Start becoming an Internal Control professional today!
The ICI "Certification Series" has been completely updated and is available online to everyone around the world! Course content prepares individuals to design and/or assess internal control and to assist management in installing internal control processes. In addition, the series prepares candidates for the Certified Internal Control Specialist (CICS) Examination.
The Internal Control Institute has developed a CICS Common Body of Knowledge Mini-Assessment that helps an individual determine their knowledge as it relates to governance and control practices. Results point out areas of knowledge that may require additional training and experience. The assessment also provides a measurement to the individual's readiness for CICS certification. The assessment measures core knowledge in eight critical areas including: Internal Control - Principles, Terms and Concepts, Internal Control Environment, Risk Management, Assessing Application Controls, Business System Control Assessment, Risk Assessment, Internal Control Measurement and Reporting, and Governance Practices
Dr. Michael Pregmon, Jr. COO and Managing Director
Good internal control in an organization requires managing risks effectively. The overall management of risks in all organizations is a lofty challenge. This involves money and resources. Typically, organizations cannot afford to protect from all threats and risks 100%. Consequently, the risk management process involves compromises. In fact, high cost threats may go unprotected if the risk probability of that threat is very low. And, determining the priority of all risks is the quintessential test of an internal control professional. But, this is the beginning.
Organizations, however, have various areas and activities to consider beyond the financial impact's need for good internal control. Internal control professionals recognize that there are tools available to analyze and rank financial activities/internal audit. However, few tools are available to assist professionals to analyze risks in some other areas such as COSO and ISO. But the tools that have been available have limited integration alternatives for all three GRC (government risk and compliance) requirements - COSO, ISO, and Internal Audit. Further, many of the software platforms available are often too costly for the small business operator, family owned company, and even some medium sized companies.
The Institute recently became aware of a new internal control software platform and tool. It likely will be useful to banks, financial institutions and government agencies as well, in addition to the smaller operator. It is extremely more cost effective compared to other internal control software platforms available. And, it is fully integrated for risk assessment in the three areas identified above that is not currently available in one integrated package. Most importantly, it helps to comply with regulations, establish, monitor and report systems of risk management.
REMEMBER - good internal control in an organization starts with effective risk management!
HELP US IMPROVE INTERNAL CONTROL SYSTEMS WORLDWIDE
The Internal Control Institute™ (ICI) improves organizational Internal Control worldwide by providing training, products and services and individual Professional Certifications recognized internationally. The Institute's Board of Advisors has determined it would like to further expand into areas where it is not directly represented. ICI provides world-class programs and its intellectual property to affiliates free of charge and shares all program revenue with them. If your organization is interested in partnering with ICI to earn revenue while you contribute to the development of the internal control profession worldwide please contact Dr. Michael Pregmon, Jr., Chief Operations Officer, by email at:
email@example.com or by phone at
727-538-4113in the USA.
ICI Affiliate News:
The Internal Control Institute is conducting certification training in a classroom format for the internationally recognized CICS (Certified Internal Control Specialist) certification in internal control. Information on these programs regarding dates and schedules can be found on the Events tab on our Website or directed to the affiliate named below:
ICI has entered into an agreement with Internal Control Institute of Botswana (ICI Botswana":) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in this territory. ICI Botswana will be responsible for all development activities in this area, including professional training and Certification. Individuals or companies interested in internal control training or Certification should contact:
In partnership with IIA-Bel, ICIB started a series of lunch workshops about how the various principles of the COSO 2013 can be developed in the organizations.
Each session contains a one hour discussion on the adequate design of the IC system component, illustrated by ICIB, and 1 hour discussion about the evaluation / audit of this component by an IIA-Bel representative. After completion of the 6 workshops, a summary of the findings will be published in a White Paper issued by both institutions. Given the success of these sessions, a second series of workshops will be organized later this year.
Better Business Governance - APAC PTE LTD (BBG) has become a representative for Products, Services and Internal Control Certifications (CICS/CICP) in Myanmar and Cambodia.
Better Business Governance will be responsible for all development activities, including professional training and Certification. For more information on upcoming activities in this area please contact:
ICI has entered into an agreement with GRC Consultancy Pte Ltd. (ICI Singapore, Malaysia, Indonesia and Taiwan) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in those territories.
Individuals or companies interested in internal control training or Certification should contact:
CICS Training course to be held in HCM City over 4 days:
25 & 26 May and 1 & 2 June 2019
CICS examinations to be held in Vietnam:
11 April 2019
27 June 2019
12 September 2019
19 December 2019
For more information on upcoming activities in Vietnam please contact: NGUYEN THANH TUNG (MBA. M.Eng, PhD.) Director, FMIT Institute of Financial Management & Information Technology, Level 5, 126 Nguyen Thi Minh Khai Street, Ward 6, District 3, HCMC, Viet Nam
Each month the staff of The Internal Control Institute reviews hundreds of articles related to Internal Control and Corporate Governance. Here are brief summaries of some of the top articles (along with links to the original article) that may be of interest to you.
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) released Enterprise Risk Management-Integrating Strategy with Performance in September 2017 to emphasize the importance of enterprise risk management (ERM) in strategic planning, as well as the necessity of incorporating risk management throughout an organization. Much of COSO's thought leadership on ERM has stemmed from a survey that it conducted in 2010, which found that only 28% of respondents believed their organization's implementation was "systematic, robust, and repeatable" or was regularly reported to their board of directors. COSO partnered with PricewaterhouseCoopers for the 2017 updates, and some of the great free resources provided on both COSO's and PricewaterhouseCoopers's websites are presented in this month's column.
Three lines of defence to help with managing the risks in decision-making
April 4, 2019
Regulatory reviews of organisational failings inevitably focus on why risks were not effectively identified, measured, monitored or managed. The risks are the same for policy-makers. The Three Lines of Defence model for risk-management is a way to ensure policy doesn't fail.
Increased use of technology, new ways of working and changing regulatory and stakeholder expectations are creating new stresses on how risk is considered in decision-making.
Regulatory reviews repeatedly highlight lack of clarity around governance and risk-management responsibilities and capabilities, plus weak risk culture, as the underlying causes of organisational misconduct. Consequently, how well (i.e., clearly) the roles and responsibilities for risk are expressed and monitored is under increased scrutiny for their effect on organisational effectiveness.
Take this quiz to find out how much you know about how the CGMA Business Model Framework helps boards, senior executives, and support staff gain an understanding of their organisation's business model at a time of change.
In the intro to the 32-page document, the CAQ makes clear that "
audit committees should regularly evaluate the external auditor ... in order to make an informed recommendation to the board whether to retain the [audit firm]." An assessment should be conducted "at least annually," according to the CAQ.
Business students gathered in the Gentile Gallery to learn about the do's and don'ts of good business ethics at 5 p.m. on Monday, April 1.
In his talk titled "Why good people do bad things," Doug Perry, who graduated from Cornell University with a degree in law and who is on the advisory board for the business department, laid out the ground rules and proper ethics managers do not often consider when running a business."Most people think that they would never act unethically in the business world, especially coming out of Franciscan," said Perry, opening his talk with the main dilemma at hand. He advised that companies should not talk about the rules but about ethics.
The well-known fraud triangle framework includes three distinct components-perceived pressures, perceived opportunities, and rationalizations-but until recently very little was known about perpetrators' rationalizations. The authors discuss the verbalizations used by fraud perpetrators to convince themselves that they are doing nothing wrong, as well as how fraud-related theories from the social sciences can inform the accounting profession. They argue that understanding the techniques that allow fraudsters to justify their crimes may prove to be the missing piece of the fraud prevention puzzle, and that better understanding of rationalizations could help corporate governance experts and auditors strengthen their antifraud programs.
When it comes to occupational fraud, corporate corruption and financial statement fraud; they make headlines. But, the most common type of fraud-and most likely to affect your company-is asset misappropriation. Asset misappropriation, which includes cash and inventory theft schemes, occurs in more than 83 percent of all reported fraud cases. The most common type of asset misappropriation frauds are billing schemes and the costliest type is check tampering. The good news? Discovering the crimes and recovering stolen assets can be aided through forensic accounting along with artificial intelligence.
On Aug. 22, 2001, Enron vice president Sherron Watkins presented CEO Ken Lay with documents and a summary of facts regarding the Houston-anchored energy company's accounting problems. The scandal would eventually bring down Enron.
Watkins thought Lay would consult with accounting and legal experts and realize Enron had manipulated its financial statements and likely committed fraud. She also expected her boss would form a crisis management team, figure out the salvageable business lines and brace for a financial tsunami. Of course, Lay took no such actions. Enron soon imploded, declaring bankruptcy on Dec. 2, 2001, and cemented itself in the annals of corporate America as a classic case of greed and hubris.
Legal and accounting responsibilities may not be a high priority for the bootstrapped start-up, due to inadequate human resources or financial capacity. Things heat up when investors' requests need to be suitably accommodated, vendors default on contracts, and ESOPs need to be negotiated. So how can start-ups establish discipline within accounting, finance, and legal realms without diluting the focus on problem-solving, strategy and operations?
Are only mature companies required to focus on regulatory requirements?
Corporate governance requirements are dynamic, evolving, and should be commensurate with the size and scale of the start-up. In the early stages, the start-up may need assistance in incorporation, in choosing the most efficient corporate structure or in understanding the benefits and process of registering with the DIPP.
As the start-up gains traction, builds a team and earns revenue, GST registration and compliance with labor laws become important. Fund-raising can be made seamless with the right choice of financial instruments, expertise in negotiating term sheets and an understanding of valuation. Policies to prevent money laundering, bribery and employee harassment need to be considered by maturing start-ups.
Time management is an oxymoron. Time is beyond our control, and the clock keeps ticking regardless of how we lead our lives. Priority management is the answer to maximizing the time we have.
John C. Maxwell
Help Keep Everyone Informed...
If you see a news story concerning internal control or corporate governance that you feel is important for other professionals to know please send it to us .
The Internal Control Institute™ (ICI) is a worldwide organization devoted exclusively to internal control and corporate governance. The Institute is dedicated to the development of world-class educational programs and best practice guidelines on internal control and corporate governance, based on the Sarbanes-Oxley Act and the COSO internal control framework. Visit us on the web at the Internal Control Institute
Control Chatter is a monthly news summary of the top stories concerning internal control and corporate governance. Control Chatter is prepared by the staff of Internal Control Institute for the benefit of their members and associates. Please consider it for your personal use or pass it on to associates who may have an interest in one or more of the topics by clicking on the Forward email button below.