But do you know whether your Corporate Governance activities are extracting maximum value? If not, this is probably because your Internal Audit team have not assessed this key topic.
This audit approach is crucial as the Board and the Audit Committee need comprehensive assurance about this strategic business process.
This Auditing Corporate Governance training course will provide all the tools and techniques essential to audit the complex and wide-ranging field of Corporate Governance. It will help you ensure that you are applying the very best practices and meet all regulatory requirements.
Copurse Obhectives of Auditing Corporate Governance
Audit the risk management process
Meet stakeholder expectations regarding Corporate Governance (CG)
Assess the effectiveness of business continuity planning
Assist the Audit Committee in their Corporate Governance (CG) role
Assess sustainability and environmental governance
Audit joint ventures and partnerships
The Key Aspects of Corporate Governance
What is Corporate Governance?
6 Core Principles of Governance
The Governance Warning Signs
Corporate Governance Insights Paper
Auditing Corporate Governance – New guidance
Meeting Stakeholder Requirements
How is an organisation managed on behalf of the stakeholders?
The Key Parties within Governance
Audit Committee
The Board
Regulators
Customers
Suppliers
Governance and Accountability Tool
Developing a Terms of Reference for the Assignment
Audit Programme
Guide on IA Standard 2120
Corporate Governance Statements
Governance Assessment Techniques
COSO Advisory Paper – Improving organizational performance and Governance
Governance and Strategy
Governance Models
Codes of Governance Requirements
Financial Reporting Implications
International vs. National Governance Criteria
The 3 Lines of Defence
Who should cover what?
The Business Environment
The Standards, Processes, and Structures
The Tone at the Top Regarding the Importance of Internal Control
Expected Standards of Conduct
Management Reinforcement of Expectations across the Organization
The Integrity and Ethical Values of the Organization
The Governance Oversight Responsibilities
The Assignment of Authority and Responsibility
The Process for Attracting, Developing, and Retaining Staff
Establishment of Performance Measures, Incentives, and Rewards
Analysing and Assessing the Effectiveness of Governance Controls
Business Process Analysis Techniques
Process Objectives and Risk
The Need to Understand the Business Objectives
Developing a Programme to Reflect these Objectives
Defining and Measuring Strategic Objectives
Determining Process Components
The Link between Objectives and Risk
The Link between Risks and Controls
Process and Business System Controls
The Link between Inputs and Outputs
Trigger Events
Scoping a Governance Audit
Governance Structure
Reporting Lines
Strategy and Risk Appetite
Leadership and Culture
3 Lines of Defence Process
Communication with Regulators
Escalation
Delegated Authorities
Whistleblowing
Accountabilities
Data Integrity
Commitment to Governance
Policies
The Need for Governance Audit of the Board
The Key Role of the Board in Governance
The Need to Assess the Risks at this Level
Determining the Key Risks and Causes
The Audit Approach in this Sensitive Area
How to gather the evidence?
The 15 Key Governance Board Risks to be Reviewed
The actions of the Board are taken without due consideration of the impact on the organisation and the stakeholders
Independent members of the Board are unable to give robust challenge to the executive / senior management
The Board does not have sufficient, complete or timely information on which to base its decisions
The Board is not monitoring or taking action on the most significant risks to the organisation
Evidence of the decisions made by the Board, including the challenge process, is not is not transparent
Actions agreed by the Board are not implemented on a timely basis
Committees set up by the Board may not fulfill their obligations or there are too many committees such that the oversight is fragmented
The Board is not effective in covering the risks relating to remote sites or does not have responsibility / oversight for all parts of the organisation
Policies, procedures and projects are not aligned to the organisation’s objectives
The culture of the organisation is not sufficiently defined or does not support the organisation in achieving its objectives
Risks are accepted or taken which are outside of the organisation’s risk appetite
The organisation’s risk appetite may conflict with the objectives and values of the organisation
In the event of a significant incident here is an adverse effect on the wider economy or society
The governance requirements of any regulatory or legislation requirements are not met leading to increased regulatory sanction, censure or closure of a business
Communications from the Board are not effective such that parts of the organisation may not be operating in line with board expectations and may not support the organisation in achieving its objectives
Auditing the Overall Risk Management Process
Establishing the Position Regarding RM in the Business
Establish Corporate Targets and Monitor Overall Progress
Risk Management using ISO 31000 Paper from IIA
Keeping the Board Apprised of the Most Significant Risks
Assessment of RM Capabilities
Strategic Risk Assessment
Review of Risk Evaluations in each Function
Ensuring Actions to Treat Exposures Implemented
Ensuring All Functions Evaluate their Risks Consistently
Evaluating the Results and Challenging where Necessary
Identification of Exposures
Reviewing Risk Registers
Imperatives for Change – RBA Planning
Basing Audit Programme on Most Significant Risks
Comparing Perceived vs. Actual Controls
Risk Management Evaluation Tool
Evaluating Risk Appetite
Evaluating the Risk Appetite Statement
Defining Risk Limits
The Risk Profiling
Ensuring the Risk Appetite is defined for each type of risk
Ensuring Target Risk for Each Event
Auditing the Audit Committee Process
The Audit Committee Role
Structure and Independence
Does the Committee Approved (but not direct) internal audit strategy, plan and performance?
Does the Committee review summary IA reports and the main issues arising and seek assurance that action has been taken?
How does the Committee consider the reports of external audit and other external agencies?
How are the effectiveness of relationships between IA and EA and other bodies reviewed?
How are the effectiveness of the risk management environment and anti-fraud arrangements assessed?
The Audit Committee / IA Relationship
How the Audit Committee should Assess IA
Audit Programme
How does the Committee satisfy itself that assurance statements and the annual statement of accounts properly reflect the risk?
Audit Committee Checklist
Audit Committee Report
Auditing Reputation
The Rise of Reputation as a Key Risk
The Increasing Importance of a Positive Image – The need to be admired
Where does reputation come from?
How do you measure it?
The Magnifying Effect on Reputation of Business Failures
Global Brands
How to judge reputation?
The Explosion of Regulation and External Assurance
Identifying Reputational Risks
Reviewing Reputational Risk
Corporate Social Responsibility
The Increasing Importance of Corporate Social Responsibility (CSR)
IIA Standard 2110 Re-auditing of Ethics
What constitutes CSR?
The Wider Aspects of CSR and the Implications for IA
Doing Responsible Things Responsibly
Auditing Ethics
Redefining IA Role with CSR in Mind
An Audit Framework
How to audit CSR? – Key Steps
Is communication with main stakeholders taken seriously?
Are the expectations of these stakeholders accurately understood, and what are the risks that these will not be met?
Are opportunities taken to develop the ethical reputation of the business?
How do we ensure that staff have and display the right attitudes?
Has the business assessed its reputation for social responsibility and its impact on our business prosperity?
Is the Board, and in particular the Chief Executive, sensitive and responsive to the concerns of customers?
Sustainability and Environment Audit
The Need for Environmental Auditing
The Key Requirements for Sustainability of Resources
Why Environmental Audit is valuable even if you do need to comply with ISO 14001
Carrying-out an Environmental Site Review
Reviewing the Audit Trails
Meeting Regulatory Requirements
Ensuring Consistency
Auditing IT Governance
Global Technology Audit Guides (GTAG’s)
The Need to Determine the Boundaries
Defining the IT Audit Universe
Focus on High Risk Areas
Assess IT Vulnerabilities
Target Areas Where You are Focusing on Process rather than Technical Aspects
Use of Audit Frameworks such as CoBIT and ISO 27000
IIA Standard on IT Governance
Risk Based Audit of General Controls (GAIT)
IIA Guidance re GAIT
ISO 27000 Audit Checklist
Auditing Joint Ventures and Partnerships
Ensuring that there is a Risk Strategy for JV’s
What protocol is in place?
What is the review mechanism?
Is it effective?
What frequency is there for review by management?
What mechanism is there to guide management in attending JV meetings?
Does anyone know the number of JV’s and partnerships you are involved in and how much money and other resources are invested in them?
Has each JV been risk reviewed?
Reviewing a Current JV or Partnership
Rationale
Added Valu
Decision-making
Performance
Finance
Problems
Termination
Auditing Business Continuity Planning
The Importance of BCP
The Need to Recognize BCP is not just about IT Recovery
Reviewing the Different Types of Disaster – Have all been considered?
Does the organization’s leadership understand the current business continuity risk level and the potential impacts of likely degrees of loss?
Can the organization prove the business continuity risks are mitigated to an approved acceptable?
Are they tested effectively?
Is the Board well set up to respond swiftly and capably in a crisis?
The Transition from an Emergency to a Disaster and the Questions to Ask at Each Stage
Is there an appropriate contingency plan ready to be used to manage a crisis?
Communication Testing
Alternative Site Testing
A Paper on BCP Resilience will be shared
Reviewing Key Controls Over Technology
Risk and Control Matrices to Document Technology Dependencies
Evaluating End-User Computing
Implementing or Monitoring Control Activities when Outsourcing IT Functions
Configuring the IT Infrastructure to Support Restricted Access and Segregation of Duties
Configuring IT to Support the Complete and Accurate Processing of Transactions and Data
Administering Security and Access
Applying a System Development Life Cycle Over Packaged Software
Assessing Management Information Governance
Inventory of Information Requirements
Validating Information from External Sources
Information from Non-Finance Management
Creating and Maintaining Information Repositories
Enhancing Information Quality Though a Data Governance Program
Identifying, Protecting, and Retaining Financial Data and Information
Adoption of ISO 27000
Communication Internally and Externally
External Financial Reporting Disciplines
Responsibilities and Guidelines for Communication to the Board of Directors
Communicating a Whistle-Blower Program to Company Personnel
Communicating through Alternative Reporting Channels
Establishing Cross-Functional and Multi-directional Internal Control Communication
Surveys for External Parties
Ongoing Evaluations to Ascertain Whether the Components of Internal Control are Present and Functioning
Develop a Baseline for Effective Internal Control Processes
Have a Mix of Evaluations from Different Sources
Use the Most Knowledgeable Personnel
Adjust Scope and Frequency
Change the Monitoring Processes as the Business Activities and Risk Profile Changes
Develop Metrics
Consider a Continuous Monitoring / Audit Approach
Dates | Venues | Price | Details |
---|
Write a public review