Start becoming an Internal Control professional today!
The ICI "Certification Series" has been completely updated and is available online to everyone around the world! Course content prepares individuals to design and/or assess internal control and to assist management in installing internal control processes. In addition, the series prepares candidates for the Certified Internal Control Specialist (CICS) Examination.
The Internal Control Institute has developed a CICS Common Body of Knowledge Mini-Assessment that helps an individual determine their knowledge as it relates to governance and control practices. Results point out areas of knowledge that may require additional training and experience. The assessment also provides a measurement to the individual's readiness for CICS certification. The assessment measures core knowledge in eight critical areas including: Internal Control - Principles, Terms and Concepts, Internal Control Environment, Risk Management, Assessing Application Controls, Business System Control Assessment, Risk Assessment, Internal Control Measurement and Reporting, and Governance Practices
Dr. Michael Pregmon, Jr. COO and Managing Director
In our previous publications we reported that internal control managers need only do four things very well for success. These are: planning, organizing, leading and controlling. In this presentation, we will briefly cover the most important part of the organizing activity of the internal control manager.
Most people who manage an activity, department or function are primarily involved with the organization integrity for their area of responsibility. This is not the case of the internal control manager. Typically the IC manager is responsible for the organization integrity of the internal control department - if there is one. Internal control, as a specific professional area, is still in its infancy. Nevertheless, the IC manager's responsibility extends beyond the IC department.
The internal control manager has a "quasi" responsibility for internal control throughout the company. This is true even though he/she does not have a direct reporting relationship for all employees. Remember, the COSO (Committee Of Sponsoring Organizations of the Treadway Commission) states that although the ultimate responsibility for control rests with the entity's board of directors, all employees are responsible for internal control in their specific activity. This organization environment places a special accountability upon the internal control manager.
Because of the above functional relationships, the IC manager must ensure that all internal control activity throughout the company is effectively executed. This is a most challenging charge. The internal control manager has only a quasi-supervisory role for internal control without a direct supervisory relationship in other parts of the business. As such, the IC manager has no direct organization authority over those who share the internal control accountability in their respective activities. This requires special competence for effective professional success.
The Internal Control Common Body of Knowledge (CBOK) includes a synopsis of the organizational environment in section 2.2.2. It explains that an effective organizational structure gives consideration to four important items for an entity's internal control effectiveness. These are:
Personnel competence - the ability to discharge the responsibilities
Delegation of responsibility and authority - such as business objectives, financial reporting standards, regulatory requirements, etc.
Budget and financial performance - to be able to discharge the assigned responsibilities
Checks and balances - separate incompatible activities from control by any single individual or unit.
Is your business organized for internal control effectiveness?
HELP US IMPROVE INTERNAL CONTROL SYSTEMS WORLDWIDE
The Internal Control Institute™ (ICI) improves organizational Internal Control worldwide by providing training, products and services and individual Professional Certifications recognized internationally. The Institute's Board of Advisors has determined it would like to further expand into areas where it is not directly represented. ICI provides world-class programs and its intellectual property to affiliates free of charge and shares all program revenue with them. If your organization is interested in partnering with ICI to earn revenue while you contribute to the development of the internal control profession worldwide please contact Dr. Michael Pregmon, Jr., Chief Operations Officer, by email at:
firstname.lastname@example.org or by phone at
727-538-4113in the USA.
ICI Affiliate News:
The Internal Control Institute is conducting certification training in a classroom format for the internationally recognized CICS (Certified Internal Control Specialist) certification in internal control. Information on these programs regarding dates and schedules can be found on the Events tab on our Website or directed to the affiliate named below:
ICI has entered into an agreement with Internal Control Institute of Botswana (ICI Botswana":) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in this territory. ICI Botswana will be responsible for all development activities in this area, including professional training and Certification. Individuals or companies interested in internal control training or Certification should contact:
Better Business Governance - APAC PTE LTD (BBG) has become a representative for Products, Services and Internal Control Certifications (CICS/CICP) in Myanmar and Cambodia.
Better Business Governance will be responsible for all development activities, including professional training and Certification. For more information on upcoming activities in this area please contact:
ICI has entered into an agreement with GRC Consultancy Pte Ltd. (ICI Singapore, Malaysia, Indonesia and Taiwan) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in those territories.
Individuals or companies interested in internal control training or Certification should contact:
For more information on upcoming activities in Vietnam please contact: NGUYEN THANH TUNG (MBA. M.Eng, PhD.) Director, FMIT Institute of Financial Management & Information Technology, Level 5, 126 Nguyen Thi Minh Khai Street, Ward 6, District 3, HCMC, Viet Nam
Each month the staff of The Internal Control Institute reviews hundreds of articles related to Internal Control and Corporate Governance. Here are brief summaries of some of the top articles (along with links to the original article) that may be of interest to you.
Quiz: How well do you know internal control auditing requirements?
By Deana Thorps, CPA
July 25, 2019
Understanding and evaluating a client's
internal control are crucial to every audit and drive the procedures an auditor performs. However, a 2018 survey of peer reviewers found that over 40% of audits they evaluated didn't comply with auditing standards because auditors didn't properly obtain an understanding of their client's controls.Think you have the internal control requirements under control? Test your knowledge with this quiz.
SEC Charges Former Manufacturing Company Executives With Accounting Fraud The former CEO and two senior sales executives at Power Solutions International played a role in falsely inflating revenue by almost $25 million, the SEC said
By Kristin Broughton
The Securities and Exchange Commission charged three former executives at a Chicago engine manufacturer with allegedly overstating the company's revenue by almost $25 million.Prosecutors charged three former executives at Power Solutions InternationalInc. -Gary Winemaster, Craig Davis and James Needham-with violating internal control, anti-fraud and various other provisions of U.S. securities law. All three men played a role in falsely recording revenue for incomplete sales so that the company could meet analysts' expectations, and then concealing information from the company's auditors, the SEC said Friday. Power Solutions, which makes industrial and heavy-duty engines, materially misstated its financial results between the fourth quarter of 2014 and the fourth quarter of 2015 because of the alleged fraud, according to a complaint filed in federal district court in Chicago.
The roles of various gatekeepers of corporate governance, such as auditors, independent directors and credit rating agencies, has increasingly come under scrutiny as a response to the various financial scandals that shook corporate India - from Satyam to IL&FS, and more recently, in the case of the auditor resigning from Reliance Capital. While the company's management is ultimately responsible for ensuring that the accounts give a true and fair view of its state of affairs, its auditors also play a key role in assessing the accuracy and reliability of such accounts.
The auditor-company relationship has potential for conflicts of interest, where the former is providing more lucrative non-audit services (NAS) to a company that it audits, which could compromise its independence, and by extension, the quality of its audit
Should the Sarbanes-Oxley regime be adopted in the UK?
Sir John Kingman, in his Independent Review of the Financial Reporting Council included as one of his recommendations that the Government should "give serious consideration to the case for a strengthened framework around internal controls in the UK, learning any relevant lessons from operation of the Sarbanes-Oxley (SOX) regime in the US. The pros and cons of such a change should be analysed and consulted upon, giving special consideration to the importance of proportionality in relation to the size of company".
Shareholder efforts to bootstrap FCPA violations into private securities cases meet with mixed success - key takeaways
By:Grayson D. Stratton, John Vukelj, Natasha Kanerva, Elan Gershoni, Rachael Kessler
July 10, 2019
The absence of a private right of action under the Foreign Corrupt Practices Act (FCPA) has motivated plaintiffs' attorneys to pursue indirect legal theories - often in the form of securities class actions, derivative actions, or books and records cases - in an effort to craft a recoverable private claim for corporate bribery. Typically, these attempts have relied on a company's disclosure of a government investigation or statements in a deferred prosecution agreement (DPAs) or settlement agreement between a company and a regulator in which the company admits facts about wrongful conduct and internal control failures. Plaintiffs' attorneys try to capitalize on these often full-throated admissions of wrongdoing to substantiate otherwise skeletal pleadings.
Performing Tests of Internal Controls Using Process Mining What Could Go Wrong?
By Tiffany Chiu, PhD, Helen L. Brown-Liburd, PhD, CPA (inactive) and Miklos A. Vasarhelyi, PhD
Process mining provides a new approach to gathering audit evidence by automatically analyzing the entire population of event logs recorded in a company's IT system. In other words, the company's business processes and the actions taken by its employees are chronologically captured in the event log for analysis. This article aims to explain how auditors can use process mining in the audit process, especially in tests of internal controls over financial reporting. Specifically, the authors use the procure-to-pay cycle as an example of how analysis of event logs provides auditors with unique information that can assist in such tests.
SOX continues to be a demanding journey and is ripe for transformation
For many organizations, most notably large accelerated and accelerated filers, compliance with the Sarbanes-Oxley Act has been a 15-year journey, and an unexpectedly challenging one at that.
Protiviti has been collecting data points and insights on all aspects of SOX compliance activities, costs and challenges for the past 10 years. The results of our decade of research make it clear that this groundbreaking law and the ongoing compliance activities it requires are anything but static and predictable. Numerous influences inside and outside of the enterprise - regulatory pronouncements and enforcement, external auditors' recalibrations in response to the Public Company Accounting Oversight Board (PCAOB) mandates, a steady procession of new accounting and auditing rules, technological disruptions, cyber threats and their influence on the implementation of internal controls, digital transformation, and more - require internal SOX teams to adapt and improve continually.
"The reason many people in our society are miserable, sick, and highly stressed is because of an unhealthy attachment to things they have no control over."
Help Keep Everyone Informed...
If you see a news story concerning internal control or corporate governance that you feel is important for other professionals to know please send it to us .
The Internal Control Institute™ (ICI) is a worldwide organization devoted exclusively to internal control and corporate governance. The Institute is dedicated to the development of world-class educational programs and best practice guidelines on internal control and corporate governance, based on the Sarbanes-Oxley Act and the COSO internal control framework. Visit us on the web at the Internal Control Institute
Control Chatter is a monthly news summary of the top stories concerning internal control and corporate governance. Control Chatter is prepared by the staff of Internal Control Institute for the benefit of their members and associates. Please consider it for your personal use or pass it on to associates who may have an interest in one or more of the topics by clicking on the Forward email button below.