Assessing the Internal

Slides:



Advertisements
Similar presentations
. . . a step-by-step guide to world-class internal auditing
Advertisements

External Quality Assessments Frequently Occurring Findings Observed by The IIA QA Teams.
Auditing, Assurance and Governance in Local Government
IMFO Audit & Risk Indaba June 2012
It’s Time to Talk About Risk and Control
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
Spreadsheet Management. Field Interviews with Senior Managers by Caulkins et. al. (2007) report that Spreadsheet errors are common and have been observed.
Operational Auditing--Fall Operational Auditing Fall 2009 Professor Bill O’Brien.
Quality evaluation and improvement for Internal Audit
Euseden INTERNAL AUDIT & ASSURANCE SERVICES.
The Role of Risk Management and Assurance in Effective Organizational Governance Urton Anderson The University of Texas at Austin.
Spreadsheet Management. Sarbanes-Oxley Act (SOX, 2002) Requires “an effective system of internal control” for financial reporting in publicly- held companies.
Corporate Governance: Beyond Compliance at a time of Recession Prof. Ashley G. Frank BA(Econ)[Magna Cum Laude], MDPA (Cum Laude], MBA, MCom [Cum Laude],
Internal Auditing and Outsourcing
Central Piedmont Community College Internal Audit.
D-1 McGraw-Hill/Irwin ©2005 by the McGraw-Hill Companies, Inc. All rights reserved. Module D Internal, Governmental, and Fraud Audits “I predict that audit.
Global Risk Management Solutions Risk Management and the Board of Director: Moving Beyond Concepts to Execution Anton VAN WYK Partner, Global Risk Management.
Chapter 3 Internal Controls.
Internal Audit Role in Order to Develop an Ethical Corporate Culture as a Competitiveness Factor A.I.I.A. - Internal Auditing body Università degli Studi.
The Sarbanes-Oxley Act of PricewaterhouseCoopers Introduction of Panel Members The Sarbanes-Oxley Act of 2002 What Companies Should Be Doing Now.
Audit objectives, Planning The Audit
Environmental Management System Fermi National Accelerator Laboratory.
Chapter 5 Internal Control over Financial Reporting
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
An Integrated Control Framework & Control Objectives for Information Technology – An IT Governance Framework COSO and COBIT 4.0.
The views expressed in this presentation do not necessarily reflect those of the Federal Reserve Bank of New York or the Federal Reserve System Association.
1 Internal Audit. 2 Definition Is an independent activity established by management to examine and evaluate the organization’s risk management processes.
Balance Between Audit/Compliance and Risk Management- Best Practices FIRMA 21 st National Training Conference Julia Fredricks, U.S. Chief Compliance Officer.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
S5: Internal controls. What is Internal Control Internal control is a process Internal control is a process Internal control is effected by people Internal.
Approval of Financial Statements Shareholders Boards Audit Committee Bert Vos Russian Corporate Governance Roundtable Meeting November 2004.
The University of Toledo Finance and Audit Committee Meeting “Internal Audit and Compliance Update” August 12, 2013.
Steps in the Transition to an Impact- Focused Audit Function Modifying Procedures, Audit Practices, and Reports to Address Risk Gert van der Linde, World.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
F8: Audit and Assurance. 2 Audit and Assurance Designed to give you knowledge and application of: Section A: Audit Framework and Regulation Section B:
Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.
January 23,  Balance state’s higher education long range plan and agency operations in the required strategic plan;  Involve agency staff in.
SUNY Maritime Internal Control Program. New York State Internal Control Act of 1987 Establish and maintain guidelines for a system of internal controls.
PRESENTATION TO THE PORTFOLIO COMMITTEE ON COOPERATIVE GOVERNANCE & TRADITIONAL AFFAIRS PRESENTER: MR V MADONSELA 13 NOVEMBER 2012.
Hans Nieuwlands CIA CGAP CCSA CEO IIA Netherlands
Getting to Know Internal Auditing
CPA Gilberto Rivera, VP Compliance and Operational Risk
How to Survive an External Quality Assessment
Getting to Know Internal Auditing
Controls Over Inventory
Getting to Know Internal Auditing
Audit & Risk Management
A Framework for Control
Accountability and Internal Controls – Best Practices
PLANNING THE INTERNAL AUDIT (8 - 10%)
Value of internal auditing: Assurance, Insight, objectivity
COSO Internal Control s Framework
Value of internal auditing: Assurance, Insight, objectivity
Getting to Know Internal Auditing
Value of internal auditing: Assurance, Insight, objectivity
Response to Report on Local Government new risk management and internal audit framework for NSW councils.
Sarbanes-Oxley Act (404) An IT Viewpoint
Corporate Governance It is a system by which companies are managed and directed in the best interests of the owners and shareholders. It refers to the.
WHAT TO EXPECT: A CROWN CORPORATION’S GUIDE TO A SPECIAL EXAMINATION
Risk Management: why and how to protect your health center
Adding Value Across the Board
for the year ended 31 December 2016
QUALITY ASSURANCE AND IMPROVEMENT PROGRAM
The Elements of appropriate Internal Controls
Value of internal auditing: Assurance, Insight, objectivity
Portfolio, Programme and Project
Define Your IT Strategy
An IT Viewpoint Darin Kreimeyer, Senior Manager Newel Linford, Manager
Module 3 Part 2 Developing and Implementing a QI Plan: Planning and Execution Adapted from: The Health Resources and Services Administration (HRSA) Quality.
An overview of Internal Controls Structure & Mechanism
Presentation transcript:

Assessing the Internal Control Environment - Reassessment resulting from the Doorstep results Confidential

Index Topic Page number Current responsibilities 3 Current status 4 Our corporate goal 7 Goals of the assessment 9 Improvements to current process 10 Internal audit vs risk management 11 Going forward Guidelines of assessment process 13 Resources for projects 14-15 Skeleton workplan 16

Planning Responsibility Current Responsibilities BRM Doorstep Audit committee Sponsors CFO, RAC, Risk Ops AA Ongoing monitors Risk Ops, RAC Planning Responsibility AA Risk Ops, RAC AA Risk Ops, RAC, AA, business controllers Business Controllers Execution Business Controllers

Key differences between BRM & Doorstep Current status - Deliverables and key differences BRM Doorstep Deliverables 1) Control opinion 1) Recommendations for improvement communicated to upper levels of management 2) Documented control processes 2) Management obtains comfort over offices’ 3) Update audit committee operations Key differences between BRM & Doorstep 1) BRM process/monthly control committee 1) Detailed knowledge used by key senior management 2) Aid to external audit process 2) Self assessment 3) Corporate governance 3) Led by management who has indepth knowledge of issues and day-to-day business issues 4) Focused/targeted control reviews

Current status - Key points BRM Doorstep Key points 1) Not a true internal audit - not all risks are audited 1) Not independent (self assessment) 2) Recommendations are not appropriately brought to 2) Overlaps some of BRM work the attention of management 3) Lacks bottom-up buy-in - perception of no added value 5) Based on needs of external audit 6) Control opinion does not cover risk of loss in future periods BRM Doorstep Overlap

BRM Doorstep Successes Success of both processes Current status - Key successes BRM Doorstep Successes 1) BRM process developed based on independent 1) Routine and extensive communication assessment of risks review between AA and Enron 2) Control documentation completed 2) Material weaknesses identified are brought to the attention of senior management 3) Created awareness within business units of 3) A process has been established to clear identified weaknesses key business risk elements 4) Management empowerment for process 5) Self assessment 6) Based on minimum standards/best practices Success of both processes Top level buy-in/approval for resource expenditure Management has showed a willingness to enhance/challenge current process

Current status - BRM & Doorstep Does management believe that the two processes are sufficient to monitor the achievement of our corporate goal?

Our corporate goal To develop and maintain a world class internal control environment consistent with our business aspirations Definition of a world class internal control environment 1) Leader in the field - acknowledged in market place 2 )Leveragable in commercial negotiations (asset, not liability) 3) Up to date with business developments 4) Regularly and independently monitored and assessed 5 ) Highly automated 6 ) Transparent at all levels within the organization Enron believes it is necessary to have an assessment process in place to monitor the internal control environment

Goals of the assessment Current goals to obtain an independent opinion on Enron’s control environment to assess the operational risk of each location communicate key issues to upper management assess risks of commodities and trade types Additional goals not currently met assess all risks of Enron to have Enron lead the process, direct planning, execution, and follow up

Improvements to current process - Gaps Enron must be involved planning and executing (BRM) Process/goals need to become transparent Balance between corporate governance and self assessment Minimum standards/best practices to be formalized High risk deviations from minimum standards must be brought to attention of senior management Follow up and improvements must be continually assessed and performed A plan to ensure internal audit standards are must exist

Internal audit vs risk management Definition - Design of internal audit as defined by the Internal Institute of Auditors Internal auditing reviews the reliability and integrity of information, compliance with policies and regulations, the safeguarding of assets, the economical and efficient use of resources, and established operational goals and objectives. Internal audits encompass financial activities and operations including systems, production, engineering, marketing, and human resources. Do we need to audit all the above mentioned items? Do the current processes meet the requirement for an internal audit? C - Compliance A- Achieving goals and objectives R- Reliability of information E- Efficiency and effectiveness S - Safeguarding assets

Going forward

Guidelines of assessment process All assessment processes should be driven by Enron Self assessment - Risk operations/RAC Corporate governance - Audit committee/CFO Deliverables and goals need to be transparent Processes must be ongoing and continually improved Processes cannot be done in a vacuum - all assessments should work together Design minimum standards Implement minimum standards at all Enron companies Establish a plan to test that minimum standards are met Continuous improvement Design Implement Test/Review Reengineer/process improvement

Project management team/Resources building block for BRM Key: Independent function to meet requirements for internal audit In order to maximize efficiency, planning and execution for this must be done with Doorstep team Audit committee Project Sponsors Senior management Corporate team, AA Note: This team must work closely with the doorstep team Oversite committee (vision, direction) Corporate team, AA Regional controls, control senior managers, global resources Note: This group should also be responsible for following up findings Implementation, review, monitor AA, Enron execution team Business controllers Execution and local coordination

Project management team/Resources building block for Doorstep Key: Business controllers, global committee, and AA involved in developing a plan that meets needs: IA requirements Independent opinion Risks as business units see them Risks as global sees them Rick Causey, Rick Buy Project Sponsors Sally Beck, Ted Murphy, Fernley Dyson Shona Wilson, Mike Jordan, Brent Price, regional controllers Oversite committee (vision, direction) Brent Price, Shona Wilson, Mike Jordan, AA Regional controllers, control senior managers Implementation, review, monitor AA, Enron execution team Business controllers Execution and local coordination

Skeleton workplan Earmark committee to review current process Combination RAC, Risk Operations, AA Input from business controllers Determine assessments to take place to meet goals Formally document minimum standards/best practices Risk Operations Develop audit program to meet goals AA Develop timeline for reviews Earmark resources Risk Operations, RAC Formalize reporting structure and data capture Risk operations, RAC

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.