SlideShare uma empresa Scribd logo

Effective Internal Controls (Annotated) by @EricPesik

Eric Pesik
Eric Pesik

Instilling good governance and ensuring full compliance with an effective internal control program. Presented at Corruption and Compliance South & South East Asia Summit, September 2012, Hilton Hotel, Singapore.

NegóciosTecnologia
1 de 198
Baixar para ler offline
effective internal controls
Presented by Eric Roring Pesik at Corruption and Compliance South & South East Asia Summit September 2012 Hilton Hotel, Singapore
“These slides cannot replace the full live presentation, so I have added quotes and narration from my live presentation to supplement the visuals.”
effective internal controls
“I am here to talk about instilling good governance and ensuring full compliance with an effective internal controls program.”
“There are two main topics: First, what are internal controls? And second, how do you ensure they are effective?”
internal controls
finance & accounting procedures
“When we envision internal controls in modern organizations, the typical things one thinks about are finance and accounting procedures, such as revenue recognition rules, balance sheets, and cash flow statements.” finance & accounting procedures
corporate IT systems
“Or you might also think about your corporate IT systems , such as ORACLE, SAP, and the databases and programs that keep track corporate transactions.” corporate IT systems
company policies & procedures
“Or you might think about general company policies & procedures, such as the rules we all follow to get our expense reports approved.” company policies & procedures
humanize internal controls
“These are typical examples of internal controls. But they can be as obscure or esoteric. Internal controls should make sense to the people that have to comply with them.” humanize internal controls
simplify internal controls
“Instead of the typical corporate internal controls, I offer you a simple internal control...”
restaurant guest check
“Everyone has seen a restaurant guest check. You knows what it is and how it works. But how many people this of this as an internal control?” restaurant guest check
restaurant procedures
“We recognize restaurant procedures, and we participate without question or thought.” restaurant procedures
take your order
“When the waitress takes your order, the first internal control comes into play when you tell the waitress what you want. She writes it down. This simple data entry drives restaurant operations.” take your order
“The waitress repeats your order as additional an control to verify the data, and correct it if it is incorrect.” take your order
prepare your order
“The segregation of duties is another internal control because the kitchen must translate the written data into an allowed order on the menu.” prepare your order
“The kitchen uses the order to manage production , preparing the meal as described in the guest check, and pulling raw materials from inventory.” prepare your order
“The segregation of duties is also a fraud prevention control. The kitchen operates to the written order, preventing the waitress from recording an inexpensive item but delivering an expensive item.” prepare your order
serve your order
“When your order is ready the waitress uses the order to verify customer requirements against kitchen production output. serve your order
“There is a final verification when your meal arrives. If you dispute the order, the wait staff can compare your dispute against the written order.” serve your order
pay for your order
“After you eat, you must pay. The cashier reviews the guest check to calculate sales price and record the sales revenue from your meal.” pay for your order
receipt for order
“The restaurant keeps the order for records retention. The manager can audit these records to monitor the business operations.” receipt for order
“Total sales as shown in the guest checks should match the revenue in the cash register.” receipt for order
“Production orders as shown in the guest checks should match the changes in inventory.” receipt for order
“The guest check allows top level review of restaurant operations. If there are discrepancies, management can investigate.” receipt for order
restaurant guest check
“It doesn’t feel like an internal control. It’s not bureaucratic. It helps restaurant employees do their job more effectively, so they use it effectively.” restaurant guest check
human scale controls
“The restaurant guest check is a human scale control. It is easy to understand and requires no special skill or technical knowledge.”
1. simple 2. effective 3. efficient
“It is simple because it only requires a small piece of paper passed from user to user without special tools or equipment.”
“It is effective because one item drives nearly every aspect of the business: sales, customer services, operations, production, inventory, revenue, accounting, planning, management oversight...”
“It is an efficient control because it does not interfere with how each employee does his or her job. This internal control helps employee their job more efficiently.”
organic controls
“This internal control was developed organically. It wasn’t implemented by legal or finance or compliance. It was developed over time by the users themselves to make their job easier.”
“There are probably similar internal controls in your company developed by the users themselves.”
internal control integrated framework
“Let’s look at the opposite end of the spectrum. The Internal Control - Integrated Framework was commissioned the Committee of Sponsoring Organizations of the Treadway Commission.”
“This is a formal framework for internal control systems that is employed by a majority of multinational companies.”
“There are four key concepts in the Internal Controls - Integrated Framework.”
internal control is a process
“Internal control is a means to an end, not an end in itself.” internal control is a process
affected by people
“Internal controls are not just things, they are people at every level of an organization. Internal controls rely on people for their effectiveness and are affected by the inherent faults of people.” affected by people
reasonable assurance
“Internal controls cannot provide absolute assurances. There are no fool-proof internal controls.” reasonable assurance
achieve objectives
“Internal control should be directed at achieving company objectives. An internal control that is not tied to a corporate objective is not an effective internal control.” achieve objectives
1. process 2. people 3. assurances 4. objectives
“Internal controls are processes effected by people that provide reasonable assurances that you are meeting or achieving your corporate objectives.”
integrated framework
human framework
human laziness
“Internal controls protect against the human desire to skip steps and take shortcuts.” human laziness
human carelessness
“Internal controls need to protect against mistakes and human carelessness.” human carelessness
human dishonesty
“Human controls need to protect against human dishonesty.” human dishonesty
1. laziness 2. carelessness 3. dishonesty
human framework
“Internal controls protect against the inherent risk of having humans participate in your business.”
internal controls methods
“The integrated framework describes methods we put in place to protect against the human framework.”
segregation of duties
“Separating authorization, custody, and record keeping roles helps prevent fraud or error by one person.” segregation of duties
retention of records
“Maintaining documentation allows us to document and substantiate transactions.” retention of records
supervision or monitoring
“Supervision or monitoring allows us to observe and review ongoing operational activity.” supervision or monitoring
information processing
“Information processing allows us to verify data entry, comparing file totals with control accounts, and control access to data, files, and programs.” information processing
authorization of transactions
“Authorization of transactions ensure that transactions are reviewed and approved by an appropriate person.” authorization of transactions
top-level reviews
“Top level reviews allow reporting and analysis of actual results versus organizational goals and key performance indicators.” top-level reviews
electronic security
“Electronic security provides passwords and access logs to protect data and programs from unauthorized access.” electronic security
physical security
“Physical security provides cameras, locks, and physical barriers to protect cash, property, and inventory.” physical security
1. segregation of duties 2. retention of records 3. super vision or monitoring 4. information processing 5. authorization of transactions 6. top-level reviews 7. electronic security 8. physical security
internal controls methods
“The eight categories of internal control methods are overlapping and nonexclusive.”
“How to you make them effective?”
effective internal controls
risk focused
“Internal controls must be risk focused. They must be tailored to actual risks your company faces.”
risk assessment
“To implement risk-focused internal controls, you have to do a formal risk assessment. This is something everyone talks about, but rarely does.” risk assessment
“Everyone has seen a typical risk matrix. It is a tool to compare two dimensions of data, the probability of risk and the magnitude of harm, to help you measure threats.”
High Magnitude High Magnitude Low Probability High Probability Magnitude of Loss Low Magnitude Low Magnitude Low Probability High Probability Probability of Risk risk matrix
“How many people have actually plotted out risks their company faces? This should not be merely a thought experiment, but a formal risk assessment.”
who determines risk?
“Most companies’ risk profiles are determined by the personal opinions of a small number of individuals.” who determines risk?
risk experts
“Lawyers, accountants, risk officers, experienced business professionals are all risk experts. Their job is to understand the risks our companies face based on their professional experience, training, and individual expertise.” risk experts
subjective opinions
“But individual opinions are too subjective, especially when risk assessments are made by limited individuals insulated from day-to-day operations.” subjective opinions
objective data
“Relying on risk experts is not enough. To develop effective internal controls, you need to supplement subjective individual opinions with objective risk data.” objective data
“Without objective risk data, you do cannot have a risk-focused program. And you cannot demonstrate to regulatory authorities that you have appropriate controls in place.” objective data
sources of data
“The data in this presentation is derived from reports from the Association of Certified Fraud Examiners. This presentation was delivered in Asia, and uses Asia data. But global data is similar.”
categories of risk
“Probability is the frequency of fraud in each category. The percentages exceed 100% because any event may involve more than one risk category.”
Corruption 51% Billing 19% Non-Cash 19% Expense Account 14% Skimming 13% Cash on Hand 11% Cash Larceny 9% Check Tampering 7% Financial Statement 7% Payroll 4% Cash Register 2% probability of the risk
“Corruption is the most frequent risk, occurring in more than half of all events.”
“The magnitude of loss is the median loss for each event, in thousands of US dollars.”
Financial Statement $1,730 Corruption $175 Check Tampering $131 Billing $128 Cash Larceny $100 Non-Cash $90 Payroll $72 Skimming $60 Expense Account $33 Cash on Hand $23 Cash Register $23 magnitude of the loss
“Financial statement fraud is infrequent, but it is the most costly form of fraud when it occurs.”
“The adjusted risk profile combines the probability and magnitude together and then scales the result from 1-10, lowest to the highest.”
Financial Statement 10.0 Corruption 7.4 Billing 2.0 Non-Cash 1.3 Check Tampering 0.7 Cash Larceny 0.7 Skimming 0.6 Expense Account 0.4 Payroll 0.2 Cash on Hand 0.2 Cash Register 0.0 adjusted risk profile
“Financial statement risk and corruption risks are both high risk because of the high occurrence and high cost. Corruption is a current hot topic, but the data shows financial statement fraud is a greater risk.”
perpetrators of risk
Sales 21.0% Operations 15.4% Accounting 15.1% Exec/Upper Mgmt 14.0% Purchasing 10.7% Warehousing/Inventory 4.0% Finance 4.0% Customer Service 3.3% Marketing/Pub Relations 2.9% Board of Directors 2.9% Mfg and Production 2.2% Human Resources 2.2% Information Technology 1.5% Internal Audit 0.4% Research and Dev 0.4% Legal 0.0% probability of the risk
“The sales department is the most frequent source of risk, probably because corruption is the most frequent category of risk. But the top 5 overall departments are similar, all with double digits risks.”
Exec/Upper Mgmt $829 Board of Directors $800 Legal $566 Purchasing $500 Finance $450 Marketing/Pub Relations $248 Warehousing/Inventory $239 Human Resources $200 Accounting $180 Mfg and Production $150 Operations $105 Research and Dev $100 Sales $95 Information Technology $71 Customer Service $46 Internal Audit $13 magnitude of the loss
“Upper management and the board of directors are the source of the greatest median loss per event, probably because financial statement fraud is the most costly form of fraud.”
Exec/Upper Mgmt 10.0 Accounting 3.5 Purchasing 2.8 Operations 1.7 Finance 1.7 Sales 1.1 Warehousing/Inventory 1.0 Board of Directors 1.0 Marketing/Pub Relations 0.4 Customer Service 0.3 Legal 0.2 Human Resources 0.2 Mfg and Production 0.2 Information Technology 0.2 Research and Dev 0.0 Internal Audit 0.0 adjusted risk profile
“The adjusted risk profile shows upper and executive management is the source of greatest source of risk to the company.”
external data
“External data is not enough. It helps you benchmark your risk analysis, but the key to developing risk-focused controls is collecting your own internal data.”
internal data
company constituents
“When you need unfiltered data about your company, you cannot rely on risk experts, because they don’t know what is happening with manager-level and line-level employees.” company constituents
“You need to discover open secrets that everyone knows on the shop floor but that never reach management.” company constituents
human laziness
“Employees know who is lazy in their organization. They might not turn in their co-workers, but they will tell you the steps people skip.” human laziness
human carelessness
“Employees know who is careless in their organization. They might not turn in their co-workers, but they will tell you the mistakes people make.” human carelessness
human dishonesty
“Employees know who is dishonest in their organization. They might not turn in their co-workers, but they will tell you how people steal from the company.” human dishonesty
risk experts
ordinary employees
“Ordinary employees are the real risk experts in your company.” ordinary employees
formal risk assessment
“A formal risk assessment is time consuming. It requires putting all your constituents in a room having each of them teach you about the risks they see every day.” formal risk assessment
risk inventory
“Your risk assessment will produce a risk inventory - a list of every risk your employees identify.” risk inventory
“Analyze the probability and magnitude of each item in your risk inventory to develop your company’s risk matrix.” risk inventory
probability of occurrence
magnitude of loss
risk matrix
“Once you develop your company’s matrix, you must select appropriate internal control methods to mitigate the risks.”
internal controls methods
1. segregation of duties 2. retention of records 3. super vision or monitoring 4. information processing 5. authorization of transactions 6. top-level reviews 7. electronic security 8. physical security
“But your work is not done. You also have to assess the effectiveness of your proposed controls.”
effectiveness of controls
cost of mitigating or avoiding
“Every internal control has a price. It may be the financial cost to implement, or the loss of operational efficiencies due to burdensome process steps or procedures.” cost of mitigating or avoiding
“Do not allow the cost of mitigation to exceed the value of the risk. You need to know the effectiveness of each internal control.” cost of mitigating or avoiding
follow the money
“Effectiveness is measured by the reduction in median losses of organizations with an internal control versus organizations without the same internal control.”
Hotline 59.2% Employee Support Programs 59.0% Surprise Audits 51.5% Fraud Training for Managers/Execs 50.0% Fraud Training for Employees 50.0% Job Rotation/Mandatory Vacation 46.8% Code of Conduct 46.6% Management Review 40.0% Anti-Fraud Policy 40.0% External Audit of ICOFR 34.9% Internal Audit Department 30.6% Independent Audit Committee 30.0% External Audit of F/S 25.0% Management Certification of F/S 25.0% Rewards for Whistleblowers 23.2% effective loss reduction
“Hotlines were the most effective, but the top 5 internal controls yielded 50% or greater median loss reduction.”
Hotline $100 $245 Employee Support Programs $100 $244 Surprise Audits $97 $200 Fraud Training for Managers/Execs $100 $200 Fraud Training for Employees $100 $200 Job Rotation/Mandatory Vacation $100 $188 Code of Conduct $140 $262 Management Review $120 $200 Anti-Fraud Policy $120 $200 External Audit of ICOFR $140 $215 Internal Audit Department $145 $209 Independent Audit Committee $140 $200 External Audit of F/S $150 $200 Management Certification of F/S $150 $200 Rewards for Whistleblowers $119 $155 benefit of loss reduction
“Companies without hotlines suffered median losses of $245k per event. Companies with hotlines suffered only $100k median losses per event.”
“Since hotlines have the greatest effective loss reduction, let’s do a quick case study to examine hotlines further and compare them with other sources of risk detection.”
risk detection
Tip 42.3% Internal Audit 14.3% Management Review 11.3% By Accident 8.9% External Audit 5.8% Account Reconciliation 5.5% Document Examination 4.4% Surveillance/Monitoring 2.7% Confession 2.4% Notified by Police 1.7% IT Controls 0.7% detection method
“Tips are the source of 42.3% of risk detection. They are the greatest detection source.”
Employee 49.2% Customer 17.8% Anonymous 13.4% Vendor 12.1% Shareholder/ 3.7% Owner Competitor 2.5% Perpetrator's 1.8% Acquaintance source of tips
“Employees are the greatest source of tips. But about half of all tips come from sources other than employees.”
With Hotline 47.1% Tips Overall 42.3% No Hotline 33.8% companies with hotlines
With Hotline 47.1% Tips Overall 42.3% No Hotline 33.8% 13.3% companies without hotlines
“Companies with hotlines receive 13% more tips than companies without.”
importance of hotlines
“Hotlines are the most effective internal control, reducing median losses by almost 60%. Tips are the number one source for detecting risk, resulting in 13% more tips.” “Why is this important?” importance of hotlines
whistleblower bounties
“Regulators are paying whistleblower bounties to get tips. If you don’t have a hotline, you are telling 13% of people with tips to take them somewhere else.” whistleblower bounties
“They will follow the money.” whistleblower bounties
follow the money
“Follow the money, follow the risk.”
recap
effective internal controls
1. simple 2. effective 3. efficient
1. process 2. people 3. assurances 4. objectives
1. laziness 2. carelessness 3. dishonesty
1. segregation of duties 2. retention of records 3. super vision or monitoring 4. information processing 5. authorization of transactions 6. top-level reviews 7. electronic security 8. physical security
risk focused
objective data
follow the money
“Follow the money, follow the risk.”
questions?
get more from http://www.slideshare.net/ericpesik/
License and Credits This presentation, excluding the images, is provided under creative commons attribution license. http://creativecommons.org/licenses/by/3.0/ You are free to share, copy, distribute, and transmit this work; to remix, adapt this work; and to make commercial use of the work; under the condition that you attribute this work to me by including the following attribution “Effective Internal Controls by Eric Pesik. Used with permission,” and URL Link: http://www.slideshare.net/ericpesik/ Microsoft Office Online: Except as noted below, all images in this presentation are from Microsoft Office Online. Used with permission from Microsoft: http://office.microsoft.com/en-us/images/ Flickr Creative Commons: The following images are from flickr creative commons and are licensed and used under creative commons attribution license: http://creativecommons.org/licenses/by/2.0/deed.en Art Coffee House Waitress by Wonderlane http://www.flickr.com/photos/wonderlane/293137892/ Waitress by Adikos http://www.flickr.com/photos/adikos/4319818916/ Rutherford Grill by Neeta Lind http://www.flickr.com/photos/neeta_lind/2517034517/ Serving Food by Adrian Nier http://www.flickr.com/photos/adriannier/4004167201/ Donut Shop Owner by Robert Couse-Baker http://www.flickr.com/photos/29233640@N07/7104455917/ Two chorizo burritos with cheese and sour cream by Rick http://www.flickr.com/photos/spine/1994814081/ Waiter by Hans Van Den Berg http://www.flickr.com/photos/myimage/4353456304/ Blue Telephone by UggBoy♥UggGirl http://www.flickr.com/photos/uggboy/5345135964/ Association of Certified Fraud Examiners: All data is from the Association of Certified Fraud Examiners, Report to the Nations on Occupational Fraud and Abuse, 2010 Global Fraud Study based on 1,843 cases of occupational fraud that were reported by the Certified Fraud Examiners who investigated them. http://www.acfe.com Committee on Sponsoring Organizations of the Treadway Commission: The Internal Control — Integrated Framework was commissioned by the Committee on Sponsoring Organizations of the Treadway Commission. It establishes a common definition of internal control that services the needs of different parties for assessing and improving their control systems. http://www.coso.org

Recomendados

Chapter 3
Chapter 3Chapter 3
Chapter 3EasyStudy3
 
Internal audit
Internal auditInternal audit
Internal auditShoab Malek (Certified Quality Auditor)
 
Internal audit report writing
Internal audit report writingInternal audit report writing
Internal audit report writingNeha Kothari
 
Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Pritesh Hirapara
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditingFrederick Altum Pokoo-Aikins
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
Risk Based Audit Approach
Risk Based Audit ApproachRisk Based Audit Approach
Risk Based Audit ApproachSALIH AHMED ISLAM
 

Recomendados

Chapter 3
Chapter 3Chapter 3
Chapter 3EasyStudy3
 
Internal audit
Internal auditInternal audit
Internal auditShoab Malek (Certified Quality Auditor)
 
Internal audit report writing
Internal audit report writingInternal audit report writing
Internal audit report writingNeha Kothari
 
Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Steps for setting up Internal Audit Function / Department in Small / Medium S...
Steps for setting up Internal Audit Function / Department in Small / Medium S...Pritesh Hirapara
 
Risk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesRisk Based Internal Audit and Sampling Techniques
Risk Based Internal Audit and Sampling TechniquesManoj Agarwal
 
Risk based internal auditing
Risk based internal auditing Risk based internal auditing
Risk based internal auditingFrederick Altum Pokoo-Aikins
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
Risk Based Audit Approach
Risk Based Audit ApproachRisk Based Audit Approach
Risk Based Audit ApproachSALIH AHMED ISLAM
 
Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateIRM India Affiliate
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditingDavid Griffiths
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self AssessmentManoj Agarwal
 
Internal controls
Internal controlsInternal controls
Internal controlsGeetali Tare
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditManoj Agarwal
 
Approach note on internal audit [compatibility mode]
Approach note on internal audit [compatibility mode]Approach note on internal audit [compatibility mode]
Approach note on internal audit [compatibility mode]Deep Kumar Mendiratta
 
Audit planning
Audit planningAudit planning
Audit planningRichard Clarke Academy
 
Preventive Maintenance Maturity Matrix 2013 version
Preventive Maintenance Maturity Matrix 2013 versionPreventive Maintenance Maturity Matrix 2013 version
Preventive Maintenance Maturity Matrix 2013 versionRicky Smith CMRP, CMRT
 
Internal control
Internal controlInternal control
Internal controliPleaders - Re-engineering Legal education, New Delhi
 
Internal audit manual template
Internal audit manual templateInternal audit manual template
Internal audit manual templateCenapSerdarolu
 
Internal audit report writing.pdf
Internal audit report writing.pdfInternal audit report writing.pdf
Internal audit report writing.pdfkavyashree k
 
IT Revision and Auditing
IT Revision and AuditingIT Revision and Auditing
IT Revision and AuditingAmith Reddy
 
Control self assessment (csa)
Control self assessment (csa)Control self assessment (csa)
Control self assessment (csa)Idear S. Wanichkul
 
Risk and Business Continuity Management
Risk and Business Continuity Management Risk and Business Continuity Management
Risk and Business Continuity Management Continuity and Resilience
 
Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Nidhi Gupta
 
8. internal control new
8. internal control new8. internal control new
8. internal control newSyed Osama Rizvi
 
Audit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, AuditingAudit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, AuditingAdvance Business Consulting
 
Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Sreekanth Narendran
 
Internal Audit Reporting
Internal Audit ReportingInternal Audit Reporting
Internal Audit ReportingSALIH AHMED ISLAM
 
Operational risk & incident reporting
Operational risk & incident reportingOperational risk & incident reporting
Operational risk & incident reportingShivaLeela Choudary
 
Restaurant
RestaurantRestaurant
RestaurantJo Nation
 
American National Standards Institute Presentation
American National Standards Institute PresentationAmerican National Standards Institute Presentation
American National Standards Institute PresentationNational Restaurant Association
 

Mais conteúdo relacionado

Mais procurados

Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateIRM India Affiliate
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditingDavid Griffiths
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self AssessmentManoj Agarwal
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditManoj Agarwal
 
Approach note on internal audit [compatibility mode]
Approach note on internal audit [compatibility mode]Approach note on internal audit [compatibility mode]
Approach note on internal audit [compatibility mode]Deep Kumar Mendiratta
 
Preventive Maintenance Maturity Matrix 2013 version
Preventive Maintenance Maturity Matrix 2013 versionPreventive Maintenance Maturity Matrix 2013 version
Preventive Maintenance Maturity Matrix 2013 versionRicky Smith CMRP, CMRT
 
Internal audit manual template
Internal audit manual templateInternal audit manual template
Internal audit manual templateCenapSerdarolu
 
Internal audit report writing.pdf
Internal audit report writing.pdfInternal audit report writing.pdf
Internal audit report writing.pdfkavyashree k
 
IT Revision and Auditing
IT Revision and AuditingIT Revision and Auditing
IT Revision and AuditingAmith Reddy
 
Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Nidhi Gupta
 
Audit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, AuditingAudit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, AuditingAdvance Business Consulting
 
Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Sreekanth Narendran
 
Operational risk & incident reporting
Operational risk & incident reportingOperational risk & incident reporting
Operational risk & incident reportingShivaLeela Choudary
 

Mais procurados (20)

Risk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India AffiliateRisk and Control Self Assessment - IRM India Affiliate
Risk and Control Self Assessment - IRM India Affiliate
 
Introduction to internal auditing
Introduction to internal auditingIntroduction to internal auditing
Introduction to internal auditing
 
Internal control and Control Self Assessment
Internal control and Control Self AssessmentInternal control and Control Self Assessment
Internal control and Control Self Assessment
 
Internal controls
Internal controlsInternal controls
Internal controls
 
Practical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal AuditPractical approach to Risk Based Internal Audit
Practical approach to Risk Based Internal Audit
 
Approach note on internal audit [compatibility mode]
Approach note on internal audit [compatibility mode]Approach note on internal audit [compatibility mode]
Approach note on internal audit [compatibility mode]
 
Audit planning
Audit planningAudit planning
Audit planning
 
Preventive Maintenance Maturity Matrix 2013 version
Preventive Maintenance Maturity Matrix 2013 versionPreventive Maintenance Maturity Matrix 2013 version
Preventive Maintenance Maturity Matrix 2013 version
 
Internal control
Internal controlInternal control
Internal control
 
Internal audit manual template
Internal audit manual templateInternal audit manual template
Internal audit manual template
 
Internal audit report writing.pdf
Internal audit report writing.pdfInternal audit report writing.pdf
Internal audit report writing.pdf
 
IT Revision and Auditing
IT Revision and AuditingIT Revision and Auditing
IT Revision and Auditing
 
Control self assessment (csa)
Control self assessment (csa)Control self assessment (csa)
Control self assessment (csa)
 
Risk and Business Continuity Management
Risk and Business Continuity Management Risk and Business Continuity Management
Risk and Business Continuity Management
 
Proposal risk based internal audit 2013
Proposal risk based internal audit 2013Proposal risk based internal audit 2013
Proposal risk based internal audit 2013
 
8. internal control new
8. internal control new8. internal control new
8. internal control new
 
Audit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, AuditingAudit Process, Audit Procedures, Audit Planning, Auditing
Audit Process, Audit Procedures, Audit Planning, Auditing
 
Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1Information Systems Audit - Ron Weber chapter 1
Information Systems Audit - Ron Weber chapter 1
 
Internal Audit Reporting
Internal Audit ReportingInternal Audit Reporting
Internal Audit Reporting
 
Operational risk & incident reporting
Operational risk & incident reportingOperational risk & incident reporting
Operational risk & incident reporting
 

Destaque

Manual restaurant
Manual restaurantManual restaurant
Manual restaurantcharfine
 
Fundamental of nursing procedure mannual
Fundamental of nursing procedure mannualFundamental of nursing procedure mannual
Fundamental of nursing procedure mannualNursing Path
 
The restaurant from concept to operation 6th - walker
The restaurant from concept to operation 6th - walkerThe restaurant from concept to operation 6th - walker
The restaurant from concept to operation 6th - walkerLesterrs
 

Destaque (8)

Restaurant
RestaurantRestaurant
Restaurant
 
American National Standards Institute Presentation
American National Standards Institute PresentationAmerican National Standards Institute Presentation
American National Standards Institute Presentation
 
Food and Beverage Management - Unit 1
Food and Beverage Management - Unit 1Food and Beverage Management - Unit 1
Food and Beverage Management - Unit 1
 
Powerful Restaurant Forms
Powerful Restaurant FormsPowerful Restaurant Forms
Powerful Restaurant Forms
 
Food and beverage standard procedures
Food and beverage standard proceduresFood and beverage standard procedures
Food and beverage standard procedures
 
Manual restaurant
Manual restaurantManual restaurant
Manual restaurant
 
Fundamental of nursing procedure mannual
Fundamental of nursing procedure mannualFundamental of nursing procedure mannual
Fundamental of nursing procedure mannual
 
The restaurant from concept to operation 6th - walker
The restaurant from concept to operation 6th - walkerThe restaurant from concept to operation 6th - walker
The restaurant from concept to operation 6th - walker
 

Semelhante a Effective Internal Controls (Annotated) by @EricPesik

Managerial control
Managerial controlManagerial control
Managerial controlParul Tandan
 
Assessing risks and internal controls training
Assessing risks and internal controls trainingAssessing risks and internal controls training
Assessing risks and internal controls trainingshifataraislam
 
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.pptDECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt1111964
 
Internal controls in auditing
Internal controls in auditingInternal controls in auditing
Internal controls in auditingHardik Shah
 
Literature review
Literature review Literature review
Literature review daviddela2
 
Internal control system
Internal control systemInternal control system
Internal control systemHina Varshney
 
Unit 3 internal control
Unit 3 internal controlUnit 3 internal control
Unit 3 internal controlRadhika Gohel
 
Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)Hisyam
 
SAS 104-111 for Nonprofit Execs
SAS 104-111 for Nonprofit ExecsSAS 104-111 for Nonprofit Execs
SAS 104-111 for Nonprofit Execshimetro
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and auditAstri Stiawaty
 
Internal Control Internal Checking Internal Auditing - Auditing By LATiFHRW
Internal Control Internal Checking Internal Auditing - Auditing By LATiFHRWInternal Control Internal Checking Internal Auditing - Auditing By LATiFHRW
Internal Control Internal Checking Internal Auditing - Auditing By LATiFHRWLatif Hyder Wadho
 
Sarbanes oxley internal controls
Sarbanes oxley internal controlsSarbanes oxley internal controls
Sarbanes oxley internal controlsIllumeo
 
Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Mohammad Wahid Abdullah Khan
 
Internal controls
Internal controlsInternal controls
Internal controlsappan_k
 
topic 3 internal controls..audit.pptx
topic 3 internal controls..audit.pptxtopic 3 internal controls..audit.pptx
topic 3 internal controls..audit.pptxvailethmwaisanila
 
FIN-Internal_Controls_Primer_Presentation.ppt
FIN-Internal_Controls_Primer_Presentation.pptFIN-Internal_Controls_Primer_Presentation.ppt
FIN-Internal_Controls_Primer_Presentation.pptbm6tkbry4q
 
Finance Internal_Controls presentation ppt
Finance Internal_Controls presentation pptFinance Internal_Controls presentation ppt
Finance Internal_Controls presentation pptbm6tkbry4q
 

Semelhante a Effective Internal Controls (Annotated) by @EricPesik (20)

Managerial control
Managerial controlManagerial control
Managerial control
 
Assessing risks and internal controls training
Assessing risks and internal controls trainingAssessing risks and internal controls training
Assessing risks and internal controls training
 
COSO 2013 and The Auditor
COSO 2013 and The AuditorCOSO 2013 and The Auditor
COSO 2013 and The Auditor
 
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.pptDECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt
DECEMBER INTERNAL CONTROL FOR EFFICIENT AND EFFECTIVE SERVICE DELIVERY-1.ppt
 
Internal controls in auditing
Internal controls in auditingInternal controls in auditing
Internal controls in auditing
 
Literature review
Literature review Literature review
Literature review
 
Internal control system
Internal control systemInternal control system
Internal control system
 
Unit 3 internal control
Unit 3 internal controlUnit 3 internal control
Unit 3 internal control
 
Internal check audit (ppt)
Internal check audit (ppt)Internal check audit (ppt)
Internal check audit (ppt)
 
Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)Brief overview on Internal control (Audit)
Brief overview on Internal control (Audit)
 
SAS 104-111 for Nonprofit Execs
SAS 104-111 for Nonprofit ExecsSAS 104-111 for Nonprofit Execs
SAS 104-111 for Nonprofit Execs
 
Information system control and audit
Information system control and auditInformation system control and audit
Information system control and audit
 
Internal Control Internal Checking Internal Auditing - Auditing By LATiFHRW
Internal Control Internal Checking Internal Auditing - Auditing By LATiFHRWInternal Control Internal Checking Internal Auditing - Auditing By LATiFHRW
Internal Control Internal Checking Internal Auditing - Auditing By LATiFHRW
 
Sarbanes oxley internal controls
Sarbanes oxley internal controlsSarbanes oxley internal controls
Sarbanes oxley internal controls
 
Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)Internal auditing for “one & all” (second edition)
Internal auditing for “one & all” (second edition)
 
Internal controls
Internal controlsInternal controls
Internal controls
 
Case ware monitor product profile
Case ware monitor product profileCase ware monitor product profile
Case ware monitor product profile
 
topic 3 internal controls..audit.pptx
topic 3 internal controls..audit.pptxtopic 3 internal controls..audit.pptx
topic 3 internal controls..audit.pptx
 
FIN-Internal_Controls_Primer_Presentation.ppt
FIN-Internal_Controls_Primer_Presentation.pptFIN-Internal_Controls_Primer_Presentation.ppt
FIN-Internal_Controls_Primer_Presentation.ppt
 
Finance Internal_Controls presentation ppt
Finance Internal_Controls presentation pptFinance Internal_Controls presentation ppt
Finance Internal_Controls presentation ppt
 

Mais de Eric Pesik

Reviewing Contract Key Terms and Conditions
Reviewing Contract Key Terms and ConditionsReviewing Contract Key Terms and Conditions
Reviewing Contract Key Terms and ConditionsEric Pesik
 
Why fonts matter in 2 slides by @EricPesik
Why fonts matter in 2 slides by @EricPesikWhy fonts matter in 2 slides by @EricPesik
Why fonts matter in 2 slides by @EricPesikEric Pesik
 
The Truth about Tone from the Top by @EricPesik
The Truth about Tone from the Top by @EricPesikThe Truth about Tone from the Top by @EricPesik
The Truth about Tone from the Top by @EricPesikEric Pesik
 
Zombie PowerPoint by @ericpesik
Zombie PowerPoint by @ericpesikZombie PowerPoint by @ericpesik
Zombie PowerPoint by @ericpesikEric Pesik
 
J.P. Morgan and the Princelings of China by @ericpesik
J.P. Morgan and the Princelings of China by @ericpesikJ.P. Morgan and the Princelings of China by @ericpesik
J.P. Morgan and the Princelings of China by @ericpesikEric Pesik
 
Managing risk from top to bottom by @ericpesik
Managing risk from top to bottom by @ericpesikManaging risk from top to bottom by @ericpesik
Managing risk from top to bottom by @ericpesikEric Pesik
 
US Foreign Corrupt Practices Act and the Economics of Bribery by @EricPesik
US Foreign Corrupt Practices Act and the Economics of Bribery by @EricPesikUS Foreign Corrupt Practices Act and the Economics of Bribery by @EricPesik
US Foreign Corrupt Practices Act and the Economics of Bribery by @EricPesikEric Pesik
 
Do you want to be a billionaire by @EricPesik
Do you want to be a billionaire by @EricPesikDo you want to be a billionaire by @EricPesik
Do you want to be a billionaire by @EricPesikEric Pesik
 
Top 10 Things People Admit Doing on Conference Calls by @EricPesik
Top 10 Things People Admit Doing on Conference Calls by @EricPesikTop 10 Things People Admit Doing on Conference Calls by @EricPesik
Top 10 Things People Admit Doing on Conference Calls by @EricPesikEric Pesik
 
25 things NOT to do during Hungry Ghost Festival by @EricPesik
25 things NOT to do during Hungry Ghost Festival by @EricPesik25 things NOT to do during Hungry Ghost Festival by @EricPesik
25 things NOT to do during Hungry Ghost Festival by @EricPesikEric Pesik
 
Asia’s Increased Competitive Landscape - HR Implications on Talent Attraction...
Asia’s Increased Competitive Landscape - HR Implications on Talent Attraction...Asia’s Increased Competitive Landscape - HR Implications on Talent Attraction...
Asia’s Increased Competitive Landscape - HR Implications on Talent Attraction...Eric Pesik
 
Economics of Bribery by @EricPesik
Economics of Bribery by @EricPesikEconomics of Bribery by @EricPesik
Economics of Bribery by @EricPesikEric Pesik
 
Economics of Bribery
Economics of BriberyEconomics of Bribery
Economics of BriberyEric Pesik
 
Economics of Corruption
Economics of CorruptionEconomics of Corruption
Economics of CorruptionEric Pesik
 
Globalization of Ethics and Compliance by @EricPesik
Globalization of Ethics and Compliance by @EricPesikGlobalization of Ethics and Compliance by @EricPesik
Globalization of Ethics and Compliance by @EricPesikEric Pesik
 
Drafting Game Rules to Minimize Litigation
Drafting Game Rules to Minimize LitigationDrafting Game Rules to Minimize Litigation
Drafting Game Rules to Minimize LitigationEric Pesik
 
Effective Internal Controls by @EricPesik
Effective Internal Controls by @EricPesikEffective Internal Controls by @EricPesik
Effective Internal Controls by @EricPesikEric Pesik
 
Fighting Global Corruption by @EricPesik
Fighting Global Corruption by @EricPesikFighting Global Corruption by @EricPesik
Fighting Global Corruption by @EricPesikEric Pesik
 
Meeting in the Middle: Embracing Negotiation to Protect Business Interests an...
Meeting in the Middle: Embracing Negotiation to Protect Business Interests an...Meeting in the Middle: Embracing Negotiation to Protect Business Interests an...
Meeting in the Middle: Embracing Negotiation to Protect Business Interests an...Eric Pesik
 

Mais de Eric Pesik (19)

Reviewing Contract Key Terms and Conditions
Reviewing Contract Key Terms and ConditionsReviewing Contract Key Terms and Conditions
Reviewing Contract Key Terms and Conditions
 
Why fonts matter in 2 slides by @EricPesik
Why fonts matter in 2 slides by @EricPesikWhy fonts matter in 2 slides by @EricPesik
Why fonts matter in 2 slides by @EricPesik
 
The Truth about Tone from the Top by @EricPesik
The Truth about Tone from the Top by @EricPesikThe Truth about Tone from the Top by @EricPesik
The Truth about Tone from the Top by @EricPesik
 
Zombie PowerPoint by @ericpesik
Zombie PowerPoint by @ericpesikZombie PowerPoint by @ericpesik
Zombie PowerPoint by @ericpesik
 
J.P. Morgan and the Princelings of China by @ericpesik
J.P. Morgan and the Princelings of China by @ericpesikJ.P. Morgan and the Princelings of China by @ericpesik
J.P. Morgan and the Princelings of China by @ericpesik
 
Managing risk from top to bottom by @ericpesik
Managing risk from top to bottom by @ericpesikManaging risk from top to bottom by @ericpesik
Managing risk from top to bottom by @ericpesik
 
US Foreign Corrupt Practices Act and the Economics of Bribery by @EricPesik
US Foreign Corrupt Practices Act and the Economics of Bribery by @EricPesikUS Foreign Corrupt Practices Act and the Economics of Bribery by @EricPesik
US Foreign Corrupt Practices Act and the Economics of Bribery by @EricPesik
 
Do you want to be a billionaire by @EricPesik
Do you want to be a billionaire by @EricPesikDo you want to be a billionaire by @EricPesik
Do you want to be a billionaire by @EricPesik
 
Top 10 Things People Admit Doing on Conference Calls by @EricPesik
Top 10 Things People Admit Doing on Conference Calls by @EricPesikTop 10 Things People Admit Doing on Conference Calls by @EricPesik
Top 10 Things People Admit Doing on Conference Calls by @EricPesik
 
25 things NOT to do during Hungry Ghost Festival by @EricPesik
25 things NOT to do during Hungry Ghost Festival by @EricPesik25 things NOT to do during Hungry Ghost Festival by @EricPesik
25 things NOT to do during Hungry Ghost Festival by @EricPesik
 
Asia’s Increased Competitive Landscape - HR Implications on Talent Attraction...
Asia’s Increased Competitive Landscape - HR Implications on Talent Attraction...Asia’s Increased Competitive Landscape - HR Implications on Talent Attraction...
Asia’s Increased Competitive Landscape - HR Implications on Talent Attraction...
 
Economics of Bribery by @EricPesik
Economics of Bribery by @EricPesikEconomics of Bribery by @EricPesik
Economics of Bribery by @EricPesik
 
Economics of Bribery
Economics of BriberyEconomics of Bribery
Economics of Bribery
 
Economics of Corruption
Economics of CorruptionEconomics of Corruption
Economics of Corruption
 
Globalization of Ethics and Compliance by @EricPesik
Globalization of Ethics and Compliance by @EricPesikGlobalization of Ethics and Compliance by @EricPesik
Globalization of Ethics and Compliance by @EricPesik
 
Drafting Game Rules to Minimize Litigation
Drafting Game Rules to Minimize LitigationDrafting Game Rules to Minimize Litigation
Drafting Game Rules to Minimize Litigation
 
Effective Internal Controls by @EricPesik
Effective Internal Controls by @EricPesikEffective Internal Controls by @EricPesik
Effective Internal Controls by @EricPesik
 
Fighting Global Corruption by @EricPesik
Fighting Global Corruption by @EricPesikFighting Global Corruption by @EricPesik
Fighting Global Corruption by @EricPesik
 
Meeting in the Middle: Embracing Negotiation to Protect Business Interests an...
Meeting in the Middle: Embracing Negotiation to Protect Business Interests an...Meeting in the Middle: Embracing Negotiation to Protect Business Interests an...
Meeting in the Middle: Embracing Negotiation to Protect Business Interests an...
 

Último

FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...amitlee9823
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Dave Litwiller
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...daisycvs
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...lizamodels9
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with CultureSeta Wicaksana
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...amitlee9823
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Neil Kimberley
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxpriyanshujha201
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Sheetaleventcompany
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangaloreamitlee9823
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLkapoorjyoti4444
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentationuneakwhite
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 

Último (20)

FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
 
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
Enhancing and Restoring Safety & Quality Cultures - Dave Litwiller - May 2024...
 
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
Quick Doctor In Kuwait +2773`7758`557 Kuwait Doha Qatar Dubai Abu Dhabi Sharj...
 
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
Russian Call Girls In Gurgaon ❤️8448577510 ⊹Best Escorts Service In 24/7 Delh...
 
Organizational Transformation Lead with Culture
Organizational Transformation Lead with CultureOrganizational Transformation Lead with Culture
Organizational Transformation Lead with Culture
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023Mondelez State of Snacking and Future Trends 2023
Mondelez State of Snacking and Future Trends 2023
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptxB.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
B.COM Unit – 4 ( CORPORATE SOCIAL RESPONSIBILITY ( CSR ).pptx
 
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
Chandigarh Escorts Service 📞8868886958📞 Just📲 Call Nihal Chandigarh Call Girl...
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRLBAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
BAGALUR CALL GIRL IN 98274*61493 ❤CALL GIRLS IN ESCORT SERVICE❤CALL GIRL
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 

Effective Internal Controls (Annotated) by @EricPesik

  • 2. Presented by Eric Roring Pesik at Corruption and Compliance South & South East Asia Summit September 2012 Hilton Hotel, Singapore
  • 3. “These slides cannot replace the full live presentation, so I have added quotes and narration from my live presentation to supplement the visuals.”
  • 5. “I am here to talk about instilling good governance and ensuring full compliance with an effective internal controls program.”
  • 6. “There are two main topics: First, what are internal controls? And second, how do you ensure they are effective?”
  • 8. finance & accounting procedures
  • 9. “When we envision internal controls in modern organizations, the typical things one thinks about are finance and accounting procedures, such as revenue recognition rules, balance sheets, and cash flow statements.” finance & accounting procedures
  • 11. “Or you might also think about your corporate IT systems , such as ORACLE, SAP, and the databases and programs that keep track corporate transactions.” corporate IT systems
  • 12. company policies & procedures
  • 13. “Or you might think about general company policies & procedures, such as the rules we all follow to get our expense reports approved.” company policies & procedures
  • 15. “These are typical examples of internal controls. But they can be as obscure or esoteric. Internal controls should make sense to the people that have to comply with them.” humanize internal controls
  • 17. “Instead of the typical corporate internal controls, I offer you a simple internal control...”
  • 19. “Everyone has seen a restaurant guest check. You knows what it is and how it works. But how many people this of this as an internal control?” restaurant guest check
  • 21. “We recognize restaurant procedures, and we participate without question or thought.” restaurant procedures
  • 23. “When the waitress takes your order, the first internal control comes into play when you tell the waitress what you want. She writes it down. This simple data entry drives restaurant operations.” take your order
  • 24. “The waitress repeats your order as additional an control to verify the data, and correct it if it is incorrect.” take your order
  • 26. “The segregation of duties is another internal control because the kitchen must translate the written data into an allowed order on the menu.” prepare your order
  • 27. “The kitchen uses the order to manage production , preparing the meal as described in the guest check, and pulling raw materials from inventory.” prepare your order
  • 28. “The segregation of duties is also a fraud prevention control. The kitchen operates to the written order, preventing the waitress from recording an inexpensive item but delivering an expensive item.” prepare your order
  • 30. “When your order is ready the waitress uses the order to verify customer requirements against kitchen production output. serve your order
  • 31. “There is a final verification when your meal arrives. If you dispute the order, the wait staff can compare your dispute against the written order.” serve your order
  • 32. pay for your order
  • 33. “After you eat, you must pay. The cashier reviews the guest check to calculate sales price and record the sales revenue from your meal.” pay for your order
  • 35. “The restaurant keeps the order for records retention. The manager can audit these records to monitor the business operations.” receipt for order
  • 36. “Total sales as shown in the guest checks should match the revenue in the cash register.” receipt for order
  • 37. “Production orders as shown in the guest checks should match the changes in inventory.” receipt for order
  • 38. “The guest check allows top level review of restaurant operations. If there are discrepancies, management can investigate.” receipt for order
  • 40. “It doesn’t feel like an internal control. It’s not bureaucratic. It helps restaurant employees do their job more effectively, so they use it effectively.” restaurant guest check
  • 42. “The restaurant guest check is a human scale control. It is easy to understand and requires no special skill or technical knowledge.”
  • 44. “It is simple because it only requires a small piece of paper passed from user to user without special tools or equipment.”
  • 45. “It is effective because one item drives nearly every aspect of the business: sales, customer services, operations, production, inventory, revenue, accounting, planning, management oversight...”
  • 46. “It is an efficient control because it does not interfere with how each employee does his or her job. This internal control helps employee their job more efficiently.”
  • 48. “This internal control was developed organically. It wasn’t implemented by legal or finance or compliance. It was developed over time by the users themselves to make their job easier.”
  • 49. “There are probably similar internal controls in your company developed by the users themselves.”
  • 51. “Let’s look at the opposite end of the spectrum. The Internal Control - Integrated Framework was commissioned the Committee of Sponsoring Organizations of the Treadway Commission.”
  • 52. “This is a formal framework for internal control systems that is employed by a majority of multinational companies.”
  • 53. “There are four key concepts in the Internal Controls - Integrated Framework.”
  • 54. internal control is a process
  • 55. “Internal control is a means to an end, not an end in itself.” internal control is a process
  • 57. “Internal controls are not just things, they are people at every level of an organization. Internal controls rely on people for their effectiveness and are affected by the inherent faults of people.” affected by people
  • 59. “Internal controls cannot provide absolute assurances. There are no fool-proof internal controls.” reasonable assurance
  • 61. “Internal control should be directed at achieving company objectives. An internal control that is not tied to a corporate objective is not an effective internal control.” achieve objectives
  • 62. 1. process 2. people 3. assurances 4. objectives
  • 63. “Internal controls are processes effected by people that provide reasonable assurances that you are meeting or achieving your corporate objectives.”
  • 67. “Internal controls protect against the human desire to skip steps and take shortcuts.” human laziness
  • 69. “Internal controls need to protect against mistakes and human carelessness.” human carelessness
  • 71. “Human controls need to protect against human dishonesty.” human dishonesty
  • 74. “Internal controls protect against the inherent risk of having humans participate in your business.”
  • 76. “The integrated framework describes methods we put in place to protect against the human framework.”
  • 78. “Separating authorization, custody, and record keeping roles helps prevent fraud or error by one person.” segregation of duties
  • 80. “Maintaining documentation allows us to document and substantiate transactions.” retention of records
  • 82. “Supervision or monitoring allows us to observe and review ongoing operational activity.” supervision or monitoring
  • 84. “Information processing allows us to verify data entry, comparing file totals with control accounts, and control access to data, files, and programs.” information processing
  • 86. “Authorization of transactions ensure that transactions are reviewed and approved by an appropriate person.” authorization of transactions
  • 88. “Top level reviews allow reporting and analysis of actual results versus organizational goals and key performance indicators.” top-level reviews
  • 90. “Electronic security provides passwords and access logs to protect data and programs from unauthorized access.” electronic security
  • 92. “Physical security provides cameras, locks, and physical barriers to protect cash, property, and inventory.” physical security
  • 93. 1. segregation of duties 2. retention of records 3. super vision or monitoring 4. information processing 5. authorization of transactions 6. top-level reviews 7. electronic security 8. physical security
  • 95. “The eight categories of internal control methods are overlapping and nonexclusive.”
  • 96. “How to you make them effective?”
  • 99. “Internal controls must be risk focused. They must be tailored to actual risks your company faces.”
  • 101. “To implement risk-focused internal controls, you have to do a formal risk assessment. This is something everyone talks about, but rarely does.” risk assessment
  • 102. “Everyone has seen a typical risk matrix. It is a tool to compare two dimensions of data, the probability of risk and the magnitude of harm, to help you measure threats.”
  • 103. High Magnitude High Magnitude Low Probability High Probability Magnitude of Loss Low Magnitude Low Magnitude Low Probability High Probability Probability of Risk risk matrix
  • 104. “How many people have actually plotted out risks their company faces? This should not be merely a thought experiment, but a formal risk assessment.”
  • 106. “Most companies’ risk profiles are determined by the personal opinions of a small number of individuals.” who determines risk?
  • 108. “Lawyers, accountants, risk officers, experienced business professionals are all risk experts. Their job is to understand the risks our companies face based on their professional experience, training, and individual expertise.” risk experts
  • 110. “But individual opinions are too subjective, especially when risk assessments are made by limited individuals insulated from day-to-day operations.” subjective opinions
  • 112. “Relying on risk experts is not enough. To develop effective internal controls, you need to supplement subjective individual opinions with objective risk data.” objective data
  • 113. “Without objective risk data, you do cannot have a risk-focused program. And you cannot demonstrate to regulatory authorities that you have appropriate controls in place.” objective data
  • 115. “The data in this presentation is derived from reports from the Association of Certified Fraud Examiners. This presentation was delivered in Asia, and uses Asia data. But global data is similar.”
  • 117. “Probability is the frequency of fraud in each category. The percentages exceed 100% because any event may involve more than one risk category.”
  • 118. Corruption 51% Billing 19% Non-Cash 19% Expense Account 14% Skimming 13% Cash on Hand 11% Cash Larceny 9% Check Tampering 7% Financial Statement 7% Payroll 4% Cash Register 2% probability of the risk
  • 119. “Corruption is the most frequent risk, occurring in more than half of all events.”
  • 120. “The magnitude of loss is the median loss for each event, in thousands of US dollars.”
  • 121. Financial Statement $1,730 Corruption $175 Check Tampering $131 Billing $128 Cash Larceny $100 Non-Cash $90 Payroll $72 Skimming $60 Expense Account $33 Cash on Hand $23 Cash Register $23 magnitude of the loss
  • 122. “Financial statement fraud is infrequent, but it is the most costly form of fraud when it occurs.”
  • 123. “The adjusted risk profile combines the probability and magnitude together and then scales the result from 1-10, lowest to the highest.”
  • 124. Financial Statement 10.0 Corruption 7.4 Billing 2.0 Non-Cash 1.3 Check Tampering 0.7 Cash Larceny 0.7 Skimming 0.6 Expense Account 0.4 Payroll 0.2 Cash on Hand 0.2 Cash Register 0.0 adjusted risk profile
  • 125. “Financial statement risk and corruption risks are both high risk because of the high occurrence and high cost. Corruption is a current hot topic, but the data shows financial statement fraud is a greater risk.”
  • 127. Sales 21.0% Operations 15.4% Accounting 15.1% Exec/Upper Mgmt 14.0% Purchasing 10.7% Warehousing/Inventory 4.0% Finance 4.0% Customer Service 3.3% Marketing/Pub Relations 2.9% Board of Directors 2.9% Mfg and Production 2.2% Human Resources 2.2% Information Technology 1.5% Internal Audit 0.4% Research and Dev 0.4% Legal 0.0% probability of the risk
  • 128. “The sales department is the most frequent source of risk, probably because corruption is the most frequent category of risk. But the top 5 overall departments are similar, all with double digits risks.”
  • 129. Exec/Upper Mgmt $829 Board of Directors $800 Legal $566 Purchasing $500 Finance $450 Marketing/Pub Relations $248 Warehousing/Inventory $239 Human Resources $200 Accounting $180 Mfg and Production $150 Operations $105 Research and Dev $100 Sales $95 Information Technology $71 Customer Service $46 Internal Audit $13 magnitude of the loss
  • 130. “Upper management and the board of directors are the source of the greatest median loss per event, probably because financial statement fraud is the most costly form of fraud.”
  • 131. Exec/Upper Mgmt 10.0 Accounting 3.5 Purchasing 2.8 Operations 1.7 Finance 1.7 Sales 1.1 Warehousing/Inventory 1.0 Board of Directors 1.0 Marketing/Pub Relations 0.4 Customer Service 0.3 Legal 0.2 Human Resources 0.2 Mfg and Production 0.2 Information Technology 0.2 Research and Dev 0.0 Internal Audit 0.0 adjusted risk profile
  • 132. “The adjusted risk profile shows upper and executive management is the source of greatest source of risk to the company.”
  • 134. “External data is not enough. It helps you benchmark your risk analysis, but the key to developing risk-focused controls is collecting your own internal data.”
  • 137. “When you need unfiltered data about your company, you cannot rely on risk experts, because they don’t know what is happening with manager-level and line-level employees.” company constituents
  • 138. “You need to discover open secrets that everyone knows on the shop floor but that never reach management.” company constituents
  • 140. “Employees know who is lazy in their organization. They might not turn in their co-workers, but they will tell you the steps people skip.” human laziness
  • 142. “Employees know who is careless in their organization. They might not turn in their co-workers, but they will tell you the mistakes people make.” human carelessness
  • 144. “Employees know who is dishonest in their organization. They might not turn in their co-workers, but they will tell you how people steal from the company.” human dishonesty
  • 147. “Ordinary employees are the real risk experts in your company.” ordinary employees
  • 149. “A formal risk assessment is time consuming. It requires putting all your constituents in a room having each of them teach you about the risks they see every day.” formal risk assessment
  • 151. “Your risk assessment will produce a risk inventory - a list of every risk your employees identify.” risk inventory
  • 152. “Analyze the probability and magnitude of each item in your risk inventory to develop your company’s risk matrix.” risk inventory
  • 156. “Once you develop your company’s matrix, you must select appropriate internal control methods to mitigate the risks.”
  • 158. 1. segregation of duties 2. retention of records 3. super vision or monitoring 4. information processing 5. authorization of transactions 6. top-level reviews 7. electronic security 8. physical security
  • 159. “But your work is not done. You also have to assess the effectiveness of your proposed controls.”
  • 161. cost of mitigating or avoiding
  • 162. “Every internal control has a price. It may be the financial cost to implement, or the loss of operational efficiencies due to burdensome process steps or procedures.” cost of mitigating or avoiding
  • 163. “Do not allow the cost of mitigation to exceed the value of the risk. You need to know the effectiveness of each internal control.” cost of mitigating or avoiding
  • 165. “Effectiveness is measured by the reduction in median losses of organizations with an internal control versus organizations without the same internal control.”
  • 166. Hotline 59.2% Employee Support Programs 59.0% Surprise Audits 51.5% Fraud Training for Managers/Execs 50.0% Fraud Training for Employees 50.0% Job Rotation/Mandatory Vacation 46.8% Code of Conduct 46.6% Management Review 40.0% Anti-Fraud Policy 40.0% External Audit of ICOFR 34.9% Internal Audit Department 30.6% Independent Audit Committee 30.0% External Audit of F/S 25.0% Management Certification of F/S 25.0% Rewards for Whistleblowers 23.2% effective loss reduction
  • 167. “Hotlines were the most effective, but the top 5 internal controls yielded 50% or greater median loss reduction.”
  • 168. Hotline $100 $245 Employee Support Programs $100 $244 Surprise Audits $97 $200 Fraud Training for Managers/Execs $100 $200 Fraud Training for Employees $100 $200 Job Rotation/Mandatory Vacation $100 $188 Code of Conduct $140 $262 Management Review $120 $200 Anti-Fraud Policy $120 $200 External Audit of ICOFR $140 $215 Internal Audit Department $145 $209 Independent Audit Committee $140 $200 External Audit of F/S $150 $200 Management Certification of F/S $150 $200 Rewards for Whistleblowers $119 $155 benefit of loss reduction
  • 169. “Companies without hotlines suffered median losses of $245k per event. Companies with hotlines suffered only $100k median losses per event.”
  • 170. “Since hotlines have the greatest effective loss reduction, let’s do a quick case study to examine hotlines further and compare them with other sources of risk detection.”
  • 172. Tip 42.3% Internal Audit 14.3% Management Review 11.3% By Accident 8.9% External Audit 5.8% Account Reconciliation 5.5% Document Examination 4.4% Surveillance/Monitoring 2.7% Confession 2.4% Notified by Police 1.7% IT Controls 0.7% detection method
  • 173. “Tips are the source of 42.3% of risk detection. They are the greatest detection source.”
  • 174. Employee 49.2% Customer 17.8% Anonymous 13.4% Vendor 12.1% Shareholder/ 3.7% Owner Competitor 2.5% Perpetrator's 1.8% Acquaintance source of tips
  • 175. “Employees are the greatest source of tips. But about half of all tips come from sources other than employees.”
  • 176. With Hotline 47.1% Tips Overall 42.3% No Hotline 33.8% companies with hotlines
  • 177. With Hotline 47.1% Tips Overall 42.3% No Hotline 33.8% 13.3% companies without hotlines
  • 178. “Companies with hotlines receive 13% more tips than companies without.”
  • 180. “Hotlines are the most effective internal control, reducing median losses by almost 60%. Tips are the number one source for detecting risk, resulting in 13% more tips.” “Why is this important?” importance of hotlines
  • 182. “Regulators are paying whistleblower bounties to get tips. If you don’t have a hotline, you are telling 13% of people with tips to take them somewhere else.” whistleblower bounties
  • 183. “They will follow the money.” whistleblower bounties
  • 185. “Follow the money, follow the risk.”
  • 186. recap
  • 189. 1. process 2. people 3. assurances 4. objectives
  • 191. 1. segregation of duties 2. retention of records 3. super vision or monitoring 4. information processing 5. authorization of transactions 6. top-level reviews 7. electronic security 8. physical security
  • 195. “Follow the money, follow the risk.”
  • 198. License and Credits This presentation, excluding the images, is provided under creative commons attribution license. http://creativecommons.org/licenses/by/3.0/ You are free to share, copy, distribute, and transmit this work; to remix, adapt this work; and to make commercial use of the work; under the condition that you attribute this work to me by including the following attribution “Effective Internal Controls by Eric Pesik. Used with permission,” and URL Link: http://www.slideshare.net/ericpesik/ Microsoft Office Online: Except as noted below, all images in this presentation are from Microsoft Office Online. Used with permission from Microsoft: http://office.microsoft.com/en-us/images/ Flickr Creative Commons: The following images are from flickr creative commons and are licensed and used under creative commons attribution license: http://creativecommons.org/licenses/by/2.0/deed.en Art Coffee House Waitress by Wonderlane http://www.flickr.com/photos/wonderlane/293137892/ Waitress by Adikos http://www.flickr.com/photos/adikos/4319818916/ Rutherford Grill by Neeta Lind http://www.flickr.com/photos/neeta_lind/2517034517/ Serving Food by Adrian Nier http://www.flickr.com/photos/adriannier/4004167201/ Donut Shop Owner by Robert Couse-Baker http://www.flickr.com/photos/29233640@N07/7104455917/ Two chorizo burritos with cheese and sour cream by Rick http://www.flickr.com/photos/spine/1994814081/ Waiter by Hans Van Den Berg http://www.flickr.com/photos/myimage/4353456304/ Blue Telephone by UggBoy♥UggGirl http://www.flickr.com/photos/uggboy/5345135964/ Association of Certified Fraud Examiners: All data is from the Association of Certified Fraud Examiners, Report to the Nations on Occupational Fraud and Abuse, 2010 Global Fraud Study based on 1,843 cases of occupational fraud that were reported by the Certified Fraud Examiners who investigated them. http://www.acfe.com Committee on Sponsoring Organizations of the Treadway Commission: The Internal Control — Integrated Framework was commissioned by the Committee on Sponsoring Organizations of the Treadway Commission. It establishes a common definition of internal control that services the needs of different parties for assessing and improving their control systems. http://www.coso.org