An Integrated Approach to the Internal Control System
|
|
- Morgan Allison
- 8 years ago
- Views:
Transcription
1 An Integrated Approach to the Internal Control System - New Methodology for Evaluating Design and Effectiveness - Carolyn Dittmeier President, IIA Italy Vice President, Head of Internal Auditing Poste Italiane 1
2 Increasing legislation and regulation of governance Anti corruption (Law 231) Sarbanes (Law 262) Stock Exchange Governance Code Bank Regulations New Corporate Governance players Corporate Governance Paper IIA Italy 2
3 Numerous corporate governance players Compliance Officer Audit Committee Board of Directors Board of Statutory Auditors Other Control Bodies CFO Quality Internal Audit Security Compliance Function Inspectorate Human Resource & Organization Safety Privacy Operational Management 3
4 Numerous Corporate Governance Players Possible consequences: Cost efficiency Cost of governance exceeds benefits in risk reduction Effectiveness Inadequate/fragmented risk coverage 4
5 Corporate Governance Paper Associazione Italiana Internal Auditors Key points to an Integrated Corporate Governance Model: I. Global business risk assessment II. Unified Internal Control System Three Control Levels Optimizing Relationships Single Evaluation Criteria III. Mechanisms of Assurance 5
6 Business Case Its Business General Strategy Logistics, postal and courrier express Banking, financial services and insurance Leveraging upon a major national network, integrating new innovative services to core businesses 150,000 Employees 14,000 Post offices 200 Logistic Centres Vehicles 2,700 ATM Total Sales (mil) of which: Logistics/Postal Financial/ Banking 6
7 Business Case Compliance Officer INTERNAL AUDITING CHAIRMAN BOARD OF DIRECTORS RS CHIEF EXECUTIVE OFFICE LEGAL AFFAIRS Court Auditors Statutory tory Auditors CORPORATE AFFAIRS ACCOUNTANCY & CONTROL RISK MGMT/ SECURITY HUMAN RESOURCES AND ORGANIZATION STRATEGIC PLANNING COMMUNICATION AND PUBLIC AFFAIRS FINANCE CHIEF INFORMATION OFFICE PURCHASING REAL ESTATE BUSINESS UNITS RETAIL NETWORK MAIL EXPRESS AND PARCELS LOGISTICS AND OPERATIONS PHILATELY BANCOPOSTA COMPLIANCE FUNCTION 7 AUDIT
8 Business Case CHAIRMAN CEO Court Auditors Statutory tory Auditors INTERNAL AUDITING Compliance Officer STANDARDS/ RESEARCH PLANNING ETHICS AUDIT Bancoposta AUDIT FINANCIAL & RETAIL NETWORK AUDIT LOGISTICS POSTAL AUDIT SUPPORT PROCESSES GEOGRAPHICAL AREA MANAGERS INTEGRATED PROCESS AUDIT
9 Business Case Governance milestones Public Economic Entity Transformation to a stock company Poste Italiane - Società per Azioni Poste Italiane is subject to supervision of Financial Regulatory Bodies Implementation of Internal Audit replacing Inspectorship Implementation of Ethics Officer Code of Ethics Implementation of Enterprise Risk Management Model 2007 Introduction of Sarbanes Accounting Officer 9
10 Corporate Governance Paper Associazione Italiana Internal Auditors Key points to an Integrated Corporate Governance Model I. Global Business Risk Assessment 10
11 Global Business Risk Assessment? Operational risks Compliance risks Reputational risks Strategic risks Financial risks Accounting risks 11
12 Business Case Enterprise Risk Management framework adopted in 2006 Obiettivi Goal Model Poste Poste Obiettivi di Business Efficienza di Processo Volume/Ricavie Obiettivi di Governo Rispetto della normativa Sicurezza Affidabilità delle informazioni OBIETTIVI RISCHI POTENZIALI Risk Model Poste Rischi Interni Fattore Disegno umano Processo/Sistemi Compliance Processi IT Rischi Esterni Governo e controllo direzionale Monitoraggio/ Informativa Scenario Socio- Economico Concorrenza Mercato/ Cliente Contenimento Costi Customer Satisfaction Employee welfare CONTROLLI Risorse Umane Processi Ammin./ Contab. Pianificazione Partner/ Fornitori Quota di mercato Redditività Innovazione Tecnologica Certezza operativa Integrazione Efficacia ed Efficienza IT RISCHI RESIDUI Rischi Non Operativi Rischi Operativi Altri Processi Infrastruttura/ Risorse tecniche Integrazione Contesto Legale Attacchi/ Eventi esterni Tecnologia Risk Model based on Goal Model
13 ERM Business Maturity Checkpoints 1. Risk Framework 2. Control Risk Self-Assessment worshop 3. Strong professional development programs 4. Budget and incentive system incorporating Key Risk Indicators 5. Full risk management culture
14 Corporate Governance Paper Associazione Italiana Internal Auditors Key points to an Integrated Corporate Governance Model II. A Unified Internal Control System Three Control Levels Optimizing Relationships Single Evaluation Criteria 14
15 Three levels of control activities within the Enterprise Risk Management Model Company Bodies Audit Committee Definition of Objectives Risk Management Internal environment Information and communication COSO: Control activities 3 rd Level Assurance Activity (Internal Audit) 2 nd Level Monitoring Activity (Risk Management, Compliance, Controller) 1 st Level Control Activity (Line Control) 15
16 A Unified Internal Control System Optimizing Relationships between Control bodies and functions Informational Reporting Communication by meetings and presentations Providing Directives In relation to their assurance, consulting or other roles 16
17 Reporting & Interchange between Governance & Control Bodies Business Case Statutory tory Auditors BOARD OF DIRECTORS RS Monthly Court Auditors Compliance Officer Bimonthly CFO Financial Reporting control Quarterly INTERNAL AUDITING Overall Internal Control Semiannual Bimonthly COMMITTEE Internal Audit, Human Resources, Legal Affairs; CFO; Security/Risk Mgmt Risk and Compliance Periodic : issues Risk Management Bancoposta Compliance Function Bancoposta Company Business Units and Depts 17
18 A Unified Internal Control System Integrated methodology for business control identification and evaluation Focusing separately on: Control Design Control Operating Effectiveness 18
19 How to evaluate the Integrated Internal Control System Risk Tolerance Control Objectives Risk Acceptance Control Design Adequacy Effectiveness, Efficiency and cost effectiveness Operating effectiveness Relevance Strength Resources availability Red-flag analysis Coverage Reactivity Compliance verification 19
20 Definition of a control? A set of activities whose purpose is to identify and correct errors and anomalies in order to reach defined control objectives, risk based Input Standard Input Capture/ Measurement Comparison input / standard Correction Output 20
21 Control Objectives, risk based (examples) Quality and timeliness of operations Reliability and integrity of Company information (financial and operational) Proper and effective contractual relations with customers and suppliers Compliance to Regulations Prevention of fraud Business continuity 21
22 How to evaluate the Integrated Internal Control System Risk Tolerance Control Objectives Risk Acceptance Control Design Adequacy Effectiveness, Efficiency and Cost effectiveness Operating effectiveness Relevance Strength Resources availability Red-flag analysis Coverage Reactivity Compliance verification 22
23 Process Case study: quality cheese production Production of fresh cheese according to quality standards Activity 1 Supply request Activity 2 Production Control over Production Time Standards Activity 3 Packaging For every fresh cheese lot, the Production Dept requests, up to 5 days before the fermentation process, requests from the Purchasing Dept quantities of milk supplies on the basis of approved monthly sales forecasts. Upon supply of milk (<3 days) the Production Dept proceeds: Pasteurisation (2 hours) Coagulation of casein (2 hours) Drainage of whey (1 hour); Pressing and salting (1 hour) (time frame automatically recorded in 3 of 4 phases) The Quality Dept verifies respect of production time standards. If non compliant, it blocks the packaging process, requesting the lot to be destroyed and re-produced. Following authorization given by Quality Dept, the Production Dept proceeds to package the fresh cheese within 24 hours for delivery by the Distribution Dept by the next day. 23
24 Case study: quality cheese production Control objectives: Ensure fresh cheese according to quality standards Ensure the absence of pathogens in the milk Ensure production-time for avoiding pathogenic generation Ensure temperature-preservation for avoiding pathogenic generation Control over Production Time Standards Control components Actual time frame (automatic) Time Limitation Standards Information System Check Lot destruction when out of time standard Replacement of Production lot Authorization for packaging 24
25 Control evaluation:scale of 1-5 (1-2 positive, negative). Control Objective Adequacy 2 Control Design Operating effectiveness 1 Relevance Coverage Strength 3 Reactivity Resources availability Compliance test Red-flag analysis Discretion Integration Independe nt Segregatio n Automatio n Adaptabilit y Traceabilit y 25
26 Case study: quality cheese production Discretion Integration Independence Segregation Automation Adaptability Traceability Strength 3
27 Case study: quality cheese production Coverage Risk Tolerance Control Design Relevance Strength Scenario Control Objectives Adequacy Effectiveness, Efficiency and cost effectiveness Reactivity Control design evaluation: positive (2) Resources availability Risk Acceptance Operating effectiveness Compliance test Red-flag analysis Control operating effectiveness evaluation: good (3) Test 1 Audit Program Verify Information system utilized for standard check Test 2 Examine Sample of production lots checked by Quality Dept scenario 1^ 1^ scenario 2^ 2^ scenario 3^ 3^ Known and and positive design Known; design non non positive Unknown design Audit Exception Level Test 1: 20% - Test 2: 5% 27
28 Corporate Governance Paper Associazione Italiana Internal Auditors Key points to an Integrated Corporate Governance Model: I. Global business risk assessment II. Unified Internal Control System Three Control Levels Optimizing Relationships Single Evaluation Criteria III. Mechanisms of Assurance 28
Numerous corporate governance players
An Integrated Approach to the Internal System - New Methodology for Evaluating Design and Effectiveness - Carolyn Dittmeier President, IIA Italy Vice President, Head of Internal Auditing Poste Italiane
More informationProcedure deliberative per il compimento di operazioni con soggetti collegati
COMMENTS TO THE DISCUSSION PAPER OF THE BANK OF ITALY S DISPOSIZIONI DI VIGILANZA PRUDENZIALE PER LE BANCHE SISTEMA DEI CONTROLLI INTERNI, SISTEMA INFORMATIVO E CONTINUITÀ OPERATIVA Deutsche Bank SpA Procedure
More informationTexas Workforce Commission
Fiscal Year 2016 Audit Plan Approved by Commission September 28, 2015 Fiscal Year 2016 Audit Plan 1 Table of Contents Overview... 3 The Role of Internal Audit... 3 Professional and Statutory Requirements...
More informationAddressing SOX compliance with XaitPorter. Version 1.0 Sept. 2014
Addressing SOX compliance with XaitPorter Version 1.0 Sept. 2014 Table of Contents 1 Addressing Compliance... 1 2 SOX Compliance... 2 3 Key Benefits... 5 4 Contact Information... 6 1 Addressing Compliance
More informationHSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE
HSBC FINANCE CORPORATION CHARTER OF THE RISK COMMITTEE I. Committee Purpose The Risk Committee is appointed by the Board of Directors of HSBC Finance Corporation (the Corporation ) and is responsible,
More informationAPPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES
APPLICATION OF THE KING III REPORT ON CORPORATE GOVERNANCE PRINCIPLES Ethical Leadership and Corporate Citizenship The board should provide effective leadership based on ethical foundation. that the company
More informationAPPLICATION OF KING III CORPORATE GOVERNANCE PRINCIPLES 2014
WOOLWORTHS HOLDINGS LIMITED CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 CORPORATE GOVERNANCE PRINCIPLES 2014 This table is a useful reference to each of the King III principles
More informationSAI GLOBAL LIMITED Risk Management Policy
SAI GLOBAL LIMITED Risk Management Policy SAI Global Ltd ABN 67050611642 Last Updated: February 2012 Contents 1. Risk Management... 3 2. Policy... 3 3. Risk Management Philosophy... 3 4. Risk Appetite...
More informationInternal/External Audits
Internal/External Audits Joint World Bank/Federal Reserve System Seminar for Senior Bank Supervisors Arthur Lindo Federal Reserve Board Presentation Topics ❿Internal Audit, Corporate Governance and Controls
More informationCompliance Applicata. Milano, 7 febbraio 2007. Dr. Jean Paul Ballerini Sr. Technology Solutions Expert
Compliance Applicata Milano, 7 febbraio 2007 Dr. Jean Paul Ballerini Sr. Technology Solutions Expert Legislazione e Normative Terrorism Act 2000 Sarbanes Oxley Act FSA CMA HIPAA Here is another one Obscene
More informationCHARTER FOR THE THE REGULATORY, COMPLIANCE & GOVERNMENT AFFAIRS COMMITTEE CHARTER THE BOARD OF DIRECTORS
CHARTER FOR THE THE REGULATORY, COMPLIANCE & GOVERNMENT AFFAIRS COMMITTEE CHARTER OF THE BOARD OF DIRECTORS OF Copyright/permission to reproduce Materials in this document were produced or compiled by
More informationIT GOVERNANCE PANEL BRING VALUE BY AUDITING IT GOVERNANCE GET THE
1 IT GOVERNANCE PANEL BRING VALUE BY AUDITING IT GOVERNANCE GET THE ANSWERS AND PRACTICAL TIPS FROM THE IT GOVERNANCE AUDIT PROFESSIONALS JOHAN LIDROS, PRESIDENT EMINERE GROUP KATE MULLIN, CISO, HEALTH
More informationand Risk Tolerance in an Effective ERM Program
The Roles of Risk Appetite and Risk Tolerance in an Effective ERM Program Eric Gerner, Risk Advisory Services Director Tuesday, July 10, 2012 General Information Share the webinar Ask a question Votes
More informationSample Financial institution Risk Management Policy 2011
Sample Financial institution Risk Management Policy 2011 1 Contents Risk Management Program...2 Internal Control and Risk Management Diagram... 2 General Control Environment... 2 Specific Internal Control
More informationIndependent third-party company specialized in second and third-party audits
Independent third-party company specialized in second and third-party audits SOCIETY PRESENTATION From several years, AUDIT S.r.l. deals with second and third-party audit services for verification of compliance
More informationThe Upside of Risk: Enterprise Risk Management and Public Real Estate Companies
The Upside of Risk: Enterprise Risk Management and Public Real Estate Companies James Barkley, Simon Property Group, Inc. and David E. Weiss, DDR Corp. Introduction: As lawyers, particularly real estate
More informationKING III CORPORATE GOVERNANCE COMPLIANCE REGISTER
KING III CORPORATE GOVERNANCE REGISTER CHAPTER 1: ETHICAL LEADERSHIP AND CORPORATE CITIZENSHIP NON 1.1. The board should provide effective leadership based on an ethical foundation 1.2. The board should
More informationTECK RESOURCES LIMITED AUDIT COMMITTEE CHARTER
Page 1 of 7 A. GENERAL 1. PURPOSE The purpose of the Audit Committee (the Committee ) of the Board of Directors (the Board ) of Teck Resources Limited ( the Corporation ) is to provide an open avenue of
More informationFor personal use only
Statement of Corporate Governance for the Year Ended 30 June 2015 This Corporate Governance Statement is current as at 1 September 2015 and has been approved by the Board of Equus Mining Limited ( the
More informationA Framework for Managing Crime and Fraud
A Framework for Managing Crime and Fraud ASIS European Security Conference & Exhibition Gothenburg, April 15, 2013 Torsten Wolf Group Head of Crime and Fraud Prevention Agenda Introduction Economic Crime
More informationMapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA
Volume 3, July 2014 Come join the discussion! Alberto León Lozano will respond to questions in the discussion area of the COBIT 5 Use It Effectively topic beginning 21 July 2014. Mapping COBIT 5 with IT
More informationCrime Prevention and Anti- Fraud Policy of Gamesa Corporación Tecnológica, S.A. (March 23, 2011)
Crime Prevention and Anti- Fraud Policy of Gamesa Corporación Tecnológica, S.A. (March 23, 2011) I. PURPOSE The Board of Directors of Gamesa Corporación Tecnológica, S.A. (the Company or Gamesa) has been
More informationSector Development Ageing, Disability and Home Care Department of Family and Community Services (02) 8270 2218
Copyright in the material is owned by the State of New South Wales. Apart from any use as permitted under the Copyright Act 1968 and/or as explicitly permitted below, all other rights are reserved. You
More informationRamsay Health Care Limited ACN 001 288 768 Board Charter. Charter
Ramsay Health Care Limited ACN 001 288 768 Board Charter Charter Approved by the Board of Ramsay Health Care Limited on 23 October 2012 Ramsay Health Care Limited ABN 57 001 288 768 Board Charter Contents
More informationRelevant COSO Principles. Policies and procedures are maintained. Policies and Procedures. Roles and responsibilities are identified
Accountability is unable to govern service processes No consistent or communicated policies procedures structure is inadequate Policies procedures are maintained Roles responsibilities are identified Policies
More informationAuditing Outsourcing Arrangements
Auditing Outsourcing Arrangements Eileen Healy Enterprise Risk Services Director 16 April 2015 Contact Details: - Email: - ehealy@deloitte.ie Mobile: - 086 164 3082 Session Objectives To provide an understanding
More informationCharter of the Audit Committee of the Board of Directors
Charter of the Audit Committee of the Board of Directors Dated as of April 27, 2015 1. Purpose The Audit Committee is a committee of the Board of Directors (the Board ) of Yamana Gold Inc. (the Company
More informationQUALITY MANAGEMENT SYSTEM REQUIREMENTS General Requirements. Documentation Requirements. General. Quality Manual. Control of Documents
Chapter j 38 Self Assessment 729 QUALITY MANAGEMENT SYSTEM REQUIREMENTS General Requirements 1. Establishing and implementing a documented quality management system 2. Implementing a documented quality
More informationACCA P1 Internal Control. incorporated into Combined code, it was last revised in 2005 and still present as a standalone document.
Internal Control ACCA P1 Internal Control Turnbull Report 1999 provided guidance for creating strong internal control system and later incorporated into Combined code, it was last revised in 2005 and still
More informationCompliance. Group Standard
Group Standard Compliance Serco is committed to good governance practices and the management of risks supported by a robust business compliance process SMS-GS-G2 Compliance July 2014 v1.0 Serco Public
More informationTying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation
Tying It All Together: Practical ERM Integration Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation November 16, 2007 1 Agenda Basis for ERM Integration ERM Objectives ERM Focus
More informationRevised May 2007. Corporate Governance Guideline
Revised May 2007 Corporate Governance Guideline Table of Contents 1. INTRODUCTION 1 2. PURPOSES OF GUIDELINE 1 3. APPLICATION AND SCOPE 2 4. DEFINITIONS OF KEY TERMS 2 5. FRAMEWORK USED BY CENTRAL BANK
More informationCOMPLIANCE FRAMEWORK AND REPORTING GUIDELINES
COMPLIANCE FRAMEWORK AND REPORTING GUIDELINES DRAFT FOR CONSULTATION June 2015 38 Cavenagh Street DARWIN NT 0800 Postal Address GPO Box 915 DARWIN NT 0801 Email: utilities.commission@nt.gov.au Website:
More informationTabcorp Holdings Limited
(ABN 66 063 780 709) Audit, Risk and Compliance Committee Terms of Reference Contents 1 Introduction to the Terms of Reference 1 1.1 General 1 1.2 Board approval 1 1.3 Definitions 1 2 Role of the Committee
More informationLinking Risk Management to Business Strategy, Processes, Operations and Reporting
Linking Risk Management to Business Strategy, Processes, Operations and Reporting Financial Management Institute of Canada February 17 th, 2010 KPMG LLP Agenda 1. Leading Practice Risk Management Principles
More informationLafargeHolcim Ltd. Finance & Audit Committee Charter Review date: July 28, 2015
LafargeHolcim Ltd Finance & Audit Committee Charter Review date: July 28, 2015 1. Purpose 1.1 Mission The Finance & Audit Committee ( FAC ) is an expert committee formally appointed by the Board of Directors
More informationCOHERENT, INC. Board of Directors. Governance Guidelines
COHERENT, INC. Board of Directors Governance Guidelines Effective: December 12, 2013 1. Mission of the Board The Board of Directors (the Board ) has the ultimate responsibility for the well being of the
More informationPoste Italiane ICT Measurement
Poste Italiane ICT Measurement Paolo Baldelli DCPT Process and Technologies Central Department Poste Italiane S.p.A. 1 Direzione Centrale Processi e Tecnologie Agenda! Poste Italiane : the Company and
More information3.6 - REPORT BY THE CHAIRMAN OF THE BOARD OF DIRECTORS ON CORPORATE GOVERNANCE, RISK MANAGEMENT AND INTERNAL CONTROLS
RISK FACTORS Report by the Chairman of the Board of Directors on corporate governance, risk management and internal controls Property damage and operating loss insurance Property damage/operating loss
More informationSemiannual Report to Congress. Office of Inspector General
Semiannual Report to Congress Office of Inspector General Federal Election Commission 999 E Street, N.W., Suite 940 Washington, DC 20463 April 1, 2005 September 30, 2005 November 2005 TABLE OF CONTENTS
More informationIT Governance Charter
Version : 1.01 Date : 16 September 2009 IT Governance Network South Africa USA UK Switzerland www.itgovernance.co.za info@itgovernance.co.za 0825588732 IT Governance Network, Copyright 2009 Page 1 1 Terms
More informationLa Qualità dietro lo sportello: metodi, strumenti e tecnologie
1 La Qualità dietro lo sportello: metodi, strumenti e tecnologie Dr.ssa Paola Pizzi U.O. Collaudo e Certificazione Sessione di Studio AIEA, Verona, 25 novembre 2005 Poste Italiane Group Group s Profile
More informationHow To Write A Pca Dss Compliance Solution For Gameplan Group Ltd
PCI Compliance reporting solution This document describes GamePlan s PCI DSS compliance solution and its ability to assist organisations to be compliant with the regulatory requirements of the Payment
More informationSupervisory Board Activities Newsletter April-May 2010
Supervisory Board Activities Newsletter April-May 2010 During April and May 2010 the Telecom Italia Supervisory Board (Organo di vigilanza OdV) carried on monitoring the correct execution of the Undertakings
More informationEcho Entertainment Group Limited (ABN 85 149 629 023) Risk and Compliance Committee Terms of Reference
(ABN 85 149 629 023) Terms of Reference Contents 1 Introduction to the Terms of Reference 1 1.1 General 1 1.2 Authorities 1 1.3 Board approval 1 1.4 Definitions 1 2 Role of the Committee 1 3 Duties and
More informationRISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY
RISK MANAGEMENT OVERVIEW 2011 RISK CONFERENCE SPONSORED BY THE FEDERAL RESERVE BANK OF CHICAGO AND DEPAUL UNIVERSITY PRESENTED BY: LEN WIATR, CHIEF RISK OFFICER Len s Risk Management Philosophy Build a
More informationOperational Risk Publication Date: May 2015. 1. Operational Risk... 3
OPERATIONAL RISK Contents 1. Operational Risk... 3 1.1 Legislation... 3 1.2 Guidance... 3 1.3 Risk management process... 4 1.4 Risk register... 7 1.5 EBA Guidelines on the Security of Internet Payments...
More informationAccounting Information for Decision Making. Accounting. Financial & Managerial. accounting. The Basis for Business Decisions. Learning Objective LO1
& Managerial Accounting The Basis for Business Decisions FOURTEENTH EDITION 1-1 Accounting for Decision Making Chapter 1 1-2 Williams Haka Bettner Carcello 1-3 The accounting process 1-4 To discuss accounting
More informationThe role of Internal Audit under Solvency II
The role of Internal Audit under Solvency II ECIIA task force / Solvency II / position paper / Internal audit TABLE CONTENT 1. INTRODUCTION 1. Introduction... p.3 2. Does the role of Internal Audit change
More informationThe Role of the Board in Enterprise Risk Management
Enterprise Risk The Role of the Board in Enterprise Risk Management The board of directors plays an essential role in ensuring that an effective ERM program is in place. Governance, policy, and assurance
More informationFramework for Enterprise Risk Management
Framework for Enterprise Risk Management 2013 Johnson & Johnson Contents Introduction.... 4 J&J Strategic Framework... 5 What is Risk?.......................................................... 7 J&J Approach
More informationKesa Risk Universe Compliance Risks
Page 1 POLICY CHANGE MANAGEMENT Amendments made Edition Date Original version 00 09/2003 New original version all pages amended 01 06/2009 Pages 5, 7, 8, 9 amended 02 12/2010 Page 2 KESA AUDIT COMMITTEE
More informationNSW Government Digital Information Security Policy
NSW Government Digital Information Security Policy Version: 1.0 Date: November 2012 CONTENTS PART 1 PRELIMINARY... 3 1.1 Scope... 3 1.2 Application... 3 1.3 Objectives... 3 PART 2 CORE REQUIREMENTS...
More informationThe purpose of internal control within the Cegedim Group are based on the following topics:
CHAIRMAN OF THE BOARD OF DIRECTORS REPORT ON THE PREPARATION AND ORGANIZATION OF THE BOARD S WORK AND ON THE INTERNAL CONTROL PROCEDURES IMPLEMENTED BY THE COMPANY INTERNAL CONTROL PROCEDURES Purpose of
More informationThe Institute of Internal Auditors 247 Maitland Avenue Altamonte Springs, FL 32701-4201 USA
INTERNATIONAL Professional Practices Framework (IPPF) Disclosure Copyright 2009 by The Institute of Internal Auditors Research Foundation (IIARF), 247 Maitland Avenue, Altamonte Springs, Florida 32701-4201.
More informationCorporate Governance Attestation Statement Health Support Services 2011-12
Corporate Governance Attestation Statement 2011-12 ESTABLISH ROBUST GOVERNANCE AND OVERSIGHT FRAMEWORKS Role and function of the Chief Executive The Chief Executive carries out that Offices functions,
More informationHow to Develop Successful Enterprise Risk and Vendor Management Programs
Project Management Institute New York City Chapter January 2014 Chapter Meeting How to Develop Successful Enterprise Risk and Vendor Management Programs Christina S. Kite Senior Vice President Corporate
More informationDairy Market, Romania, 2009-2016
Brochure More information from http://www.researchandmarkets.com/reports/3043644/ Dairy Market, Romania, 2009-2016 Description: In 2013 the milk and dairy market in Romania rose 8% in volume and 12% in
More informationHow To Audit A Company
INTERNATIONAL STANDARD ON AUDITING 315 IDENTIFYING AND ASSESSING THE RISKS OF MATERIAL MISSTATEMENT THROUGH UNDERSTANDING THE ENTITY AND ITS ENVIRONMENT (Effective for audits of financial statements for
More informationInternational Institute of Management
Executive Education Executive Action Learning Seminars Executive Seminars Executive Courses International Institute of Management Executive Education Courses CIO & Sarbanes Oxley Compliance SOX Implementation
More informationWORLD DUTY FREE S.p.A. REGULATION AND PROCEDURE OF THE INTERNAL CONTROL COMMITTEE AND CORPORATE GOVERNANCE
WORLD DUTY FREE S.p.A. REGULATION AND PROCEDURE OF THE INTERNAL CONTROL COMMITTEE AND CORPORATE GOVERNANCE 1 REGULATION AND PROCEDURE OF THE INTERNAL CONTROL COMMITTEE AND CORPORATE GOVERNANCE World Duty
More informationSmarter Data Center di IBM
Sergio Eufemi - GTS Offering Management and Development Leader Marzo 2011 Smarter Data Center di IBM I nuovi modelli di business richiedono un salto qualitativo e quantitativo all IT in un difficile contesto
More informationPRUDENTIAL FINANCIAL, INC. CORPORATE GOVERNANCE PRINCIPLES AND PRACTICES
PRUDENTIAL FINANCIAL, INC. CORPORATE GOVERNANCE PRINCIPLES AND PRACTICES A. THE ROLE OF THE BOARD OF DIRECTORS 1. Direct the Affairs of the Corporation for the Benefit of Shareholders The Prudential board
More informationInternal Controls and Risk Management Report
42 Internal Controls and Risk Management Report Responsibility Our Board of Directors has the overall responsibility to ensure that sound and effective internal controls are maintained, while management
More informationApplication Processing Monitoring the processing of the application with the regulator, and liaising with the parties involved
Investment Funds The use of foreign companies for investment fund activities is a widely spread practice amongst international investors. Abacus offers a comprehensive solution for investment funds and
More informationU & D COAL LIMITED A.C.N. 165 894 806 BOARD CHARTER
U & D COAL LIMITED A.C.N. 165 894 806 BOARD CHARTER As at 31 March 2014 BOARD CHARTER Contents 1. Role of the Board... 4 2. Responsibilities of the Board... 4 2.1 Board responsibilities... 4 2.2 Executive
More informationContents of the ISO 9001:2008 Quality System Checklist
Contents of the ISO 9001:2008 Quality System Checklist Page Hyperlinks (click underlines) This SAMPLE document includes 4 clauses of the standard. You receive the Windows.doc file (with hyperlinks). You
More informationAn Oracle White Paper November 2011. Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime
An Oracle White Paper November 2011 Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime Disclaimer The following is intended to outline our general product direction.
More informationAGA Kansas City Chapter Data Analytics & Continuous Monitoring
AGA Kansas City Chapter Data Analytics & Continuous Monitoring Agenda Market Overview & Drivers for Change Key challenges that organizations face Data Analytics What is data analytics and how can it help
More informationRegulatory aspects of Finance and Leasing Companies
Regulatory aspects of Finance and Leasing Companies R.M.C.H.K. Jayasinghe Senior Assistant Director Department of Supervision of Non Bank Financial Institutions 1 Relevant Legislation Licensed Finance
More informationAugust 2012 Report No. 12-048
John Keel, CPA State Auditor An Audit Report on The Texas Windstorm Insurance Association Report No. 12-048 An Audit Report on The Texas Windstorm Insurance Association Overall Conclusion The Texas Windstorm
More informationApplication of King III Corporate Governance Principles
APPLICATION of KING III CORPORATE GOVERNANCE PRINCIPLES 2013 Application of Corporate Governance Principles This table is a useful reference to each of the principles and how, in broad terms, they have
More informationSCOPE OF WORK FOR PERFORMING INTERNAL CONTROL AND STATUTORY/REGULATORY COMPLIANCE AUDITS FOR RECIPIENTS OF SPECIAL MUNICIPAL AID
SCOPE OF WORK FOR PERFORMING INTERNAL CONTROL AND STATUTORY/REGULATORY COMPLIANCE AUDITS FOR RECIPIENTS OF SPECIAL MUNICIPAL AID State of New Jersey Department of Community Affairs Division of Local Government
More informationThe Business Value of e-invoicing
STERLING COMMERCE WHITE PAPER The Business Value of e-invoicing A new look at the challenges, trends and opportunities in the global marketplace Table of Contents 3 Executive summary 4 Situation overview
More informationISO 9001:2008 Audit Checklist
g GE Power & Water ISO 9001:2008 Audit Checklist Organization Auditor Date Page 1 Std. 4.1 General s a. Are processes identified b. Sequence & interaction of processes determined? c. Criteria for operation
More informationRISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide
RISK BASED AUDITING: A VALUE ADD PROPOSITION Participant Guide About This Course About This Course Adding Value for Risk-based Auditing Seminar Description In this seminar, we will focus on: The foundation
More informationAMTRUST FINANCIAL SERVICES, INC. AUDIT COMMITTEE CHARTER
Audit Committee Charter AMTRUST FINANCIAL SERVICES, INC. AUDIT COMMITTEE CHARTER Audit Committee Purpose The Audit Committee ( Committee ) is appointed by the Board of Directors of AmTrust Financial Services,
More informationSupervisory Board Bank Zachodni WBK REPORT ON THE SUPERVISORY BOARD ACTIVITY IN 2011. February 2012, Warsaw
Supervisory Board Bank Zachodni WBK REPORT ON THE SUPERVISORY BOARD ACTIVITY IN 2011 February 2012, Warsaw I. BOARD COMPOSITION & MANNER OF DISCHARGE DUTIES & RESPONSIBILITIES 1. As at 1 January 2011,
More informationRecords and Document Management
Records and Document Management Policy P3 Current: Updated November 2011 Table of Contents Purpose... 3 Scope... 3 Definitions... 3 Policy statement... 4 Responsibility... 4 Legislative context... 5 Associated
More informationInternal Audit and Advisory Services DRAFT
Internal Audit and Advisory Services DRAFT PAGE(S) Message from the Internal Audit and Advisory Services...1-2 Internal Audit and Advisory Services Plan...3-5 Objectives...6-7 Risk Assessment Process...8
More informationCHARTER PEOPLE S UNITED FINANCIAL, INC. AUDIT COMMITTEE
CHARTER PEOPLE S UNITED FINANCIAL, INC. AUDIT COMMITTEE Purpose and Authority: The Audit Committee (the Committee ) of People s United Financial, Inc. (together with its subsidiary People s United Bank
More informationS24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma
S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma Governance, Risk, Compliance (GRC) Automation Siamak Razmazma Siamak.razmazma@protiviti.com September 2009 Agenda Introduction to
More informationCOSO 2013 Internal Control Framework
COSO 2013 Internal Control A Guide to Implementation July 24, 2014 Justin Adamson Agenda COSO Background Changes to the Roadmap to Implementation Implementation Considerations & Lessons Learned 2 1 Who/What
More informationAudit, Risk Management and Compliance Committee Charter
Audit, Risk Management and Compliance Committee Charter Woolworths Limited Adopted by the Board on 27 August 2013 page 1 1 Introduction This Charter sets out the responsibilities, structure and composition
More informationAnnual Governance Statement 2013/14
31 Annual Governance Statement 2013/14 1. SCOPE OF RESPONSIBILITY ESPO is responsible for ensuring that its business is conducted in accordance with the law and proper standards, and that public money
More informationEnhancing Sustainability and Profitability for Utility Businesses through Effective & Efficient Supply Chain Management
Enhancing Sustainability and Profitability for Utility Businesses through Effective & Efficient Supply Chain Management Kevin Jacoby Chief Financial Officer City of Cape Town South Africa Overview Supply
More informationEnterprise Risk Management for Independent Schools. Denise K. Gutches President DKG Consulting, Inc.
Enterprise Risk Management for Independent Schools CAIS Trustee/ School Heads Conference Westin St. Francis January 25-26, 2014 Ronald C. Wanglin, CIC, CSRM Chairman of the Board Bolton & Company Denise
More informationApplication of King III Corporate Governance Principles
Application of Corporate Governance Principles Application of Corporate Governance Principles This table is a useful reference to each of the principles and how, in broad terms, they have been applied
More informationHow To Ensure Financial Compliance
Evolving from Financial Compliance to Next Generation GRC Gary Prince Principal Solution Specialist - GRC Agenda Business Challenges Oracle s Leadership in Governance, Risk and Compliance Solution Overview
More informationSecurity Control Standard
Security Standard The security and risk management baseline for the lottery sector worldwide Updated by the WLA Security and Risk Management Committee V1.0, November 2006 The WLA Security Standard is the
More informationGuide to Internal Control Over Financial Reporting
Guide to Internal Control Over Financial Reporting The Center for Audit Quality prepared this Guide to provide an overview for the general public of internal control over financial reporting ( ICFR ).
More informationHow To Become A Chartered Accountant
Massimo GATTO Chartered Accountant and Chartered Auditor Born in: Rome, 27 June 1963 Resident in: - 00144, Rome, ITALY Tel: +39 06 83510219 Fax: +39 06 81171286 Mobile: +39 338 2523037 email: massimogatto
More informationFINANCIAL MANAGEMENT POLICIES AND PROCEDURES
FINANCIAL MANAGEMENT POLICIES AND PROCEDURES SAMPLE 1. GENERAL PURPOSE The purpose of these policies is to establish guidelines for developing financial goals and objectives, making financial decisions,
More informationon Asset Management Management
2008 Guidelines for for Insurance Insurance Undertakings Undertakings on Asset on Asset Management Management 2 Contents Context...3 1. General...3 2. Introduction...3 3. Regulations and guidelines for
More informationApplying Integrated Risk Management Scenarios for Improving Enterprise Governance
Applying Integrated Risk Management Scenarios for Improving Enterprise Governance János Ivanyos Trusted Business Partners Ltd, Budapest, Hungary, ivanyos@trusted.hu Abstract: The term of scenario is used
More informationStandards for the Professional Practice of Internal Auditing
Standards for the Professional Practice of Internal Auditing THE INSTITUTE OF INTERNAL AUDITORS 247 Maitland Avenue Altamonte Springs, Florida 32701-4201 Copyright c 2001 by The Institute of Internal Auditors,
More informationRisk committee performance evaluation
Risk committee performance evaluation While there is currently not a legal or regulatory requirement for board risk committees to complete a performance evaluation, King III recommends regular performance
More informationInternal Audit Terms of Reference
Internal Audit Terms of Reference Introduction 1. The Internal Audit Terms of Reference (ToR) describes the framework within which the Internal Audit Service is delivered. It is intended to act as a guide
More informationIl Controllo Continuo nell'ambito della Digital Enterprise
Il Controllo Continuo nell'ambito della Digital Enterprise Vittorio Carosone Regional Sales Manager Software AG Milano, 23 Maggio 2013 2013 Software AG. All rights reserved. 1 POWERING The Software AG
More information