The Internal Control Institute has developed a CICS Common Body of Knowledge Mini-Assessment that helps an individual determine their knowledge as it relates to governance and control practices. Results point out areas of knowledge that may require additional training and experience. The assessment also provides a measurement to the individual's readiness for CICS certification. The assessment measures core knowledge in eight critical areas including: Internal Control - Principles, Terms and Concepts, Internal Control Environment, Risk Management, Assessing Application Controls, Business System Control Assessment, Risk Assessment, Internal Control Measurement and Reporting, and Governance Practices
Start becoming an Internal Control professional today!
The ICI "Certification Series" has been completely updated and is available online to everyone around the world! Course content prepares individuals to design and/or assess internal control and to assist management in installing internal control processes. In addition, the series prepares candidates for the Certified Internal Control Specialist (CICS) Examination.
Online course pricing has been reduced by over 70%
Internal Control "Controlling"
By Michael Pregmon, Jr., Ph.D., CICP
Dr. Michael Pregmon, Jr. COO and Managing Director
In the previous three editions of the Internal Control Chatter newsletter, we reported the four essential things a good manager must accomplish. These are:
(P)lanning
(O)rganizing
(L)eading
(C)ontrolling
The POLC of management
In this edition, we will briefly introduce the (C) controlling activity essential for Internal Control Managers. Obviously in this space we will be able to highlight only one of the more important activities of the internal control manager's involvements. Perhaps, this is a most important task from the organization's standpoint.
The Committee of Sponsoring Organizations (COSO) is recognized as the leading authority for the practice of internal control worldwide. It published the COSO Internal Control Framework which is highly regarded. This document emphasizes that internal control is everybody's responsibility in an organization. We realize the intent of this statement in the Framework to infer that internal control is an individual responsibility. However, we also recognize if everybody is responsible for something, nobody is individually and specifically responsible for controlling that thing. This is where the internal control manager can play a key role in the enterprise.
In an earlier article when covering the (P)lanning activity, we suggested the internal control manager take a leading role for completing the risk assessment for the company. In this phase, an in-depth review of risk vulnerabilities by function/department is undertaken. The result of this exercise provides a list of key risk exposures that need to be managed. We stated that most companies typically cannot afford to prevent all risk vulnerabilities at 100%. As a result, the most pressing risks and those of highest vulnerabilities need to be closely controlled. Consequently, these need to be monitored regularly and should be periodically reviewed.
This control system can easily be accomplished with a reporting system monitored by the internal control manager. A monthly report of the single most costly or concerning risk from each department/function throughout the company would provide this assurance. In this respect, those risks with high vulnerabilities will be continually monitored to insure they are not overlooked and are properly managed. Don't get "caught" by surprise!
ICI ANNOUNCEMENTS
PARTNERS WANTED:
HELP US IMPROVE INTERNAL CONTROL SYSTEMS WORLDWIDE
The Internal Control Institute™ (ICI) improves organizational Internal Control worldwide by providing training, products and services and individual Professional Certifications recognized internationally. The Institute's Board of Advisors has determined it would like to further expand into areas where it is not directly represented. ICI provides world-class programs and its intellectual property to affiliates free of charge and shares all program revenue with them. If your organization is interested in partnering with ICI to earn revenue while you contribute to the development of the internal control profession worldwide please contact Dr. Michael Pregmon, Jr., Chief Operations Officer, by email at:
mpregmon@internalcontrolinstitute.org or by phone at
727-538-4113in the USA.
WELCOME TO OUR NEWEST PARTNER
ICI has entered into an agreement with Business and Financial Consulting company in the Republic of Tunisia (hereinafter referred to as "ICI BFC" as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in the Republic of Tunisia
. ICI BFC will be responsible for all development activities in this area, including professional training and Certification. Individuals or companies interested in internal control training or Certification should contact:
The Internal Control Institute is conducting certification training in a classroom format for the internationally recognized CICS (Certified Internal Control Specialist) certification in internal control. Information on these programs regarding dates and schedules can be found on the Events tab on our Website or directed to the affiliate named below:
Botswana:
ICI has entered into an agreement with Internal Control Institute of Botswana (ICI Botswana":) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in this territory. ICI Botswana will be responsible for all development activities in this area, including professional training and Certification. Individuals or companies interested in internal control training or Certification should contact:
Better Business Governance - APAC PTE LTD (BBG) has become a representative for Products, Services and Internal Control Certifications (CICS/CICP) in Myanmar and Cambodia.
Better Business Governance will be responsible for all development activities, including professional training and Certification. For more information on upcoming activities in this area please contact:
The CICS exam is now being provided in Arabic. Osool Training and Consulting has courses and testing available in Jordan, Libya, Muscat, Sudan, Qatar, the United Arab Emirates, Kuwait and Palestine.
Training Plan 2019
Certified Internal Control Specialist (CICS) Certification Preparation Programs are scheduled as follows:
Muscat, Oman - September 29 to 3 October 2019
Doha, Qatar - November 17 to 21, 2019
Dubai, UAE - December 15 to 19, 2019
Interested applicants in the region should contact Osool for scheduling for future programs. For additional information on scheduled ICI Certification and program sessions, please contact:
ICI has entered into an agreement with GRC Consultancy Pte Ltd. (ICI Singapore, Malaysia, Indonesia and Taiwan) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in those territories.
Individuals or companies interested in internal control training or Certification should contact:
For more information on upcoming activities in Vietnam please contact: NGUYEN THANH TUNG (MBA. M.Eng, PhD.) Director, FMIT Institute of Financial Management & Information Technology, Level 5, 126 Nguyen Thi Minh Khai Street, Ward 6, District 3, HCMC, Viet Nam
Each month the staff of The Internal Control Institute reviews hundreds of articles related to Internal Control and Corporate Governance. Here are brief summaries of some of the top articles (along with links to the original article) that may be of interest to you.
Ericsson plans to take $1.23B hit for corruption fine in Q3
Sep 26, 2019
Ericsson today said it will apportion $1.23 billion in its third quarter 2019 earnings to cover an estimated fine of $1 billion, plus other related costs, related to a corruption investigation by the U.S. Securities and Exchange Commission and the U.S. Department of Justice.
Ericsson has been cooperating since 2013 with the SEC and since 2015 with the DOJ in regard to Ericsson's compliance with the U.S. Foreign Corrupt Practices Act (FCPA).
The company says the investigation covers a period ending in the first quarter of 2017 and involves its activities in six countries: China, Djibouti, Indonesia, Kuwait, Saudi Arabia and Vietnam. Ericsson has not said what the corruption investigation pertains to, although some press reports have said it relates to bribery scandals dating back more than a decade.
Ericsson said, "It is the company's assessment that the breaches are the result of several deficiencies, including a failure to react to red flags and inadequate internal controls, which enabled a limited number of employees to actively circumvent internal controls for illegitimate purposes."
More Companies Putting Internal Audit in Charge of SOX
By Joseph McCafferty
internalaudit360.com
A new study finds that companies are increasingly putting internal audit in charge of Sarbanes-Oxley Act (SOX) internal controls compliance, rather than departments such as financial reporting or legal.The survey, conducted by the SOX & Internal Controls Professionals Group, finds that 46 percent of respondents report that internal audit is in charge of managing the SOX internal controls compliance function, a 5 percent increase from last year, and up from the 32 percent who said internal audit handled it in 2016. There is also an increase in the use of a dedicated SOX/IC compliance team. About a third of respondents say SOX is now headed by a dedicated team, up from 25 percent last year.
Audit committees are key to public confidence in a company's financial reporting. The responsibilities of audit committees and importance of their composition and involvement was reinforced in 2014 by the Audit Regulation and Amending Directive.
On 12 September 2019, the Quoted Companies Alliance (QCA) published its new and updated Audit Committee Guide, which replaces the November 2014 version. The Guide is intended to assist audit committee members and audit committee chairs in their roles and sits alongside the QCA Corporate Governance Code.
Corporate Governance Lapses Key to Nissan's SEC Fines
news.bloomberglaw.com
Sept. 25, 2019
Why did Nissan Motor Co., Ltd. pay $15 million in fines for the misconduct of its CEO? Nissan's lax corporate governance paved the way for the wrongdoing.
On September 23, Nissan, the Japanese automaker listed on the Tokyo Stock Exchange, agreed
to pay $15 million to settle SEC fraud charges stemming from an alleged compensation scheme involving former CEO Carlos Ghosn. Ghosn's alleged misconduct is shocking: the Commission charged that Ghosn engaged in a scheme to conceal more than $90 million of compensation from public disclosure and to increase his retirement allowance by more than $50 million. Nearly as disturbing are the failures of Nissan's corporate governance and internal control structures to prevent the misconduct or to reveal the fraud for nearly a decade.
SOX Doesn't Mean Secure: Avoid Compliance Complacency To Keep Your Enterprise Safe
BY Jay Chaudhry
forbes.com
Sep 24, 2019
The legislation was crafted with the best of intentions. Some 17 years ago, the U.S. federal government enacted the Sarbanes-Oxley Act to create better controls for and increase the visibility of financial operations. Sarbanes-Oxley - or SOX, in common vernacular - regulates the reporting behavior of public companies (and their supply-chain partners) doing business in the U.S. But when it comes to information security, by today's standards, SOX falls short. Organizations that conflate SOX compliance with security will find themselves dangerously vulnerable to cyberattack.
House Passes PCAOB Whistleblower Protection Act of 2019
natlawreview.com
September 24, 2019
Today the House passed the PCAOB Whistleblower Protection Act of 2019 (PCAOB WPA) by voice vote. If enacted into law, the PCAOB WPA would establish a whistleblower reward program at the PCAOB similar to the SEC whistleblower program and would protect whistleblowers against retaliation for disclosing violations of PCAOB rules or federal securities laws, including the Sarbanes Oxley Act.
Fraud is a more serious crime than most people realise. It can be defined as the use of deception with the intention of "obtaining an advantage" or as "causing loss to another party". The term encompasses a wide variety of corrupt, deceptive or unethical behaviours.
As the definition underlines, the most important element of fraud is "intention". Proving intent in either the civil or criminal context is inherently difficult. However, in Malaysia, there is no such crime called fraud. The Penal Code does not define the word "fraud" but only provides for the following "fraudulent" offences which require "dishonesty" as an essential element in cheating, criminal breach of trust, criminal misappropriation and theft. The word "dishonesty" is defined in Section 24 of the Penal Code as an "intention of causing wrongful gain or wrongful loss to the other party" whereas Section 25 says, in respect of "fraudulently", that "a person is said to do a thing fraudulently if he does that thing with intent to defraud, but not otherwise". Fraud carries a huge financial cost to the economy. A recent report by the Association of Certified Fraud Examiners (ACFE) indicates that the total loss caused by fraud cases exceeded US$6.3 billion. According to the 2018 ACFE Report to Nations - a global analysis of the costs and effects of occupational fraud - an organisation typically loses about five per cent of its annual revenue to fraud each year.Malaysia lost RM47 billion in gross domestic product value to corruption last year alone. The Global Economic Crime and Fraud Survey 2018: Malaysia Report reveals that 41 per cent of Malaysian companies reported experiencing economic crime in the last two years, up from 28 per cent in 2016.
Good corporate governance necessary for building trust in corporate Malaysia
by
Arjuna Chandran Shankar
theedgemarkets.com September 24, 2019
TRUST is a valuable commodity, and it permeates everything from a boardroom decision involving a merger and acquisition to the simplest act of making a promise to call your loved ones.
Any decision, especially one made by a boardroom, needs to ensure that stakeholder trust is present and that it will not lead to unnecessary and excessive risks. Malaysia is currently facing a trust deficit that is cutting across both public and private sectors - a quick glance at the headlines is evidence of that.This trust deficit is due to the abuse of trust and has to be rectified through good corporate governance.According to Institute of Corporate Directors Malaysia (ICDM) chairman Tan Sri Zarinah Anwar, trust deficits can be combated through good corporate governance, particularly at the boardroom level.
Data-measurement firm Comscore settles fraud charges with the SEC
By Associated Press
latimes.com
Sep 24, 2019
Data-measurement firm Comscore has settled fraud charges with the Securities and Exchange Commission and will pay a $5-million penalty. Its former CEO, Serge Matta, will also pay $700,000 and give Comscore back $2.1 million from his pay and sales of company stock. He is also barred from serving as an officer or director of a public company for a decade. Comscore and Matta did not admit or deny the SEC's charges. The commission said Tuesday that Comscore fraudulently inflated its revenue by $50 million from February 2014 to February 2016, which helped it beat Wall Street analysts' sales estimates for seven quarters.
Learn from the past, set vivid, detailed goals for the future, and live in the only moment of time over which you have any control: now.
Denis Waitley
Help Keep Everyone Informed...
If you see a news story concerning internal control or corporate governance that you feel is important for other professionals to know please send it to us .
ABOUT ICI
The Internal Control Institute™ (ICI) is a worldwide organization devoted exclusively to internal control and corporate governance. The Institute is dedicated to the development of world-class educational programs and best practice guidelines on internal control and corporate governance, based on the Sarbanes-Oxley Act and the COSO internal control framework. Visit us on the web at the Internal Control Institute
Control Chatter is a monthly news summary of the top stories concerning internal control and corporate governance. Control Chatter is prepared by the staff of Internal Control Institute for the benefit of their members and associates. Please consider it for your personal use or pass it on to associates who may have an interest in one or more of the topics by clicking on the Forward email button below.
ICI has entered into an agreement with Internal Control Institute of Botswana (ICI Botswana":) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in this territory. ICI Botswana will be responsible for all development activities in this area, including professional training and Certification. Individuals or companies interested in internal control training or Certification should contact:
