Assistance Options to New Applicants and Sponsors in connection with Internal Controls over Financial Reporting This Technical Bulletin
More informationCIA EXAM CONTENT. Part 1 :The Internal Audit Activitys Role in Governance Risk and Control
CIA EXAM CONTENT Part 1 :The Internal Audit Activitys Role in Governance Risk and Control A. Comply with The IIA's Attribute Standards (15-25%) (P) 1. Define purpose, authority, and responsibility of the
More informationEnterprise Risk Management: Developing a Model for Organizational Success. White Paper
Enterprise Risk Management: Developing a Model for Organizational Success White Paper January 2009 Overview Less than a decade ago, Enterprise Risk Management (ERM) was an unfamiliar concept. Today, the
More informationInternal Controls: Providing an Effective Control Environment. Why This Session Is Needed. Lesson Overview & Module Objectives
Internal Controls: Providing an Effective Control Environment Internal Controls 1 Why This Session Is Needed Uniform Guidance has expanded the requirements and increased the focus on internal controls
More informationYour committee: Evaluates the "tone at the top" and the company's culture, understanding their relevance to financial reporting and compliance
Audit Committee Self-assessment Guide The following guide summarizes leading audit committee practices discussed in the "Audit Committee Effectiveness- What Works Best" report. You may use it to help assess
More informationCOSO Internal Control Integrated Framework update. INTOSAI Subcommittee on Internal Control Standards
COSO Internal Control Integrated Framework update INTOSAI Subcommittee on Internal Control Standards Cees Klumper RA MBA CIA Member of the COSO Advisory Council Chief Risk Officer of the Global Fund to
More informationCompliance Risk Management
Compliance Risk Management Seventh Annual University Compliance Conference Society for Corporate Compliance and Ethics May 30, 2009 Robert F. Roach, NYU University Ethics and Compliance Officer Robert.Roach@nyu.edu
More informationInternal Audit & the Audit Committee
HCCA Audit & Compliance Committee Conference February 2008 Internal Audit & the Audit Committee Glen C. Mueller, CPA, CIA, CISA, CISM Scripps Health, San Diego, CA VP-Chief Audit & Compliance Executive
More informationINTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)
INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS) ATTRIBUTE STANDARDS 1000 Purpose, Authority and Responsibility The purpose, authority, and responsibility of the internal
More information6. IT Governance 2006
6. IT Governance 2006 Introduction The Emerging Enterprise Model 3 p IT is an integral part of the business p IT governance is an integral part of corporate governance 4 Challenges for the IT IT gets more
More informationUnderstanding Changes to the Certified Internal Auditor Program for 2013
Understanding Changes to the Certified Internal Auditor Program for 2013 Certified Internal Auditor (CIA ) 2013 Content Change Overview: This document is provided by IIA Global Headquarters to explain
More informationEnterprise Risk Management: A Best Practice in Managing Federal Programs
Business, Industry and Government Enterprise Risk Management: A Best Practice in Managing Federal Programs Nahla K. Ivy and Kenneth Shulman Over the past several years, many federal agencies have applied
More informationCertified Internal Auditor - Part 1, The Internal Audit Activity's Role in Governance, Risk, and Control
IIA IIA-CIA-Part1 Certified Internal Auditor - Part 1, The Internal Audit Activity's Role in Governance, Risk, and Control https://killexams.com/pass4sure/exam-detail/iia-cia-part1 Question: 555 During
More informationFinancial CIA-I. Certified Internal Auditor (CIA) Download Full Version :
Financial CIA-I Certified Internal Auditor (CIA) Download Full Version : http://killexams.com/pass4sure/exam-detail/cia-i QUESTION: 225 To identify those components of a telecommunications system that
More informationPerformance Risk Management Jonathan Blackmore, May 2013
Performance Risk Management Jonathan Blackmore, May 2013!@# Topics The world is changing How leading companies turn risk into results Back to basics 2 Company focus Market Risk Management an evolving journey
More information716 West Ave Austin, TX USA
FRAUD-RELATED INTERNAL CONTROLS GLOBAL Headquarters the gregor building 716 West Ave Austin, TX 78701-2727 USA Figure 2.1 COSO defines an internal control as a process, effected by an entity s board of
More informationINTERNAL AUDIT CHARTER
INTERNAL AUDIT CHARTER I. MISSION II. SCOPE The mission of Internal Audit is to enhance and protect organizational value by providing risk-based and objective assurance, advice and insight. Internal Audit
More informationDirector Training and Qualifications
4711 Yonge Street Suite 700 Toronto ON M2N 6K8 Telephone: 416-325-9444 Toll Free 1-800-268-6653 Fax: 416-325-9722 4711, rue Yonge Bureau 700 Toronto (Ontario) M2N 6K8 Téléphone : 416 325-9444 Sans frais
More informationInternational Standards for the Professional Practice of Internal Auditing (Standards)
Attribute Standards 1000 Purpose, Authority, and Responsibility The purpose, authority, and responsibility of the internal audit activity must be formally defined in an internal audit charter, consistent
More informationPolicy and Procedures Date: November 5, 2017
Virginia Polytechnic Institute and State University No. 3350 Rev.: 8 Policy and Procedures Date: November 5, 2017 Subject: Charter for the Office of Audit, Risk, and Compliance 1. Purpose... 1 2. Policy...
More informationKey Takeaways. Course Requirements. Delegates must meet the following criteria to be eligible for certificate of completion:
111 Program Overview In today s ever-changing world, organizations are continuously faced with risks. These risks can have catastrophic impacts on an organization s success, reputation, and future. Unmanaged
More informationEnterprise Risk Management. Focus on the Future June 2017
Enterprise Risk Management Focus on the Future June 2017 2017 Crowe 2017 Crowe Horwath Horwath LLP LLP Learning Objectives and Agenda Objectives Distinguish Risk Management from ERM Understand the Value
More informationState Street in the UK Pillar 3 Disclosure - Remuneration
The following forms State Street s UK Pillar 3 disclosure under BIPRU 11.5.18R in respect of 2013. BIPRU 11.5.18R (1) Information concerning the decision-making process used for determining the remuneration
More information20 Years in the Making. Meet the New ICIF: Revisions to COSO s Internal Control Integrated Framework. Dr. Sandra Richtermeyer COSO Board Member
Meet the New ICIF: Revisions to COSO s Internal Control Integrated Framework Dr. Sandra Richtermeyer COSO Board Member Associate Dean and Professor of Accountancy Xavier University Cincinnati Ohio USA
More informationEnterprise Risk Management
BUSINESS RISK MANAGEMENT LTD Enterprise Risk Management Who should attend? Risk managers Managers and Directors responsible for the risk management function or process Senior Internal Auditors and audit
More informationEmbedding Operational Risk
Embedding Operational Risk Banking & Payments Federation Ireland Angela Calapa, Risk & Regulatory Director Areas of Challenge for Embedding Operational Risk Most banks face a significant number of challenges
More informationInternal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 15, 2016 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org
More informationGuidance Note: Corporate Governance - Audit Committee. March Ce document est aussi disponible en français.
Guidance Note: Corporate Governance - Audit Committee March 2015 Ce document est aussi disponible en français. Applicability The Guidance Note: Corporate Governance Audit Committee (the Guidance Note )
More informationCommunity Bankers Conference
3rd Annual Regional and Community Bankers Conference The Federal Reserve Bank of Boston Disclaimer NEVER WRONG DON T COMPLETELY RELY UPON Recent Developments in Audit Practice SOX, FDICIA 112, Other Robert
More informationInternal Financial Control (IFC)& Internal Financial Controls over Financial Reporting (IFCoFR)
Internal Financial Control (IFC)& Internal Financial Controls over Financial Reporting (IFCoFR) Origin of IFC The first significant focus on internal control certification related to financial reporting
More informationDIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015
DIRECTOR TRAINING AND QUALIFICATIONS: SAMPLE SELF-ASSESSMENT TOOL February 2015 DIRECTOR TRAINING AND QUALIFICATIONS SAMPLE SELF-ASSESSMENT TOOL INTRODUCTION The purpose of this tool is to help determine
More informationFrom Backyard Business to Public Company
From Backyard Business to Public Company The Changing Role of the Management Accountant IMA Michigan Fall Conference October 29, 2008 John Pollara CMA, IMA Chair Emeritus 1 2 3 4 5 6 7 8 9 10 11 12 Definitions
More informationStatement on Risk Management and Internal Control
INTRODUCTION The Board affirms its overall responsibility for the Group s system of internal control and risk management and for reviewing the adequacy and effectiveness of the system. The Board is pleased
More informationMETROPOLITAN TRANSPORTATION AUTHORITY
ENTERPRISE RISK MANAGEMENT AND INTERNAL CONTROL GUIDELINES Pursuant to Public Authorities Law Section 2931 Adopted by the Board on November 16, 2016 These guidelines apply to the Metropolitan Transportation
More informationComments to be received by 31 January 2008
29 October 2007 To: Members of the Hong Kong Institute of CPAs All other interested parties HKICPA DISCUSSION PAPER EXPOSURE DRAFT ASSISTANCE OPTIONS TO NEW APPLICANTS AND SPONSORS IN CONNECTION WITH INTERNAL
More informationEnterprise risk management Protecting and enhancing value Advisory
Enterprise risk management Protecting and enhancing value Advisory October 2016 kpmg.co.za 2016 KPMG Services (Pty) Ltd, a South African company and a member firm of the KPMG network of independent member
More informationENTERPRISE RISK MANAGEMENT
ENTERPRISE RISK MANAGEMENT PROFILE AND BACKGROUND JOHN TOSCANO, CPA, PARTNER 959-200-7211 john.toscano@cohnreznick.com John Toscano, CPA is a partner with CohnReznick LLP and leads the Firm s Independent
More informationSample Corporate Risk Management Policy
Sample Corporate Risk Management Policy This document provides a sample Risk Management policy which includes an overview of the key roles and responsibilities of the various stakeholders. Risk Oversight
More informationEnterprise Risk Management
1 Enterprise Risk Management Building an Effective Enterprise Risk Management Program in a Community Bank Jay Gallo Chief Risk Officer Topics for Discussion 2 Defining Enterprise Risk Management Do Community
More informationInternal Control Questionnaire and Assessment
Bureau of Financial Monitoring and Accountability Florida Department of Economic Opportunity September 30, 2017 107 East Madison Street Caldwell Building Tallahassee, Florida 32399 www.floridajobs.org
More informationLeveraging Internal Audit and Corporate Compliance for Effective Risk Management
Leveraging Internal Audit and Corporate Compliance for Effective Risk Management April 18, 2016 Don Sinko Chief Integrity Officer Cleveland Clinic Agenda Cleveland Clinic Integrity Office Model The 3 Lines
More informationInternal Auditors and Enterprise Risk Management (ERM) ICPAK Presentation
Internal Auditors and Enterprise Risk Management (ERM) ICPAK Presentation April 2014 Disclaimer This presentation is made by KPMG Kenya, a member firm of the KPMG network of independent firms affiliated
More informationDoes your organization Establish Career Path for all Organizational Project Management Roles"?
Best Practice ID SAM Question Domain Process Improvement Stage 8640 Does your organizaron Control the Define Roadmap Control 8750 Does your organizaron Improve the Define Roadmap Improve 8760 Does your
More informationLya Villasuso OECD Corporate Affairs Division Response ed to: RE: Corporate Governance and the Financial Crises
Richard F. Chambers Certified Internal Auditor Certification in Control Self-Assessment Certified Government Auditing Professional President April 16, 2009 Lya Villasuso OECD Corporate Affairs Division
More information