Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 3 Governance.

Published bySilas Cross Modified over 9 years ago

Similar presentations

Presentation on theme: "Chapter 3 Governance."— Presentation transcript:

1 Chapter 3 Governance

2 Chapter 3 Learning Objectives
Define governance and contrast the different roles and responsibilities within governance. Articulate the different enterprise-wide governance principles. Describe the changes in regulations and how governance has evolved into its present state. Describe the role of the internal audit function in the governance process. Know where to find information about governance codes and regulations from countries around the world. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

3 What is Governance? The overall top-down means by which organizations operate. The process conducted by the BOD to authorize, direct, and oversee management toward the achievement of the organization’s objectives. CH1 Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

4 Exhibit 3-2 Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A

5 Governance Governance surrounds all activities in an organization.
May be established to comply with laws and regulations in the jurisdictions in which an organization operates. Serves to ensure that the needs of key stakeholders are met. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

6 Risk Management (CH 4) Purpose is to identify and manage the risks that may adversely affect the organization’s success. AND exploit the opportunities that enable success. Management develops strategies regarding how to best manage the key risks and opportunities. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

7 Internal Control (CH 6) Represent a subset, but integral part of, the broader risk management activities. Information flows down to lower levels of management for guidance purposes. Internal controls are risk responses. Flows back up to upper levels of management & the board for accountability purposes. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

8 Exhibit 3-3 Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A

9 Governance Umbrella The board is responsible for providing strategic direction and guidance Can also influence the organization’s risk-taking philosophy Governance oversight is where the risk management and internal audit activities are most relevant Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

10 Exhibit 3-4 Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A

11 Governance Oversight Governance begins with the BOD and its committees. The board must understand and focus on the needs of key stakeholders. Day-to-day governance is executed by management of the organization. Internal and external auditors provide management and the board with assurances regarding the effectiveness of governance activities. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

12 CIA ?  The governance process is also referred to as the way in which an organization chooses to conduct its affairs to meet four key responsibilities. Which of the following is a part of those responsibilities? I. Complying with society’s legal and regulatory rules. II. Satisfying the generally accepted business norms of society. III. Providing overall benefit to society and enhancing the interests of the specific stakeholders. IV. Reporting fully and truthfully to its owners, regulators, other stakeholders, and the general public. A. Ensuring compliance with society’s legal and regulatory rules is a goal of corporate governance. B. Proving an overall benefit to society is a goal of corporate governance. C. Reporting fully and truthfully to stakeholders is a goal of corporate governance. D. *Correct Answer* Governance practices may use various legal forms, structures, strategies, and procedures. They ensure that the organization (1) complies with society’s legal and regulatory rules; (2) satisfies the generally accepted business norms, ethical principles, and social expectations of society; (3) provides overall benefit to society and enhances the interests of the specific stakeholders in both the long- and short-term; and (4) reports fully and truthfully to its stakeholders, including the public, to ensure accountability for its decisions, actions, and performances. But earning a profit is not a goal of corporate governance. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

13 Goals of Corporate Governance
(1) complies with society’s legal and regulatory rules (2) satisfies the generally accepted business norms, ethical principles, and social expectations of society (3) provides overall benefit to society and enhances the interests of the specific stakeholders in both the long- and short-term; (4) reports fully and truthfully to its stakeholders, including the public, to ensure accountability for its decisions, actions, and performances. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

14 Board Responsibilities
Identify Key stakeholders Directly involved Interested (affected by success) Influence business/success Understand needs/expectations ID unacceptable outcomes Establish tolerance levels Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

15 Common Stakeholders (pg 6)
The first of the board’s responsibilities is to identify the key stakeholders of an organization. Employees direct customers direct vendors direct shareholders/investors indirect (interest) regulatory agencies indirect (interest) or influencing financial institutions influencing rating agencies influencing industry associations influencing competitors influencing Work for organizations and are directly involved Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

16 2100- Nature of Work The internal audit activity must evaluate and contribute to the improvement of governance, risk management, and control processes using a systematic and disciplined approach. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

17 2110-Governance The internal audit activity must assess and make appropriate recommendations for improving the governance process in its accomplishment of the following objectives: Promoting appropriate ethics and values within the organization; Ensuring effective organizational performance management and accountability; Communicating risk and control information to appropriate areas of the organization; and Coordinating the activities of and communicating information among the board, external and internal auditors, and management. 2110.A1 – The internal audit activity must evaluate the design, implementation, and effectiveness of the organization’s ethics-related objectives, programs, and activities. 2110.A2 – The internal audit activity must assess whether the information technology governance of the organization supports the organization’s strategies and objectives. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

18 Q3 ABC Utility company sells electricity to residential customers and is a member of an industry association that provides guidance to electric utilities, lobbies on behalf of the industry, and facilitates sharing among its members. From ABC’s perspective, what type of stakeholder is this industry association? A. Directly involved in the operation of the company B. Interested in the success of the company C. Influences the company D. Not a stakeholder C is the best answer. An industry association is not directly involved in its members’ business. While an industry association may be interested in seeing all of its members be successful, besides ongoing membership fees the association will not have any other direct interest in the success of the company. However, through its lobbying efforts and guidance, the industry association will affect how the company thinks and acts about its business. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

19 Stakeholder Expectations
Financial : EPS, cash liquidity, credit rating, ROI, capital availability, tax exposures… Compliance: litigation, code of conduct violations, EPA/OSHA violations, indictments…. Operations: Achievement of objectives, efficient use of assets, protection of assets, people, information and the community Strategic: reputation, corporate sustainability, employee morale, customer satisfaction Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

20 Key responsibilities of the BOD, senior management, and risk owners (RQ6)
The BOD can best execute its governance responsibilities by: 1. Establishing a Governance committee made of independent directors 2. Articulating requirements for reporting to the Board; management should be free to operate within the board’s tolerable limits. 3. Reevaluating Governance expectations periodically (probably annually) The board must establish reporting thresholds for management – what outcomes must be approved by the board, reported directly or summarized as part of quarterly meetings Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

21 a. Evaluating and approving strategic objectives
Which of the following is NOT an appropriate governance role for an organization’s board of directors? a. Evaluating and approving strategic objectives b. Influencing the risk-taking philosophy c. Providing assurances directly to third parties that the organization’s governance processes are effective. d. Establishing broad boundaries of conduct, outside of which the organization should not be operating. C is the best answer. It is not appropriate for a board to provide assurance to third parties on the effectiveness of an organization’s governance processes. Only management should provide such assurance directly to third parties. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

22 senior management responsibilities
1. Ensuring that the full scope of direction and authority granted by the board is understood appropriately. 2. Identifying the processes and activities within the organization that are integral to executing the governance direction provided by the board. 3. Evaluating what other business considerations or factors might create a justification for delegating a lower tolerance level to risk owners than that delegated by the board. 4. Ensuring that sufficient information is gathered from the risk owners to support its reporting requirements to the board. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

23 Senior management can best execute its governance responsibilities by:
1. establishing a risk committee 2. articulating reporting requirements 3. re-evaluating governance expectations on a periodic basis (probably annually) Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

24 I. Delegating risk tolerance levels to risk managers
Which of the following are typically governance responsibilities of senior management? I. Delegating risk tolerance levels to risk managers II. Establishing monitoring activities to determine whether expected outcomes have occurred. III. Establishing a governance committee of the board IV. Ensuring that sufficient information is gathered to support reporting to the board. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

25 Risk owners those individuals who have day-to-day responsibility for ensuring risk management activities and who effectively management risks within the organization’s risk appetite. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

26 Risk owners can best execute their governance responsibilities by:
1. presenting governance proposals to the Risk Committee. If an individual becomes responsible for a previously unidentified risk, the risk owner should submit a risk proposal that covers the inherent nature and source of the risk, its potential impact, proposed tolerance levels, and expected risk management activities. 2. re-evaluating risk management activities on a periodic basis (at least annually, but potentially more frequently) Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

27 assurance activities help provide the board with an objective assessment regarding the effectiveness of therisk management activities The extent of assurance activities performed by the internal audit function will depend on the (a) internal audit charter, which specifies the internal audit function’s role in governance assurance, and (b) specific direction from the board regarding current or ongoing expectations to perform such activities. Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

28 RQ 7: What role does the internal audit function play in governance?
The internal audit function can be an effective part of the governance process by: 1. ensuring it fully understands the board’s governance direction and expectations 2. supporting management’s risk management program 3. developing an internal audit plan that appropriately encompasses the governance assurance activities and allows for periodic communications to senior management and the board on the effectiveness of risk management activities Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

29 A. The board of directors B. Senior Management C. risk owners
Who is ultimately responsible for identifying new or emerging key risk areas that should be covered by the organization’s governance process? A. The board of directors B. Senior Management C. risk owners D. the internal audit function Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A.

30 Exhibit 3-1 Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A

31 Exhibit 3-5 Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A

32 Exhibit 3-6 Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A

33 Exhibit 3-7 Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A

34 Exhibit 3-8 Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A

35 Add slides as desired Copyright: Internal Auditing: Assurance and Advisory Services, by The Institute of Internal Auditors Research Foundation, 247 Maitland Avenue, Altamonte Springs, Florida U.S.A

Download ppt "Chapter 3 Governance."

Similar presentations

Organizational Governance

Organizational Governance
ASX Corporate Governance Council

ASX Corporate Governance Council
PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.

PRESENTATION ON MONDAY 7 TH AUGUST, 2006 BY SUDHIR VARMA FCA; CIA(USA) FOR THE INSTITUTE OF INTERNAL AUDITORS – INDIA, DELHI CHAPTER.
Auditing Governance Functions

Auditing Governance Functions
Corporate Governance Chapter 2.

Corporate Governance Chapter 2.
Core principles in the ASX CGC document. Which one do you think is the most important and least important? Presented by Casey Chan Ethics Governance &

Core principles in the ASX CGC document. Which one do you think is the most important and least important? Presented by Casey Chan Ethics Governance &
It’s Time to Talk About Risk and Control

It’s Time to Talk About Risk and Control
Introduction to Enterprise Risk Management (ERM)

Introduction to Enterprise Risk Management (ERM)
Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.

Welcome! Internal Auditing CHAPTER 1. Definition Internal auditing is an independent, objective, assurance and consulting activity designed to add value.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
3rd session: Corporate Governance

3rd session: Corporate Governance
Quality evaluation and improvement for Internal Audit

Quality evaluation and improvement for Internal Audit
Purpose of the Standards

Purpose of the Standards
Economics, Ethics and Markets

Economics, Ethics and Markets
Trinidad & Tobago Corporate Governance Code 2013

Trinidad & Tobago Corporate Governance Code 2013
The Professional Practices Framework: Ethics and Standards of Practice

The Professional Practices Framework: Ethics and Standards of Practice
The Role of Risk Management and Assurance in Effective Organizational Governance Urton Anderson The University of Texas at Austin.

The Role of Risk Management and Assurance in Effective Organizational Governance Urton Anderson The University of Texas at Austin.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing

Similar presentations

Ads by Google