An Integrated Approach to the Internal Control System

Size: px
Start display at page:

Download "An Integrated Approach to the Internal Control System"

Transcription

1 An Integrated Approach to the Internal Control System - New Methodology for Evaluating Design and Effectiveness - Carolyn Dittmeier President, IIA Italy Vice President, Head of Internal Auditing Poste Italiane 1

2 Increasing legislation and regulation of governance Anti corruption (Law 231) Sarbanes (Law 262) Stock Exchange Governance Code Bank Regulations New Corporate Governance players Corporate Governance Paper IIA Italy 2

3 Numerous corporate governance players Compliance Officer Audit Committee Board of Directors Board of Statutory Auditors Other Control Bodies CFO Quality Internal Audit Security Compliance Function Inspectorate Human Resource & Organization Safety Privacy Operational Management 3

4 Numerous Corporate Governance Players Possible consequences: Cost efficiency Cost of governance exceeds benefits in risk reduction Effectiveness Inadequate/fragmented risk coverage 4

5 Corporate Governance Paper Associazione Italiana Internal Auditors Key points to an Integrated Corporate Governance Model: I. Global business risk assessment II. Unified Internal Control System Three Control Levels Optimizing Relationships Single Evaluation Criteria III. Mechanisms of Assurance 5

6 Business Case Its Business General Strategy Logistics, postal and courrier express Banking, financial services and insurance Leveraging upon a major national network, integrating new innovative services to core businesses 150,000 Employees 14,000 Post offices 200 Logistic Centres Vehicles 2,700 ATM Total Sales (mil) of which: Logistics/Postal Financial/ Banking 6

7 Business Case Compliance Officer INTERNAL AUDITING CHAIRMAN BOARD OF DIRECTORS RS CHIEF EXECUTIVE OFFICE LEGAL AFFAIRS Court Auditors Statutory tory Auditors CORPORATE AFFAIRS ACCOUNTANCY & CONTROL RISK MGMT/ SECURITY HUMAN RESOURCES AND ORGANIZATION STRATEGIC PLANNING COMMUNICATION AND PUBLIC AFFAIRS FINANCE CHIEF INFORMATION OFFICE PURCHASING REAL ESTATE BUSINESS UNITS RETAIL NETWORK MAIL EXPRESS AND PARCELS LOGISTICS AND OPERATIONS PHILATELY BANCOPOSTA COMPLIANCE FUNCTION 7 AUDIT

8 Business Case CHAIRMAN CEO Court Auditors Statutory tory Auditors INTERNAL AUDITING Compliance Officer STANDARDS/ RESEARCH PLANNING ETHICS AUDIT Bancoposta AUDIT FINANCIAL & RETAIL NETWORK AUDIT LOGISTICS POSTAL AUDIT SUPPORT PROCESSES GEOGRAPHICAL AREA MANAGERS INTEGRATED PROCESS AUDIT

9 Business Case Governance milestones Public Economic Entity Transformation to a stock company Poste Italiane - Società per Azioni Poste Italiane is subject to supervision of Financial Regulatory Bodies Implementation of Internal Audit replacing Inspectorship Implementation of Ethics Officer Code of Ethics Implementation of Enterprise Risk Management Model 2007 Introduction of Sarbanes Accounting Officer 9

10 Corporate Governance Paper Associazione Italiana Internal Auditors Key points to an Integrated Corporate Governance Model I. Global Business Risk Assessment 10

11 Global Business Risk Assessment? Operational risks Compliance risks Reputational risks Strategic risks Financial risks Accounting risks 11

12 Business Case Enterprise Risk Management framework adopted in 2006 Obiettivi Goal Model Poste Poste Obiettivi di Business Efficienza di Processo Volume/Ricavie Obiettivi di Governo Rispetto della normativa Sicurezza Affidabilità delle informazioni OBIETTIVI RISCHI POTENZIALI Risk Model Poste Rischi Interni Fattore Disegno umano Processo/Sistemi Compliance Processi IT Rischi Esterni Governo e controllo direzionale Monitoraggio/ Informativa Scenario Socio- Economico Concorrenza Mercato/ Cliente Contenimento Costi Customer Satisfaction Employee welfare CONTROLLI Risorse Umane Processi Ammin./ Contab. Pianificazione Partner/ Fornitori Quota di mercato Redditività Innovazione Tecnologica Certezza operativa Integrazione Efficacia ed Efficienza IT RISCHI RESIDUI Rischi Non Operativi Rischi Operativi Altri Processi Infrastruttura/ Risorse tecniche Integrazione Contesto Legale Attacchi/ Eventi esterni Tecnologia Risk Model based on Goal Model

13 ERM Business Maturity Checkpoints 1. Risk Framework 2. Control Risk Self-Assessment worshop 3. Strong professional development programs 4. Budget and incentive system incorporating Key Risk Indicators 5. Full risk management culture

14 Corporate Governance Paper Associazione Italiana Internal Auditors Key points to an Integrated Corporate Governance Model II. A Unified Internal Control System Three Control Levels Optimizing Relationships Single Evaluation Criteria 14

15 Three levels of control activities within the Enterprise Risk Management Model Company Bodies Audit Committee Definition of Objectives Risk Management Internal environment Information and communication COSO: Control activities 3 rd Level Assurance Activity (Internal Audit) 2 nd Level Monitoring Activity (Risk Management, Compliance, Controller) 1 st Level Control Activity (Line Control) 15

16 A Unified Internal Control System Optimizing Relationships between Control bodies and functions Informational Reporting Communication by meetings and presentations Providing Directives In relation to their assurance, consulting or other roles 16

17 Reporting & Interchange between Governance & Control Bodies Business Case Statutory tory Auditors BOARD OF DIRECTORS RS Monthly Court Auditors Compliance Officer Bimonthly CFO Financial Reporting control Quarterly INTERNAL AUDITING Overall Internal Control Semiannual Bimonthly COMMITTEE Internal Audit, Human Resources, Legal Affairs; CFO; Security/Risk Mgmt Risk and Compliance Periodic : issues Risk Management Bancoposta Compliance Function Bancoposta Company Business Units and Depts 17

18 A Unified Internal Control System Integrated methodology for business control identification and evaluation Focusing separately on: Control Design Control Operating Effectiveness 18

19 How to evaluate the Integrated Internal Control System Risk Tolerance Control Objectives Risk Acceptance Control Design Adequacy Effectiveness, Efficiency and cost effectiveness Operating effectiveness Relevance Strength Resources availability Red-flag analysis Coverage Reactivity Compliance verification 19

20 Definition of a control? A set of activities whose purpose is to identify and correct errors and anomalies in order to reach defined control objectives, risk based Input Standard Input Capture/ Measurement Comparison input / standard Correction Output 20

21 Control Objectives, risk based (examples) Quality and timeliness of operations Reliability and integrity of Company information (financial and operational) Proper and effective contractual relations with customers and suppliers Compliance to Regulations Prevention of fraud Business continuity 21

22 How to evaluate the Integrated Internal Control System Risk Tolerance Control Objectives Risk Acceptance Control Design Adequacy Effectiveness, Efficiency and Cost effectiveness Operating effectiveness Relevance Strength Resources availability Red-flag analysis Coverage Reactivity Compliance verification 22

23 Process Case study: quality cheese production Production of fresh cheese according to quality standards Activity 1 Supply request Activity 2 Production Control over Production Time Standards Activity 3 Packaging For every fresh cheese lot, the Production Dept requests, up to 5 days before the fermentation process, requests from the Purchasing Dept quantities of milk supplies on the basis of approved monthly sales forecasts. Upon supply of milk (<3 days) the Production Dept proceeds: Pasteurisation (2 hours) Coagulation of casein (2 hours) Drainage of whey (1 hour); Pressing and salting (1 hour) (time frame automatically recorded in 3 of 4 phases) The Quality Dept verifies respect of production time standards. If non compliant, it blocks the packaging process, requesting the lot to be destroyed and re-produced. Following authorization given by Quality Dept, the Production Dept proceeds to package the fresh cheese within 24 hours for delivery by the Distribution Dept by the next day. 23

24 Case study: quality cheese production Control objectives: Ensure fresh cheese according to quality standards Ensure the absence of pathogens in the milk Ensure production-time for avoiding pathogenic generation Ensure temperature-preservation for avoiding pathogenic generation Control over Production Time Standards Control components Actual time frame (automatic) Time Limitation Standards Information System Check Lot destruction when out of time standard Replacement of Production lot Authorization for packaging 24

25 Control evaluation:scale of 1-5 (1-2 positive, negative). Control Objective Adequacy 2 Control Design Operating effectiveness 1 Relevance Coverage Strength 3 Reactivity Resources availability Compliance test Red-flag analysis Discretion Integration Independe nt Segregatio n Automatio n Adaptabilit y Traceabilit y 25

26 Case study: quality cheese production Discretion Integration Independence Segregation Automation Adaptability Traceability Strength 3

27 Case study: quality cheese production Coverage Risk Tolerance Control Design Relevance Strength Scenario Control Objectives Adequacy Effectiveness, Efficiency and cost effectiveness Reactivity Control design evaluation: positive (2) Resources availability Risk Acceptance Operating effectiveness Compliance test Red-flag analysis Control operating effectiveness evaluation: good (3) Test 1 Audit Program Verify Information system utilized for standard check Test 2 Examine Sample of production lots checked by Quality Dept scenario 1^ 1^ scenario 2^ 2^ scenario 3^ 3^ Known and and positive design Known; design non non positive Unknown design Audit Exception Level Test 1: 20% - Test 2: 5% 27

28 Corporate Governance Paper Associazione Italiana Internal Auditors Key points to an Integrated Corporate Governance Model: I. Global business risk assessment II. Unified Internal Control System Three Control Levels Optimizing Relationships Single Evaluation Criteria III. Mechanisms of Assurance 28

Numerous corporate governance players

Numerous corporate governance players An Integrated Approach to the Internal System - New Methodology for Evaluating Design and Effectiveness - Carolyn Dittmeier President, IIA Italy Vice President, Head of Internal Auditing Poste Italiane

More information

Procedure deliberative per il compimento di operazioni con soggetti collegati

Procedure deliberative per il compimento di operazioni con soggetti collegati COMMENTS TO THE DISCUSSION PAPER OF THE BANK OF ITALY S DISPOSIZIONI DI VIGILANZA PRUDENZIALE PER LE BANCHE SISTEMA DEI CONTROLLI INTERNI, SISTEMA INFORMATIVO E CONTINUITÀ OPERATIVA Deutsche Bank SpA Procedure

More information

Texas Workforce Commission

Texas Workforce Commission Fiscal Year 2016 Audit Plan Approved by Commission September 28, 2015 Fiscal Year 2016 Audit Plan 1 Table of Contents Overview... 3 The Role of Internal Audit... 3 Professional and Statutory Requirements...

More information

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES

APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES Ethical Leadership and Corporate Citizenship The board should provide effective leadership based on ethical foundation. that the company

More information

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014

APPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014 WOOLWORTHS HOLDINGS LIMITED CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 This table is a useful reference to each of the King III principles

More information

Addressing SOX compliance with XaitPorter. Version 1.0 Sept. 2014

Addressing SOX compliance with XaitPorter. Version 1.0 Sept. 2014 Addressing SOX compliance with XaitPorter Version 1.0 Sept. 2014 Table of Contents 1 Addressing Compliance... 1 2 SOX Compliance... 2 3 Key Benefits... 5 4 Contact Information... 6 1 Addressing Compliance

More information

HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE

HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE I. Committee Purpose The Risk Committee is appointed by the Board of Directors of HSBC Finance Corporation (the Corporation ) and is responsible,

More information

and Risk Tolerance in an Effective ERM Program

and Risk Tolerance in an Effective ERM Program The Roles of Risk Appetite and Risk Tolerance in an Effective ERM Program Eric Gerner, Risk Advisory Services Director Tuesday, July 10, 2012 General Information Share the webinar Ask a question Votes

More information

SAI GLOBAL LIMITED Risk Management Policy

SAI GLOBAL LIMITED Risk Management Policy SAI GLOBAL LIMITED Risk Management Policy SAI Global Ltd ABN 67050611642 Last Updated: February 2012 Contents 1. Risk Management... 3 2. Policy... 3 3. Risk Management Philosophy... 3 4. Risk Appetite...

More information

Sample Financial institution Risk Management Policy 2011

Sample Financial institution Risk Management Policy 2011 Sample Financial institution Risk Management Policy 2011 1 Contents Risk Management Program...2 Internal Control and Risk Management Diagram... 2 General Control Environment... 2 Specific Internal Control

More information

Internal/External Audits

Internal/External Audits Internal/External Audits Joint World Bank/Federal Reserve System Seminar for Senior Bank Supervisors Arthur Lindo Federal Reserve Board Presentation Topics ❿Internal Audit, Corporate Governance and Controls

More information

For personal use only

For personal use only Statement of Corporate Governance for the Year Ended 30 June 2015 This Corporate Governance Statement is current as at 1 September 2015 and has been approved by the Board of Equus Mining Limited ( the

More information

Compliance Applicata. Milano, 7 febbraio 2007. Dr. Jean Paul Ballerini Sr. Technology Solutions Expert

Compliance Applicata. Milano, 7 febbraio 2007. Dr. Jean Paul Ballerini Sr. Technology Solutions Expert Compliance Applicata Milano, 7 febbraio 2007 Dr. Jean Paul Ballerini Sr. Technology Solutions Expert Legislazione e Normative Terrorism Act 2000 Sarbanes Oxley Act FSA CMA HIPAA Here is another one Obscene

More information

Sector Development Ageing, Disability and Home Care Department of Family and Community Services (02) 8270 2218

Sector Development Ageing, Disability and Home Care Department of Family and Community Services (02) 8270 2218 Copyright in the material is owned by the State of New South Wales. Apart from any use as permitted under the Copyright Act 1968 and/or as explicitly permitted below, all other rights are reserved. You

More information

CHARTER FOR THE THE REGULATORY, COMPLIANCE & GOVERNMENT AFFAIRS COMMITTEE CHARTER THE BOARD OF DIRECTORS

CHARTER FOR THE THE REGULATORY, COMPLIANCE & GOVERNMENT AFFAIRS COMMITTEE CHARTER THE BOARD OF DIRECTORS CHARTER FOR THE THE REGULATORY, COMPLIANCE & GOVERNMENT AFFAIRS COMMITTEE CHARTER OF THE BOARD OF DIRECTORS OF Copyright/permission to reproduce Materials in this document were produced or compiled by

More information

IT GOVERNANCE PANEL BRING VALUE BY AUDITING IT GOVERNANCE GET THE

IT GOVERNANCE PANEL BRING VALUE BY AUDITING IT GOVERNANCE GET THE 1 IT GOVERNANCE PANEL BRING VALUE BY AUDITING IT GOVERNANCE GET THE ANSWERS AND PRACTICAL TIPS FROM THE IT GOVERNANCE AUDIT PROFESSIONALS JOHAN LIDROS, PRESIDENT EMINERE GROUP KATE MULLIN, CISO, HEALTH

More information

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation Tying It All Together: Practical ERM Integration Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation November 16, 2007 1 Agenda Basis for ERM Integration ERM Objectives ERM Focus

More information

Independent third-party company specialized in second and third-party audits

Independent third-party company specialized in second and third-party audits Independent third-party company specialized in second and third-party audits SOCIETY PRESENTATION From several years, AUDIT S.r.l. deals with second and third-party audit services for verification of compliance

More information

The Upside of Risk: Enterprise Risk Management and Public Real Estate Companies

The Upside of Risk: Enterprise Risk Management and Public Real Estate Companies The Upside of Risk: Enterprise Risk Management and Public Real Estate Companies James Barkley, Simon Property Group, Inc. and David E. Weiss, DDR Corp. Introduction: As lawyers, particularly real estate

More information

KING III CORPORATE GOVERNANCE COMPLIANCE REGISTER

KING III CORPORATE GOVERNANCE COMPLIANCE REGISTER KING III CORPORATE GOVERNANCE REGISTER CHAPTER 1: ETHICAL LEADERSHIP AND CORPORATE CITIZENSHIP NON 1.1. The board should provide effective leadership based on an ethical foundation 1.2. The board should

More information

TECK RESOURCES LIMITED AUDIT COMMITTEE CHARTER

TECK RESOURCES LIMITED AUDIT COMMITTEE CHARTER Page 1 of 7 A. GENERAL 1. PURPOSE The purpose of the Audit Committee (the Committee ) of the Board of Directors (the Board ) of Teck Resources Limited ( the Corporation ) is to provide an open avenue of

More information

Mapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA

Mapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA Volume 3, July 2014 Come join the discussion! Alberto León Lozano will respond to questions in the discussion area of the COBIT 5 Use It Effectively topic beginning 21 July 2014. Mapping COBIT 5 with IT

More information

A Framework for Managing Crime and Fraud

A Framework for Managing Crime and Fraud A Framework for Managing Crime and Fraud ASIS European Security Conference & Exhibition Gothenburg, April 15, 2013 Torsten Wolf Group Head of Crime and Fraud Prevention Agenda Introduction Economic Crime

More information

The Role of the Board in Enterprise Risk Management

The Role of the Board in Enterprise Risk Management Enterprise Risk The Role of the Board in Enterprise Risk Management The board of directors plays an essential role in ensuring that an effective ERM program is in place. Governance, policy, and assurance

More information

Crime Prevention and Anti- Fraud Policy of Gamesa Corporación Tecnológica, S.A. (March 23, 2011)

Crime Prevention and Anti- Fraud Policy of Gamesa Corporación Tecnológica, S.A. (March 23, 2011) Crime Prevention and Anti- Fraud Policy of Gamesa Corporación Tecnológica, S.A. (March 23, 2011) I. PURPOSE The Board of Directors of Gamesa Corporación Tecnológica, S.A. (the Company or Gamesa) has been

More information

Framework for Enterprise Risk Management

Framework for Enterprise Risk Management Framework for Enterprise Risk Management 2013 Johnson & Johnson Contents Introduction.... 4 J&J Strategic Framework... 5 What is Risk?.......................................................... 7 J&J Approach

More information

Focusing on the purpose of the authority and on outcomes for the community and creating and implementing a vision for the local area

Focusing on the purpose of the authority and on outcomes for the community and creating and implementing a vision for the local area CODE OF CORPORATE GOVERNANCE INTRODUCTION Corporate Governance is a term used to describe how organisations direct and control what they do. As well as systems and processes this includes cultures and

More information

Ramsay Health Care Limited ACN 001 288 768 Board Charter. Charter

Ramsay Health Care Limited ACN 001 288 768 Board Charter. Charter Ramsay Health Care Limited ACN 001 288 768 Board Charter Charter Approved by the Board of Ramsay Health Care Limited on 23 October 2012 Ramsay Health Care Limited ABN 57 001 288 768 Board Charter Contents

More information

ACCA P1 Internal Control. incorporated into Combined code, it was last revised in 2005 and still present as a standalone document.

ACCA P1 Internal Control. incorporated into Combined code, it was last revised in 2005 and still present as a standalone document. Internal Control ACCA P1 Internal Control Turnbull Report 1999 provided guidance for creating strong internal control system and later incorporated into Combined code, it was last revised in 2005 and still

More information

Auditing Outsourcing Arrangements

Auditing Outsourcing Arrangements Auditing Outsourcing Arrangements Eileen Healy Enterprise Risk Services Director 16 April 2015 Contact Details: - Email: - ehealy@deloitte.ie Mobile: - 086 164 3082 Session Objectives To provide an understanding

More information

Relevant COSO Principles. Policies and procedures are maintained. Policies and Procedures. Roles and responsibilities are identified

Relevant COSO Principles. Policies and procedures are maintained. Policies and Procedures. Roles and responsibilities are identified Accountability is unable to govern service processes No consistent or communicated policies procedures structure is inadequate Policies procedures are maintained Roles responsibilities are identified Policies

More information

Compliance. Group Standard

Compliance. Group Standard Group Standard Compliance Serco is committed to good governance practices and the management of risks supported by a robust business compliance process SMS-GS-G2 Compliance July 2014 v1.0 Serco Public

More information

QUALITY MANAGEMENT SYSTEM REQUIREMENTS General Requirements. Documentation Requirements. General. Quality Manual. Control of Documents

QUALITY MANAGEMENT SYSTEM REQUIREMENTS General Requirements. Documentation Requirements. General. Quality Manual. Control of Documents Chapter j 38 Self Assessment 729 QUALITY MANAGEMENT SYSTEM REQUIREMENTS General Requirements 1. Establishing and implementing a documented quality management system 2. Implementing a documented quality

More information

Regulatory aspects of Finance and Leasing Companies

Regulatory aspects of Finance and Leasing Companies Regulatory aspects of Finance and Leasing Companies R.M.C.H.K. Jayasinghe Senior Assistant Director Department of Supervision of Non Bank Financial Institutions 1 Relevant Legislation Licensed Finance

More information

Charter of the Audit Committee of the Board of Directors

Charter of the Audit Committee of the Board of Directors Charter of the Audit Committee of the Board of Directors Dated as of April 27, 2015 1. Purpose The Audit Committee is a committee of the Board of Directors (the Board ) of Yamana Gold Inc. (the Company

More information

Revised May 2007. Corporate Governance Guideline

Revised May 2007. Corporate Governance Guideline Revised May 2007 Corporate Governance Guideline Table of Contents 1. INTRODUCTION 1 2. PURPOSES OF GUIDELINE 1 3. APPLICATION AND SCOPE 2 4. DEFINITIONS OF KEY TERMS 2 5. FRAMEWORK USED BY CENTRAL BANK

More information

COMPLIANCE FRAMEWORK AND REPORTING GUIDELINES

COMPLIANCE FRAMEWORK AND REPORTING GUIDELINES COMPLIANCE FRAMEWORK AND REPORTING GUIDELINES DRAFT FOR CONSULTATION June 2015 38 Cavenagh Street DARWIN NT 0800 Postal Address GPO Box 915 DARWIN NT 0801 Email: utilities.commission@nt.gov.au Website:

More information

Tabcorp Holdings Limited

Tabcorp Holdings Limited (ABN 66 063 780 709) Audit, Risk and Compliance Committee Terms of Reference Contents 1 Introduction to the Terms of Reference 1 1.1 General 1 1.2 Board approval 1 1.3 Definitions 1 2 Role of the Committee

More information

LafargeHolcim Ltd. Finance & Audit Committee Charter Review date: July 28, 2015

LafargeHolcim Ltd. Finance & Audit Committee Charter Review date: July 28, 2015 LafargeHolcim Ltd Finance & Audit Committee Charter Review date: July 28, 2015 1. Purpose 1.1 Mission The Finance & Audit Committee ( FAC ) is an expert committee formally appointed by the Board of Directors

More information

3.6 - REPORT BY THE CHAIRMAN OF THE BOARD OF DIRECTORS ON CORPORATE GOVERNANCE, RISK MANAGEMENT AND INTERNAL CONTROLS

3.6 - REPORT BY THE CHAIRMAN OF THE BOARD OF DIRECTORS ON CORPORATE GOVERNANCE, RISK MANAGEMENT AND INTERNAL CONTROLS RISK FACTORS Report by the Chairman of the Board of Directors on corporate governance, risk management and internal controls Property damage and operating loss insurance Property damage/operating loss

More information

Poste Italiane ICT Measurement

Poste Italiane ICT Measurement Poste Italiane ICT Measurement Paolo Baldelli DCPT Process and Technologies Central Department Poste Italiane S.p.A. 1 Direzione Centrale Processi e Tecnologie Agenda! Poste Italiane : the Company and

More information

Semiannual Report to Congress. Office of Inspector General

Semiannual Report to Congress. Office of Inspector General Semiannual Report to Congress Office of Inspector General Federal Election Commission 999 E Street, N.W., Suite 940 Washington, DC 20463 April 1, 2005 September 30, 2005 November 2005 TABLE OF CONTENTS

More information

Linking Risk Management to Business Strategy, Processes, Operations and Reporting

Linking Risk Management to Business Strategy, Processes, Operations and Reporting Linking Risk Management to Business Strategy, Processes, Operations and Reporting Financial Management Institute of Canada February 17 th, 2010 KPMG LLP Agenda 1. Leading Practice Risk Management Principles

More information

PCI Compliance reporting solution

PCI Compliance reporting solution PCI Compliance reporting solution This document describes GamePlan s PCI DSS compliance solution and its ability to assist organisations to be compliant with the regulatory requirements of the Payment

More information

Supervisory Board Activities Newsletter April-May 2010

Supervisory Board Activities Newsletter April-May 2010 Supervisory Board Activities Newsletter April-May 2010 During April and May 2010 the Telecom Italia Supervisory Board (Organo di vigilanza OdV) carried on monitoring the correct execution of the Undertakings

More information

La Qualità dietro lo sportello: metodi, strumenti e tecnologie

La Qualità dietro lo sportello: metodi, strumenti e tecnologie 1 La Qualità dietro lo sportello: metodi, strumenti e tecnologie Dr.ssa Paola Pizzi U.O. Collaudo e Certificazione Sessione di Studio AIEA, Verona, 25 novembre 2005 Poste Italiane Group Group s Profile

More information

COHERENT, INC. Board of Directors. Governance Guidelines

COHERENT, INC. Board of Directors. Governance Guidelines COHERENT, INC. Board of Directors Governance Guidelines Effective: December 12, 2013 1. Mission of the Board The Board of Directors (the Board ) has the ultimate responsibility for the well being of the

More information

IT Governance Charter

IT Governance Charter Version : 1.01 Date : 16 September 2009 IT Governance Network South Africa USA UK Switzerland www.itgovernance.co.za info@itgovernance.co.za 0825588732 IT Governance Network, Copyright 2009 Page 1 1 Terms

More information

Application of King III Corporate Governance Principles

Application of King III Corporate Governance Principles APPLICATION of KING III CORPORATE GOVERNANCE PRINCIPLES 2013 Application of Corporate Governance Principles This table is a useful reference to each of the principles and how, in broad terms, they have

More information

RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY

RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY PRESENTED BY: LEN WIATR, CHIEF RISK OFFICER Len s Risk Management Philosophy Build a

More information

Internal Audit and Advisory Services DRAFT

Internal Audit and Advisory Services DRAFT Internal Audit and Advisory Services DRAFT PAGE(S) Message from the Internal Audit and Advisory Services...1-2 Internal Audit and Advisory Services Plan...3-5 Objectives...6-7 Risk Assessment Process...8

More information

Accounting Information for Decision Making. Accounting. Financial & Managerial. accounting. The Basis for Business Decisions. Learning Objective LO1

Accounting Information for Decision Making. Accounting. Financial & Managerial. accounting. The Basis for Business Decisions. Learning Objective LO1 & Managerial Accounting The Basis for Business Decisions FOURTEENTH EDITION 1-1 Accounting for Decision Making Chapter 1 1-2 Williams Haka Bettner Carcello 1-3 The accounting process 1-4 To discuss accounting

More information

Echo Entertainment Group Limited (ABN 85 149 629 023) Risk and Compliance Committee Terms of Reference

Echo Entertainment Group Limited (ABN 85 149 629 023) Risk and Compliance Committee Terms of Reference (ABN 85 149 629 023) Terms of Reference Contents 1 Introduction to the Terms of Reference 1 1.1 General 1 1.2 Authorities 1 1.3 Board approval 1 1.4 Definitions 1 2 Role of the Committee 1 3 Duties and

More information

Operational Risk Publication Date: May 2015. 1. Operational Risk... 3

Operational Risk Publication Date: May 2015. 1. Operational Risk... 3 OPERATIONAL RISK Contents 1. Operational Risk... 3 1.1 Legislation... 3 1.2 Guidance... 3 1.3 Risk management process... 4 1.4 Risk register... 7 1.5 EBA Guidelines on the Security of Internet Payments...

More information

The IIA Standards: The IPPF Framework

The IIA Standards: The IPPF Framework The IIA Standards: The IPPF Framework S P E A K E R : D O T T. R O B E R TO R O S ATO C O U R S E O F B U S I N E S S A U D I T I N G U N I V E R S I T Y O F R O M E T O R V E R G A T A D E C E M B E R

More information

Application of King III Corporate Governance Principles

Application of King III Corporate Governance Principles Application of Corporate Governance Principles Application of Corporate Governance Principles This table is a useful reference to each of the principles and how, in broad terms, they have been applied

More information

Kesa Risk Universe Compliance Risks

Kesa Risk Universe Compliance Risks Page 1 POLICY CHANGE MANAGEMENT Amendments made Edition Date Original version 00 09/2003 New original version all pages amended 01 06/2009 Pages 5, 7, 8, 9 amended 02 12/2010 Page 2 KESA AUDIT COMMITTEE

More information

NSW Government Digital Information Security Policy

NSW Government Digital Information Security Policy NSW Government Digital Information Security Policy Version: 1.0 Date: November 2012 CONTENTS PART 1 PRELIMINARY... 3 1.1 Scope... 3 1.2 Application... 3 1.3 Objectives... 3 PART 2 CORE REQUIREMENTS...

More information

How to Develop Successful Enterprise Risk and Vendor Management Programs

How to Develop Successful Enterprise Risk and Vendor Management Programs Project Management Institute New York City Chapter January 2014 Chapter Meeting How to Develop Successful Enterprise Risk and Vendor Management Programs Christina S. Kite Senior Vice President Corporate

More information

Feature. A Higher Level of Governance Monitoring IT Internal Controls. Controls tend to degrade over time and between audits.

Feature. A Higher Level of Governance Monitoring IT Internal Controls. Controls tend to degrade over time and between audits. Feature A Higher Level of Governance Monitoring IT Internal Controls Mike Garber, CGEIT, CIA, CITP, CPA, has many years experience as both director for IT governance and as IT audit director for Motorola

More information

Corporate Governance Attestation Statement Health Support Services 2011-12

Corporate Governance Attestation Statement Health Support Services 2011-12 Corporate Governance Attestation Statement 2011-12 ESTABLISH ROBUST GOVERNANCE AND OVERSIGHT FRAMEWORKS Role and function of the Chief Executive The Chief Executive carries out that Offices functions,

More information

Dairy Market, Romania, 2009-2016

Dairy Market, Romania, 2009-2016 Brochure More information from http://www.researchandmarkets.com/reports/3043644/ Dairy Market, Romania, 2009-2016 Description: In 2013 the milk and dairy market in Romania rose 8% in volume and 12% in

More information

Internal Controls and Risk Management Report

Internal Controls and Risk Management Report 42 Internal Controls and Risk Management Report Responsibility Our Board of Directors has the overall responsibility to ensure that sound and effective internal controls are maintained, while management

More information

The purpose of internal control within the Cegedim Group are based on the following topics:

The purpose of internal control within the Cegedim Group are based on the following topics: CHAIRMAN OF THE BOARD OF DIRECTORS REPORT ON THE PREPARATION AND ORGANIZATION OF THE BOARD S WORK AND ON THE INTERNAL CONTROL PROCEDURES IMPLEMENTED BY THE COMPANY INTERNAL CONTROL PROCEDURES Purpose of

More information

The Institute of Internal Auditors 247 Maitland Avenue Altamonte Springs, FL 32701-4201 USA

The Institute of Internal Auditors 247 Maitland Avenue Altamonte Springs, FL 32701-4201 USA INTERNATIONAL Professional Practices Framework (IPPF) Disclosure Copyright 2009 by The Institute of Internal Auditors Research Foundation (IIARF), 247 Maitland Avenue, Altamonte Springs, Florida 32701-4201.

More information

(Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS

(Effective for audits of financial statements for periods beginning on or after December 15, 2009) CONTENTS INTERNATIONAL STANDARD ON AUDITING 315 IDENTIFYING AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT THROUGH UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT (Effective for audits of financial statements for

More information

ASTRAZENECA GLOBAL POLICY SAFEGUARDING COMPANY ASSETS AND RESOURCES

ASTRAZENECA GLOBAL POLICY SAFEGUARDING COMPANY ASSETS AND RESOURCES ASTRAZENECA GLOBAL POLICY SAFEGUARDING COMPANY ASSETS AND RESOURCES THIS POLICY SETS OUT THE REQUIREMENTS FOR SAFEGUARDING COMPANY ASSETS AND RESOURCES TO PROTECT PATIENTS, STAFF, PRODUCTS, PROPERTY AND

More information

JOB PROFILE. Diamond North Credit Union

JOB PROFILE. Diamond North Credit Union JOB PROFILE Diamond North Credit Union DATE: July 2, 2015 JOB TITLE: VP of Finance REPORTS TO: Chief Executive Officer DEPARTMENT: Finance JOB LEVEL: 25 PURPOSE OF POSITION As a member of the executive

More information

PRUDENTIAL FINANCIAL, INC. CORPORATE GOVERNANCE PRINCIPLES AND PRACTICES

PRUDENTIAL FINANCIAL, INC. CORPORATE GOVERNANCE PRINCIPLES AND PRACTICES PRUDENTIAL FINANCIAL, INC. CORPORATE GOVERNANCE PRINCIPLES AND PRACTICES A. THE ROLE OF THE BOARD OF DIRECTORS 1. Direct the Affairs of the Corporation for the Benefit of Shareholders The Prudential board

More information

Smarter Data Center di IBM

Smarter Data Center di IBM Sergio Eufemi - GTS Offering Management and Development Leader Marzo 2011 Smarter Data Center di IBM I nuovi modelli di business richiedono un salto qualitativo e quantitativo all IT in un difficile contesto

More information

A Sarbanes-Oxley Roadmap to Business Continuity

A Sarbanes-Oxley Roadmap to Business Continuity A Sarbanes-Oxley Roadmap to Business Continuity NEDRIX Conference June 23, 2004 Dr. Eric Schmidt eschmidt@controlsolutions.com Control Solutions International TECHNOLOGY ADVISORY, ASSURANCE & RISK MANAGEMENT

More information

U & D COAL LIMITED A.C.N. 165 894 806 BOARD CHARTER

U & D COAL LIMITED A.C.N. 165 894 806 BOARD CHARTER U & D COAL LIMITED A.C.N. 165 894 806 BOARD CHARTER As at 31 March 2014 BOARD CHARTER Contents 1. Role of the Board... 4 2. Responsibilities of the Board... 4 2.1 Board responsibilities... 4 2.2 Executive

More information

WORLD DUTY FREE S.p.A. REGULATION AND PROCEDURE OF THE INTERNAL CONTROL COMMITTEE AND CORPORATE GOVERNANCE

WORLD DUTY FREE S.p.A. REGULATION AND PROCEDURE OF THE INTERNAL CONTROL COMMITTEE AND CORPORATE GOVERNANCE WORLD DUTY FREE S.p.A. REGULATION AND PROCEDURE OF THE INTERNAL CONTROL COMMITTEE AND CORPORATE GOVERNANCE 1 REGULATION AND PROCEDURE OF THE INTERNAL CONTROL COMMITTEE AND CORPORATE GOVERNANCE World Duty

More information

Contents of the ISO 9001:2008 Quality System Checklist

Contents of the ISO 9001:2008 Quality System Checklist Contents of the ISO 9001:2008 Quality System Checklist Page Hyperlinks (click underlines) This SAMPLE document includes 4 clauses of the standard. You receive the Windows.doc file (with hyperlinks). You

More information

Application Processing Monitoring the processing of the application with the regulator, and liaising with the parties involved

Application Processing Monitoring the processing of the application with the regulator, and liaising with the parties involved Investment Funds The use of foreign companies for investment fund activities is a widely spread practice amongst international investors. Abacus offers a comprehensive solution for investment funds and

More information

International Institute of Management

International Institute of Management Executive Education Executive Action Learning Seminars Executive Seminars Executive Courses International Institute of Management Executive Education Courses CIO & Sarbanes Oxley Compliance SOX Implementation

More information

Principles for the audit committee s role in performance management

Principles for the audit committee s role in performance management Principles for the audit committee s role in performance management The information contained in this guidance paper is provided for discussion purposes. As such, it is intended to provide the reader and

More information

AGA Kansas City Chapter Data Analytics & Continuous Monitoring

AGA Kansas City Chapter Data Analytics & Continuous Monitoring AGA Kansas City Chapter Data Analytics & Continuous Monitoring Agenda Market Overview & Drivers for Change Key challenges that organizations face Data Analytics What is data analytics and how can it help

More information

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide RISK BASED AUDITING: A VALUE ADD PROPOSITION Participant Guide About This Course About This Course Adding Value for Risk-based Auditing Seminar Description In this seminar, we will focus on: The foundation

More information

An Oracle White Paper November 2011. Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime

An Oracle White Paper November 2011. Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime An Oracle White Paper November 2011 Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime Disclaimer The following is intended to outline our general product direction.

More information

SCOPE OF WORK FOR PERFORMING INTERNAL CONTROL AND STATUTORY/REGULATORY COMPLIANCE AUDITS FOR RECIPIENTS OF SPECIAL MUNICIPAL AID

SCOPE OF WORK FOR PERFORMING INTERNAL CONTROL AND STATUTORY/REGULATORY COMPLIANCE AUDITS FOR RECIPIENTS OF SPECIAL MUNICIPAL AID SCOPE OF WORK FOR PERFORMING INTERNAL CONTROL AND STATUTORY/REGULATORY COMPLIANCE AUDITS FOR RECIPIENTS OF SPECIAL MUNICIPAL AID State of New Jersey Department of Community Affairs Division of Local Government

More information

Regulatory Compliance Management (RCM) (formerly Legislative Compliance Management (LCM))

Regulatory Compliance Management (RCM) (formerly Legislative Compliance Management (LCM)) Guideline Subject: Category: (RCM) (formerly Legislative Compliance Management (LCM)) Sound Business & Financial Practices No: E-13 Date: November 2014 I. Purpose and Scope of the Guideline The purpose

More information

August 2012 Report No. 12-048

August 2012 Report No. 12-048 John Keel, CPA State Auditor An Audit Report on The Texas Windstorm Insurance Association Report No. 12-048 An Audit Report on The Texas Windstorm Insurance Association Overall Conclusion The Texas Windstorm

More information

Achieving Business Imperatives through IT Governance and Risk

Achieving Business Imperatives through IT Governance and Risk IBM Global Technology Services Achieving Business Imperatives through IT Governance and Risk Peter Stremus Internet Security Systems, an IBM Company Introduction : Compliance Value Over the past 15 years

More information

Records and Document Management

Records and Document Management Records and Document Management Policy P3 Current: Updated November 2011 Table of Contents Purpose... 3 Scope... 3 Definitions... 3 Policy statement... 4 Responsibility... 4 Legislative context... 5 Associated

More information

AMTRUST FINANCIAL SERVICES, INC. AUDIT COMMITTEE CHARTER

AMTRUST FINANCIAL SERVICES, INC. AUDIT COMMITTEE CHARTER Audit Committee Charter AMTRUST FINANCIAL SERVICES, INC. AUDIT COMMITTEE CHARTER Audit Committee Purpose The Audit Committee ( Committee ) is appointed by the Board of Directors of AmTrust Financial Services,

More information

Supervisory Board Bank Zachodni WBK REPORT ON THE SUPERVISORY BOARD ACTIVITY IN 2011. February 2012, Warsaw

Supervisory Board Bank Zachodni WBK REPORT ON THE SUPERVISORY BOARD ACTIVITY IN 2011. February 2012, Warsaw Supervisory Board Bank Zachodni WBK REPORT ON THE SUPERVISORY BOARD ACTIVITY IN 2011 February 2012, Warsaw I. BOARD COMPOSITION & MANNER OF DISCHARGE DUTIES & RESPONSIBILITIES 1. As at 1 January 2011,

More information

ISO 9001:2008 Audit Checklist

ISO 9001:2008 Audit Checklist g GE Power & Water ISO 9001:2008 Audit Checklist Organization Auditor Date Page 1 Std. 4.1 General s a. Are processes identified b. Sequence & interaction of processes determined? c. Criteria for operation

More information

Credit Union Liability with Third-Party Processors

Credit Union Liability with Third-Party Processors World Council of Credit Unions Annual Conference Credit Union Liability with Third-Party Processors Andrew (Andy) Poprawa CEO, Deposit Insurance Corporation of Ontario Canada 1 Credit Union Liability with

More information

Audit, Risk Management and Compliance Committee Charter

Audit, Risk Management and Compliance Committee Charter Audit, Risk Management and Compliance Committee Charter Woolworths Limited Adopted by the Board on 27 August 2013 page 1 1 Introduction This Charter sets out the responsibilities, structure and composition

More information

The role of Internal Audit under Solvency II

The role of Internal Audit under Solvency II The role of Internal Audit under Solvency II ECIIA task force / Solvency II / position paper / Internal audit TABLE CONTENT 1. INTRODUCTION 1. Introduction... p.3 2. Does the role of Internal Audit change

More information

Enhancing Sustainability and Profitability for Utility Businesses through Effective & Efficient Supply Chain Management

Enhancing Sustainability and Profitability for Utility Businesses through Effective & Efficient Supply Chain Management Enhancing Sustainability and Profitability for Utility Businesses through Effective & Efficient Supply Chain Management Kevin Jacoby Chief Financial Officer City of Cape Town South Africa Overview Supply

More information

COSO 2013 Internal Control Framework

COSO 2013 Internal Control Framework COSO 2013 Internal Control A Guide to Implementation July 24, 2014 Justin Adamson Agenda COSO Background Changes to the Roadmap to Implementation Implementation Considerations & Lessons Learned 2 1 Who/What

More information

February 25, 2003 ANITA J. BIZZOTTO SENIOR VICE PRESIDENT, CHIEF MARKETING OFFICER HENRY A. PANKEY, VICE PRESIDENT, DELIVERY AND RETAIL

February 25, 2003 ANITA J. BIZZOTTO SENIOR VICE PRESIDENT, CHIEF MARKETING OFFICER HENRY A. PANKEY, VICE PRESIDENT, DELIVERY AND RETAIL February 25, 2003 ANITA J. BIZZOTTO SENIOR VICE PRESIDENT, CHIEF MARKETING OFFICER CHARLES E. BRAVO SENIOR VICE PRESIDENT, INTELLIGENT MAIL AND ADDRESS QUALITY HENRY A. PANKEY, VICE PRESIDENT, DELIVERY

More information

CHARTER PEOPLE S UNITED FINANCIAL, INC. AUDIT COMMITTEE

CHARTER PEOPLE S UNITED FINANCIAL, INC. AUDIT COMMITTEE CHARTER PEOPLE S UNITED FINANCIAL, INC. AUDIT COMMITTEE Purpose and Authority: The Audit Committee (the Committee ) of People s United Financial, Inc. (together with its subsidiary People s United Bank

More information

Security Control Standard

Security Control Standard Security Standard The security and risk management baseline for the lottery sector worldwide Updated by the WLA Security and Risk Management Committee V1.0, November 2006 The WLA Security Standard is the

More information

Curriculum Vitae ssimo GATTO Chartered Accountant and Chartered Auditor Current positions:

Curriculum Vitae ssimo GATTO Chartered Accountant and Chartered Auditor Current positions: Massimo GATTO Chartered Accountant and Chartered Auditor Born in: Rome, 27 June 1963 Resident in: - 00144, Rome, ITALY Tel: +39 06 83510219 Fax: +39 06 81171286 Mobile: +39 338 2523037 email: massimogatto

More information

Enterprise Risk Management for Independent Schools. Denise K. Gutches President DKG Consulting, Inc.

Enterprise Risk Management for Independent Schools. Denise K. Gutches President DKG Consulting, Inc. Enterprise Risk Management for Independent Schools CAIS Trustee/ School Heads Conference Westin St. Francis January 25-26, 2014 Ronald C. Wanglin, CIC, CSRM Chairman of the Board Bolton & Company Denise

More information

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma Governance, Risk, Compliance (GRC) Automation Siamak Razmazma Siamak.razmazma@protiviti.com September 2009 Agenda Introduction to

More information