WHITE PAPER INTERNAL CONTROL WITH ADRA



Similar documents
Table of Contents: Chapter 2 Internal Control

COSO Internal Control Integrated Framework (2013)

Ethical Maturity Index: Questionnaire Authors: Elena Demidenko and Patrick McNutt

Summary of Internal Control-Integrated Framework by COSO:

Internal Controls. A short presentation from Your Internal Audit Department

Finance Effectiveness Efficiency

Audit of the Policy on Internal Control Implementation

ISACA PROFESSIONAL RESOURCES

Sarbanes-Oxley Control Transformation Through Automation

COSO Framework 2013 & SOX Compliance. Roxanne L. Halverson, CISM, CGEIT Atlanta ISACA Geek Week August 19, 2013

COSO s 2013 Internal Control Framework in Depth: Implementing the Enhanced Guidance for Internal Control over External Financial Reporting

ACCA P1 Internal Control. incorporated into Combined code, it was last revised in 2005 and still present as a standalone document.

Internal Control Questionnaire and Assessment

University Audit and Compliance. Internal Controls Enterprise-Wide Risk Assessment

A new approach in the assessment of the internal control systems applied in the public sector 1

CONTINUOUS CONTROLS MONITORING

DRAFT. Informing the audit risk assessment for Cheshire Fire Authority. Year ending 31 March 2013 xx April 2013

Internal Audit Framework

ADRA MATCH CLOUD-BASED SOFTWARE

COSO 2013 Internal Control Integrated Framework FRED J. PETERSON, PARTNER MOSS ADAMS LLP

How To Understand The Role Of An Internal Audit

Internal Controls over Financial Reporting. Integrating in Business Processes & Key Lessons learned

AUDITOR INDEPENDENCE, AUDIT COMMITTEE QUALITY AND INTERNAL CONTROL

Case Study of a Segregation of Duties Project

FINANCIAL ADMINISTRATION MANUAL

The Advanced Certificate in Performance Audit for International and Public Affairs Management. Workshop Overview

MEMORANDUM. Municipal Officials. From: Karen Horn, Director, Public Policy and Advocacy; and Abby Friedman, Director, Municipal Assistance Center

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide

Optimizing Automation of Internal Controls for GRC and General Business Process Compliance

Office of the Auditor General. Audit of Accounts Payable. Tabled at Audit Committee November 26, 2015

Fraud Prevention and Deterrence

COSO 2013 Internal Control Framework

A&CS Assurance Review. Accounting Policy Division Rule Making Participation in Standard Setting. Report

U.S. CFO Program The Four Faces of the CFO Deloitte Touche Tohmatsu

WHITEPAPER. Compliance: what it means for databases

Compliance Management, made easy

COMPANY LEVEL CONTROLS A PRACTICAL FRAMEWORK

RISK ASSESSMENT CHECKLIST

How To Ensure Financial Compliance

GLOBAL MOBILITY PROGRAM POLICY DESIGN AND IMPLEMENTATION

Using COBiT For Sarbanes Oxley. Japan November 18 th 2006 Gary A Bannister

Information Technology General Controls And Best Practices

Developing Effective Internal Controls Using the COSO Model

LexisOne. LexisOne. Powered by Microsoft Dynamics AX EnterpriseSolutions

Segregation of Duties

ASSET MANAGEMENT. a best practices checklist WHAT IS ASSET MANAGEMENT? HERE IS WHAT YOU WILL LEARN:

Lauren Sundararajan, CFE, Internal Audit Manager

Internal Controls and Risk Management Report

University of Edinburgh Risk Policy and Risk Appetite

Article: Control Systems and Controls Testing: General Review

AN AUDIT OF INTERNAL CONTROL OVER FINANCIAL REPORTING THAT IS INTEGRATED WITH AN AUDIT OF FINANCIAL STATEMENTS:

Service Organization Control (SOC) Reports Focus on SOC 2 Reporting Standard

Module 2 IS Assurance Services

BOARD SUSTAINABILITY POLICIES

Sarbanes-Oxley 404. Sarbanes-Oxley Background. SOX 404 Internal Controls. Goals of Sarbanes-Oxley

Internal Financial Controls

Information Security: Business Assurance Guidelines

NEC Managed Security Services

S24 - Governance, Risk, and Compliance (GRC) Automation Siamak Razmazma

The Role of Internal Audit in Risk Governance

EFPIA Principles for the Development of the EU Clinical Trials Portal and Database

Risk Management Policy

Setting Customer Expectations

Sarbanes-Oxley: Beyond. Using compliance requirements to boost business performance. An RIS White Paper Sponsored by:

Explanation where the company has partially applied or not applied King III principles

Starting a Commodity Pool

IIA POSITION PAPER: THE ROLE OF INTERNAL AUDITING IN ENTERPRISE-WIDE RISK MANAGEMENT

Does Fraud Matter? ASIS Middle East Security Conference and Exhibition Dubai, February 16, Torsten Wolf, CPP Head of Group Security Operations

MEMORANDUM INTERNAL CONTROL REQUIREMENTS FOR NON-PROFITS

TransAlta Corporation Energy Trading Compliance Program Assessment

Governance, Risk & Compliance Management. Julian Hunn, Operations Manager Professional Standards

Il nuovo standard ISO sulla Business Continuity Scenari ed opportunità

Final Audit Report. Audit of Data Integrity MCCS Feeder System Interfacing with SAP

INTRODUCTION INVESTMENT ISSUES AND CONSTRAINTS FOR PROFESSIONAL TRUSTEES THE BENEFITS OF INTEGRATED ADVICE HOW SCOTTISH WIDOWS CAN HELP

The list below gives references to where the points required by section 3-3b of the Norwegian Accounting Act may be found.

Enterprise Risk Management

How to survive an Audit

Section 7 Internal Control Framework

UNIVERSITY OF MANITOBA PROCEDURE

Audit, Risk Management and Compliance Committee Charter

Corporate Governor. New COSO Framework links IT and business process

Location of the job: CFO Revenue Assurance

Research & Development Guidance for Students

10 Hidden IT Risks That Might Threaten Your Law Firm

Governance, Risk & Compliance for Public Sector

Transcription:

WHITE PAPER INTERNAL CONTROL WITH ADRA

About this document The purpose of this document is to discuss Internal Control and how Adra products supports ERM (Enterprise Risk Management), Internal Control and the COSO framework at a high level. The objective is to inspire the reader to learn more about Internal Control and how modern software can support the process. INTERNAL CONTROL - DEFINITION Internal Control is broadly defined as a process, effected by an entity s board of directors, management, and other personnel, designed to provide reasonable assurance regarding the achievement of objectives relating to: > Effectiveness and efficiency of operations > Reliability of financial reporting > Compliance with applicable laws and regulations The most used Internal Control framework is the COSO. It addresses a methodology for internal control and guidelines on how to implement Internal Control. (COSO. (2013) Internal Control - Integrated framework) LEGISLATIONS Most companies implement Internal Control because they have to abide by legislations in their own country. Example of relevant laws: REGION LEGISLATION > US SOX - Section 404 > UK The UK Corporate Governance Code - Section 5 > Norway The Accounting Act (Regnskapsloven) 3-3b > Sweden Redovisningslagen Kap 6, 6 > Denmark Årsregnskabsloven 107 b) COSO REPORT - THE FRAMEWORK The Committee of Sponsoring Organizations of the Treadway Commission (COSO) an organization providing thought leadership and guidance on Internal Control, enterprise risk management (ERM) and fraud deterrence. COSO wrote a report in 1992 to describe a framework for Internal Control. It was updated in 2013. Adra Whitepaper - Internal Control 2

To master Internal Control you have to understand the purpose of the elements in the COSO model. The COSO framework addresses five essential components in internal control: > Control environment > Risk Assessment > Control Activities > Information & Communication > Monitoring Activities To be able to rely on Internal Control, all five components must be working. Control Environment Does the board, management and employees understand the risk in the company? The control environment establishes the attitude of an organization. A good control environment is created by management and focuses on integrity, ethical values and the direction supplied by the board of directors. The COSO Framework defines it as the base for all components of internal control. Risk Assessment It forms a basis for how the risks should be managed, identifying and analyzing relevant risks to achieve objectives. Control Activities Has the entity developed control activities to reduce the identified risk? Examples of Control Activities: > Segregation of duties Separating authorization, custody, and record keeping roles to prevent fraud or error by one person. > Authorization of transactions Review of particular transactions by an appropriate person. > Retention of records Maintaining documentation to substantiate transactions. > IT application controls Controls over information processing enforced by IT app lications, such as edit checks to validate data entry, accounting for transactions in numerical sequences, and comparing file totals with control accounts. Adra Whitepaper - Internal Control 3

Information & Communication Systems or processes that support the identification, capture, and exchange of information in a form and period that enable people to carry out their responsibilities. Monitoring A company goes through changes related to IT systems and organization all the time. This will affect the exposed risk. It is important to test the established internal controls and revaluated the risk in the company when changes appears. HOW ADRA PRODUCTS SUPPORT INTERNAL CONTROL Adra products has its strength in bringing the Internal Control out to the users. All Adra products support the COSO component, information and communication, as it provides the organization information of tasks, risk rating, purpose of financial accounts and status. This also gives the opportunity to establish a healthy control environment in the organization. TASK MANAGER functions as an organizer of all tasks in relation to financial reporting and gives the status of internal control. BALANCER works as an operational tool for handling risk related to the balance accounts and gives the users relevant information about procedures and guidelines. ACCOUNTS is a powerful transactions matching system that is an important control activity tool. Adra has a cross product initiative to enhance all products with increased support for Internal Control. Our objective is to provide our customers with solutions that both fulfil the needs for Operational Excellence and smooth Financial Close processes yet at the same time gives solid system support for Internal Control. TASK MANAGER TASK MANAGER is a tool for planning the activities related to Internal Controls. Example of these activities could be: > Conduct risk assessment (Risk assessment) > Test internal controls (Monitoring) > Conduct control activities (Control activities) > Preparing Internal Controls reports for external audit TASK MANAGER is the tool where you plan and delegate the Internal Control tasks to the organization through the year. Additional to this, TASK MANAGER will give you a real-time overview of the status of Internal Control. Adra Whitepaper - Internal Control 4

BALANCER In BALANCER, we help the user company to use their established Internal Control or to establish elements of internal controls. As BALANCER just addresses some of the operational components related to risk in the balance accounts of Internal Control, it s important to remember that all the five components has to be working. > Risk Rating BALANCER gives the opportunity to register the risk rating for a balance account based on the company s risk assessment. > Account Purpose This section is usually used to give information to the user what s the purpose of this account. It could be references to relevant laws or the background for the risk rating. > Reconciliation Procedure A procedure description of how the company will mitigate the addressed risk rating. This is the documentation of the control activity related to the account. This could be a description of how the reconciliation is done with ACCOUNTS or other reconciliation software. > Account Roles BALANCER gives the opportunity to implement Segregation of duties related to the financial reporting process. > Activity Log Detailed logs provide the Audit trail of who did what at what time. ACCOUNTS ACCOUNTS is a transaction matching software, which is used for matching transactions in a various number of variants. In relation to Internal Control and COSO, ACCOUNTS will be a handy software to establish Control Activities. Examples for this could be: > Bank reconciliation > Credit card reconciliation > Other risk reducing reconciliations CONCLUSION Both increased legislation and increased shareholder focus on Internal Control has put it high on the agenda within more and more organizations. Finance professionals, auditors and staff are looking at ways to implement COSO frameworks and internal controls throughout their organizations. Modern software can play a key role in both implementing and enforcing good routines and processes and we at Adra provides solid support for Internal Control across all products. Adra Whitepaper - Internal Control 5

Brands that trust us: ABOUT ADRA Adra develops and markets software for the Financial Close Process. With over 25 years experience of providing software for the automation of the Month End Close Process, Adra is a market leader with 3000 customers. Our software for the Financial Close helps accounting and finance teams to work smarter and quicker, with better control and accuracy. The solutions streamline and standardise accounts departments and give them an overview of the company s balancing process at all times. Adra has an origin in Scandinavia just like many other financial software companies like Axapta, Navision, IBS, IFS, Jeeves and Visma and today we serve customers in more than 30 countries around the world. Among our customers are Hertz, GE Capital, KPMG, Toyota, IKEA and BMW. Learn more and contact us: Visit our website: www.adra.com Send an email to: info@adra.com Sources: The Committee of Sponsoring Organizations of the Treadway Commission. (2013). Internal Control - Integrated Framework. Available: http://www.coso.org/documents/internal%20control-integrated%20framework.pdf. Last accessed 13th October 2015. Adra Whitepaper - Internal Control - May 2015 - version 1.0

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information