The Internal Control Institute has developed a CICS Common Body of Knowledge Mini-Assessment that helps an individual determine their knowledge as it relates to governance and control practices. Results point out areas of knowledge that may require additional training and experience. The assessment also provides a measurement to the individual's readiness for CICS certification. The assessment measures core knowledge in eight critical areas including: Internal Control - Principles, Terms and Concepts, Internal Control Environment, Risk Management, Assessing Application Controls, Business System Control Assessment, Risk Assessment, Internal Control Measurement and Reporting, and Governance Practices
Start becoming an Internal Control professional today!
The ICI "Certification Series" has been completely updated and is available online to everyone around the world! Course content prepares individuals to design and/or assess internal control and to assist management in installing internal control processes. In addition, the series prepares candidates for the Certified Internal Control Specialist (CICS) Examination.
Online course pricing has been reduced by over 70%
Internal Control "Leading"
By Michael Pregmon, Jr., Ph.D., CICP
Dr. Michael Pregmon, Jr. COO and Managing Director
In this space over the past few months we have been discussing the functions of a manager and specifically what an internal control manager should focus on. Actually, this information pertains to managing any operation. We previously suggested that managers need to do only four things. But, for success these must be accomplished effectively. These are:
(P)lanning
(O)rganizing
(L)eading
(C)ontrolling
The POLC of management
In this brief presentation, we will cover a very short synopsis of the (L) leading activity for the internal control manager in most organizatons.
Interestingly, the "leading" activity is perhaps the one that gets the most attention. This is probably because it is the most interesting. But also, it is the one area that demands constant attention. In most organizations the "people" supervision issue is the most challenging. Consequently, we tend to spend a disproportionate amount of time with this involvement.
The Committee of Sponsoring Organizations (COSO) suggests that internal control is everybody's responsibility in an organization. This becomes a lofty challenge for the organization's IC manager. The internal control manager is the likely individual qualified to provide this knowledge throughout the organization. Most likely, the professional training responsibility falls to the internal control manager.
Training is one of the important responsibilities of all managers. Training requires significant leadership skills for effectiveness. In almost all cases the IC manager does not have direct supervisory responsibility over all associates throughout the organization. Nevertheless, in most organizations, internal control training falls to the IC manager. As a result, the IC manager must work closely with others throughout the company to provide this professional knowledge.
There are many resources available to provide IC training. However, an excellent introductory course provided by the Institute is the "
Internal Control Boot Camp Course." This course is designed for those unfamiliar with the concepts of internal control. It provides a framework for participants to become aware of their control responsibilities within the company.
Control processes installed throughout a company's operations are a necessity for efficiency!
ICI ANNOUNCEMENTS
PARTNERS WANTED:
HELP US IMPROVE INTERNAL CONTROL SYSTEMS WORLDWIDE
The Internal Control Institute™ (ICI) improves organizational Internal Control worldwide by providing training, products and services and individual Professional Certifications recognized internationally. The Institute's Board of Advisors has determined it would like to further expand into areas where it is not directly represented. ICI provides world-class programs and its intellectual property to affiliates free of charge and shares all program revenue with them. If your organization is interested in partnering with ICI to earn revenue while you contribute to the development of the internal control profession worldwide please contact Dr. Michael Pregmon, Jr., Chief Operations Officer, by email at:
mpregmon@internalcontrolinstitute.org or by phone at
727-538-4113in the USA.
ICI Affiliate News:
The Internal Control Institute is conducting certification training in a classroom format for the internationally recognized CICS (Certified Internal Control Specialist) certification in internal control. Information on these programs regarding dates and schedules can be found on the Events tab on our Website or directed to the affiliate named below:
Botswana:
ICI has entered into an agreement with Internal Control Institute of Botswana (ICI Botswana":) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in this territory. ICI Botswana will be responsible for all development activities in this area, including professional training and Certification. Individuals or companies interested in internal control training or Certification should contact:
The dates of the next CICS certification training course originally scheduled to be held in Hangzhou on August 22-25, 2019 conflicts with the time of another professional examination and has been deferred. The next Hangzhou training time is set from September 5 - 8.
Individuals or companies interested in internal control training and Certification should contact:
Better Business Governance - APAC PTE LTD (BBG) has become a representative for Products, Services and Internal Control Certifications (CICS/CICP) in Myanmar and Cambodia.
Better Business Governance will be responsible for all development activities, including professional training and Certification. For more information on upcoming activities in this area please contact:
The CICS exam is now being provided in Arabic. Osool Training and Consulting has courses and testing available in Jordan, Libya, Muscat, Sudan, Qatar, the United Arab Emirates, Kuwait and Palestine.
Training Plan 2019
Certified Internal Control Specialist (CICS) Certification Preparation Programs are scheduled as follows:
Amman, Jordan - August 25 - 2 September 2019
Muscat, Oman - September 29 to 3 October 2019
Interested applicants in the region should contact Osool for scheduling for future programs. For additional information on scheduled ICI Certification and program sessions, please contact:
ICI has entered into an agreement with GRC Consultancy Pte Ltd. (ICI Singapore, Malaysia, Indonesia and Taiwan) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in those territories.
Individuals or companies interested in internal control training or Certification should contact:
For more information on upcoming activities in Vietnam please contact: NGUYEN THANH TUNG (MBA. M.Eng, PhD.) Director, FMIT Institute of Financial Management & Information Technology, Level 5, 126 Nguyen Thi Minh Khai Street, Ward 6, District 3, HCMC, Viet Nam
Each month the staff of The Internal Control Institute reviews hundreds of articles related to Internal Control and Corporate Governance. Here are brief summaries of some of the top articles (along with links to the original article) that may be of interest to you.
Are US corporations about to change their ways?
You know we live in strange times when America's top CEOs are refuting the shareholder capitalism model. That is what happened this week when the Business Roundtable-an association of chief executive officers of leading US companies-published a
statement "on the purpose of a corporation" to
much media fanfare. That vision included providing good jobs, supporting communities where companies work, and protecting the environment. It encourages a new model of corporate governance that respects all corporate stakeholders equally, as opposed to shareholders first. While these commitments are a step forward for corporate America, they cannot just be words on paper. Shareholders and corporate executives tend to be rich men, and the employees, consumers, and community members at the base of corporate supply chains are often women of color. Companies must heed their voices as they implement these commitments. In a time of skyrocketing executive compensation, rising inequality, and climate emergencies, these commitments are long overdue.
Failure to understand internal control when identifying risks was the reason major issues come up at nonprofits 40 percent of the time, according to data from a AICPA Peer Review Program Study. Making sure your accountants and consultants understand remote monitoring and management (RMM) and internal controls is vital. The best practice is to document internal controls so that there can be a complete risk assessment. The issues of internal controls and risk were discussed during the recent AICPA Nor-For-Profit industry conference in National Harbor, Md. The session presenters were Melissa Galasso, CPA, director, audit professional practices, in the Charlotte, N.C., office of Cherry Bekaert and Kris Ray, industry technical leader for Plante Moran in Southfield, Mich. Internal control is designed, implemented and maintained to address identified business risks that threaten achievement of any of the entity's objectives that concern reliability of financial reporting, effectiveness and efficiency of operations and compliance with laws and regulations.
Control weaknesses stem from the inability of an organization to effectively implement its internal controls. Malicious individuals can take advantage of such a situation to bypass even the most seemingly
watertight security measures.
The growing implementation of internal controls, the emergence of new technologies, and the incredible rate with which malware is evolving necessitate the need for closer data security control monitoring. In doing so, it will be easier for organizations to evaluate the effectiveness of internal controls that they have in place. Similarly, it will help expose weaknesses in these controls.
Internal Control Weaknesses: What Are They?
Before you even start thinking about what internal control weaknesses are, you first need to ask yourself what data security control is. Basically, data security control entails keeping sensitive data safe by implementing measures against unauthorized access. Such measures guide risk management programs by helping to counteract, detect, minimize, or avoid the typical security risks that computer systems, data, software, and networks face.
Canada's new DPA regime brings internal Controls to the forefront
By Amina Khoungui
fcpablog.coml
August 22, 2019
Canada's enforcement landscape may be changing. The Canadian legislator appears to be signalling a will to increase enforcement of the Corruption of Foreign Public Officials Act (CFPOA) (as well as other economic crimes) with the September 2018 adoption of the new Canadian Deferred Prosecution Agreement (DPA) regime, also called the Remediation Agreement regime. The Remediation Agreement regime appears to place a greater focus on the importance of internal controls.
EU Commission adopts guidance on dual-use internal compliance programs
jdsupra.com
August 24, 2019
On July 30, 2019, the EU Commission issued guidance on internal compliance programs for dual-use trade controls.
1 The guidance consists of non-binding recommendations on seven "core elements" for an effective dual-use trade control internal compliance program. For each core element, the guidance sets out clear expectations for internal compliance, as well as the necessary steps for implementation.
Earlier this year, AFP (Association of Finance Professionals) published its annual "Payments Fraud and Control Survey," which looks at trends in business payments fraud and what companies are doing to combat them. The news wasn't particularly good. Even though companies are finding some success with increased fraud-prevention efforts, they're having trouble keeping pace. Eighty-two percent of the survey's 628 respondents said their organizations experienced attempted or actual payments fraud in 2018. That represents a nearly a 20% rise in the past five years. We're at a point where it's no longer a question of whether your business will experience fraud, but when. What stands out in this year's report is that criminals keep finding new ways to attack businesses, and they're increasingly attacking large enterprises. No company is immune, and businesses need to find even better ways to safeguard every type of payment along with the payment process itself, because the fraudsters are always one step ahead.
It Turns Out Clients Really Don't Like It When Auditors Call Them Out on Their Sh*t
byADRIENNE GONZALEZ
goingconcern.com
August 22, 2019
In shocking research presented earlier this month at the American Accounting Association's annual meeting in San Francisco, Elizabeth N. Cowle and Stephen P. Rowe of the University of Arkansas have confirmed suspicions that clients shun audit firms with a reputation for being hard-asses.
We examine whether the audit market penalizes auditors for providing investors with value-relevant information that is critical of management (i.e., internal control material weakness (ICMW)). While prior research has examined how the receipt of an ICMW increases the likelihood that a client leaves their auditor, we examine the reputational impact of an office issuing ICMWs by focusing on clients that receive clean internal control opinions. We predict and find that audit offices that issue more ICMWs experience lower client and fee growth. We also find that the decrease is stronger when the ICMW is associated with a more visible client and when the ICMW is more severe. In supplemental analyses we find evidence consistent with clients avoiding auditors with a reputation for issuing ICMWs in their auditor selection decisions. Our results indicate that, on average, the market for audit services penalizes auditors for disclosing information critical of management in their audit opinions, which undermines the value of direct-to-investor auditor communications and provides insight into potential longer-term implications of the recently enacted expanded auditor's report.
Businesses today cannot be separated from their digital assets. Data drives every aspect of business, from strategic decisions to tactical operations, and all that data is stored in, accessed by, and transmitted across networked systems. Keeping cyber risks under control is a critical issue for any company. Even small, non-tech-oriented businesses handle data, use technology, and are interconnected to other (often larger) businesses. Let's say, for example, the business is a local cupcake bakery that runs a limited storefront in Ames, Iowa. To start, the business needs supplies. Most likely, ordering is done through an online supplier. Tracking and processing sales is probably done through a retail-specific SaaS database. Custom orders and deliveries are likely scheduled via an online calendar. Bank accounts need to be set up so that the business can pay and receive electronic payments for suppliers, partners, and employees. Chances are the bakery has a website and uses online channels for marketing, even if e-commerce is not configured.
Address weakness in internal controls on priority, CAG tells I-T Dept
thehindubusinessline.com
July 30, 2019 Published on July 30, 2019
Incorrect assessments point to continuous weakness in internal controls
The Comptroller and Auditor General of India (CAG) has suggested that the government must put in place a foolproof IT system and internal control mechanism to "eradicate" errors of omission and commission in income-tax assessments.
The government may consider the IT system for direct taxes being placed at arms length from the Central Board of Direct Taxes (CBDT), with an independent governmental body or organisation, the CAG has suggested. In its report (9 of 2019) on direct taxes for the year ended March 2018, the CAG has highlighted several cases of "incorrect assessments", which point to continuing weaknesses in the internal controls on the part of income-tax department. This need to be addressed on priority, the CAG report has said.
Five Common Scenarios That Can Lead to a Material Weakness
BY MATT FARRELL
cpapracticeadvisor.com
AUGUST 27, 2019
A material weakness is often the result of deficiencies in one or more of a company's internal controls. Material weaknesses can have damaging effects on a company's credit rating and share price, and lead to higher audit fees and loss of investor confidence. Oftentimes, there is not one simple cause for the material weakness, but rather an aggregation of control deficiencies that could yield a material misstatement in the financial statements. As a result, public companies strive to prevent such deficiencies in internal control. For companies experiencing rapid growth or a period of significant change, however, the risk that controls are not properly designed or operating effectively is significantly heightened. Fortunately, understanding trends in material weaknesses and the common situations where such deficiencies occur provides companies a path to mitigate the related risks. Here are some common scenarios that add significant risk to a company's internal control over financial reporting (ICFR).
"How would your life be different if...You stopped worrying about things you can't control and started focusing on the things you can? Let today be the day...You free yourself from fruitless worry, seize the day and take effective action on things you can change."
Steve Maraboli
Help Keep Everyone Informed...
If you see a news story concerning internal control or corporate governance that you feel is important for other professionals to know please send it to us .
ABOUT ICI
The Internal Control Institute™ (ICI) is a worldwide organization devoted exclusively to internal control and corporate governance. The Institute is dedicated to the development of world-class educational programs and best practice guidelines on internal control and corporate governance, based on the Sarbanes-Oxley Act and the COSO internal control framework. Visit us on the web at the Internal Control Institute
Control Chatter is a monthly news summary of the top stories concerning internal control and corporate governance. Control Chatter is prepared by the staff of Internal Control Institute for the benefit of their members and associates. Please consider it for your personal use or pass it on to associates who may have an interest in one or more of the topics by clicking on the Forward email button below.