Presentation is loading. Please wait.

Presentation is loading. Please wait.

Section Topics Risk and control terminology Risk elements

Published byCecilia Palmer Modified over 9 years ago

Similar presentations

Presentation on theme: "Section Topics Risk and control terminology Risk elements"— Presentation transcript:

1 Section Topics Risk and control terminology Risk elements
Control elements Part 1, Section 2

2 The Nature of Work for the Internal Audit Activity
Risk Control Governance Help manage risk by: Help maintain effective controls by: Help assess and improve governance by: Identifying and evaluating significant exposures to risk. Contributing to the improvement of risk management and control systems. Monitoring and evaluating the risk management system. Evaluating the effectiveness and efficiency of controls. Promoting the continuous improvement of the control environment. Promoting appropriate ethics and values. Ensuring effective performance management and accountability. Effectively communicating risk and control information. Effectively coordinating the activities and communicating information. Part 1, Section 2, Introduction

3 Risk and Control Risk Control
“The possibility of an event occurring that will have an impact on the achievement of objectives; it is measured in terms of impact and likelihood.” “Any action taken by management, the board, and other parties to manage risk and increase the likelihood that established objectives and goals will be achieved.” Source: Standards Glossary. Part 1, Section 2, Topic 1

4 Discussion Question Identify the following statements as true or false. Answers: True Risk begins with strategy formulation and objective setting. Risk reflects a single outcome. Risks may present threats to an organization or be the failure to achieve positive outcomes. Business risks are uncertainties related to the achievement of business objectives. False True True Part 1, Section 2, Topic 1

5 Discussion Question Identify the terms described below. Answers:
Acceptable risk The business impact that would be experienced if certain risks became realized. The risk derived from the environment without the mitigating effects of internal controls. The risk remaining after management takes action to reduce the impact and likelihood of an adverse event, including control activities. The level of risk an organization is willing to accept. Inherent risk Residual risk Risk appetite Part 1, Section 2, Topic 1

6 Terminology The list of terms provides a common language to use with the board, management, and others in all communications. Any questions about other terms? Part 1, Section 2, Topic 1

7 Risk Assessment Process
Part 1, Section 2, Topic 2

8 Discussion Question Identify the following items as likelihood or impact factors. Answers: Impact Negative press about a discriminatory employment practice Increasing complexity of environmental regulations Length of time a plant remains shut down after a fire Probability estimates for a new product launch Likelihood Impact Likelihood Part 1, Section 2, Topic 2

9 Risk Map for Likelihood and Impact
High High Impact Low Likelihood High Likelihood Low Impact Impact Low High Likelihood Part 1, Section 2, Topic 2

10 Benefits and Limitations of Internal Control
Internal control can: Achieve performance and profitability targets. Prevent loss of resources. Support reliable financial reporting. Support compliance with laws and regulations, avoiding damage to reputation or other consequences. Internal control cannot: Ensure organizational success or even survival. Ensure the reliability of financial reporting. Ensure absolute compliance with laws and regulations. Helps mitigate risk and ensure that management strategies and objectives are carried out Part 1, Section 2, Topic 3

11 Types of Controls Part 1, Section 2, Topic 3 Type of Control
Description Examples Preventive Proactive controls that deter undesirable events from occurring Ethical “tone at the top” Effective empowerment Mutual trust Performance standards Detective Reactive controls that detect undesirable events that have occurred Input controls Processing controls Output controls Directive Proactive controls that cause or encourage a desirable event to occur Guidelines Training programs Incentive plans Mitigating Controls that reduce the potential impact should an event occur Insurance Compensating Controls that compensate for the lack of an expected control Close supervision in lieu of segregation of duties Part 1, Section 2, Topic 3

12 Discussion Question Identify the following items as active or passive controls. Answers: Active Independent verification of performance Accounts payable transaction procedures Information system controls limiting transactions Plant heating, ventilation, and air conditioning system Senior and operating management status meetings Active Passive Passive Active Part 1, Section 2, Topic 3

13 The Control Loop Part 1, Section 2, Topic 3

14 Discussion Question Which of the following characterize effective controls? (Select all that apply.) Root cause identification Efficiency in achieving intended objectives Alignment to strategic objectives Redundant controls to ensure accuracy Answer: I, II, and III. Excessive and/or redundant controls can lead to confusion and frustration. Part 1, Section 2, Topic 3

15 Reinforcing Activity 1-5
Part 1, Section 2, Topics 1, 2, and 3 Risk and Control Elements Part 1, Section 2, Topics 1, 2, and 3

16 End of Section 2 Questions? Part 1, Section 2

Download ppt "Section Topics Risk and control terminology Risk elements"

Similar presentations

Organizational Governance

Organizational Governance
Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.

Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.
Appendix H: Risk training slides (sample). What is Risk? “ Risk is the effect of uncertainty on objectives ” AS/NZS ISO31000:2009.

Appendix H: Risk training slides (sample). What is Risk? “ Risk is the effect of uncertainty on objectives ” AS/NZS ISO31000:2009.
Chapter 14 Fraud Risk Assessment.

Chapter 14 Fraud Risk Assessment.
IMFO Audit & Risk Indaba June 2012

IMFO Audit & Risk Indaba June 2012
Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.

Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.
Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Control and Accounting Information Systems

Control and Accounting Information Systems
Control and Accounting Information Systems

Control and Accounting Information Systems
Prepared by Wa'el Bibi,CPA,CIA,CISA1 Internal Control Integrated Framework An Overview.. Bibi Consulting COSO’s Source: COSO’s Internal Control Integrated.

Prepared by Wa'el Bibi,CPA,CIA,CISA1 Internal Control Integrated Framework An Overview.. Bibi Consulting COSO’s Source: COSO’s Internal Control Integrated.
Understanding & Managing Risk

Understanding & Managing Risk
Office of Operations 2009 Fall Conference Navigating Uncertain Times October 21-22, 2009 Risk Assessment and Internal Controls Internal Controls Anna Tomassacci.

Office of Operations 2009 Fall Conference Navigating Uncertain Times October 21-22, 2009 Risk Assessment and Internal Controls Internal Controls Anna Tomassacci.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.

1 INTERNAL CONTROLS A PRACTICAL GUIDE TO HELP ENSURE FINANCIAL INTEGRITY.
2011 Governance, Risk, and Compliance Conference August 29 – 31, 2011 / Orlando, FL, USA The Top Four Essential Objectives to Auditing ERM Stephen E. McBride,

2011 Governance, Risk, and Compliance Conference August 29 – 31, 2011 / Orlando, FL, USA The Top Four Essential Objectives to Auditing ERM Stephen E. McBride,
Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.

Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS

IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
ENVIRONMENTAL MANAGEMENT PLAN

ENVIRONMENTAL MANAGEMENT PLAN

Similar presentations

Ads by Google