top banner

Control Chatter                                                   July 2019
News that Control Professionals Need to Know

 Quick Links
In This Issue
All New Internal Control online courses
ICI Announcements
Article Headline
Quiz: How well do you know internal control auditing requirements?.
SEC Charges Former Manufacturing Company Executives With Accounting Fraud
Watching the watchmen: Evolving role of auditors
Let's Talk About SOX
New U.K. Internal Audit Draft Code Calls for 'Unrestricted' Access
Shareholder efforts to bootstrap FCPA violations into private securities cases meet with mixed success...
Performing Tests of Internal Controls Using Process Mining What Could Go Wrong?
Help Keep Everyone Informed
 Internal Control online courses
ici logo
Start becoming an Internal Control professional today!
The ICI "Certification Series" has been completely updated and is available online to everyone around the world!  Course content prepares individuals to design and/or assess internal control and to assist management in installing internal control processes. In addition, the series prepares candidates for the Certified Internal Control Specialist (CICS) Examination.
To review the course catalog click here: ICI Course Catalog
To register for one or all of the online training programs click here:  
Online course pricing has been reduced by over 70% 
Test your Knowledge of Internal Control
The Internal Control Institute has developed a CICS Common Body of Knowledge Mini-Assessment that helps an individual determine their knowledge as it relates to governance and control practices. Results point out areas of knowledge that may require additional training and experience. The assessment also provides a measurement to the individual's readiness for CICS certification. The assessment measures core knowledge in eight critical areas including: Internal Control - Principles, Terms and Concepts, Internal Control Environment, Risk Management, Assessing Application Controls, Business System Control Assessment, Risk Assessment, Internal Control Measurement and Reporting, and Governance Practices
Internal Control "Organizing"
By Michael Pregmon, Jr., Ph.D., CICP
COO and Managing Director
Dr. Michael Pregmon, Jr.
COO and Managing Director 
In our previous publications we reported that internal control managers need only do four things very well for success. These are: planning, organizing, leading and controlling. In this presentation, we will briefly cover the most important part of the organizing activity of the internal control manager.
Most people who manage an activity, department or function are primarily involved with the organization integrity for their area of responsibility. This is not the case of the internal control manager. Typically the IC manager is responsible for the organization integrity of the internal control department - if there is one. Internal control, as a specific professional area, is still in its infancy. Nevertheless, the IC manager's responsibility extends beyond the IC department.
The internal control manager has a "quasi" responsibility for internal control throughout the company. This is true even though he/she does not have a direct reporting relationship for all employees. Remember, the COSO (Committee Of Sponsoring Organizations of the Treadway Commission) states that although the ultimate responsibility for control rests with the entity's board of directors, all employees are responsible for internal control in their specific activity. This organization environment places a special accountability upon the internal control manager.
Because of the above functional relationships, the IC manager must ensure that all internal control activity throughout the company is effectively executed. This is a most challenging charge. The internal control manager has only a quasi-supervisory role for internal control without a direct supervisory relationship in other parts of the business. As such, the IC manager has no direct organization authority over those who share the internal control accountability in their respective activities. This requires special competence for effective professional success.
The Internal Control Common Body of Knowledge (CBOK) includes a synopsis of the organizational environment in section 2.2.2. It explains that an effective organizational structure gives consideration to four important items for an entity's internal control effectiveness. These are:
  1. Personnel competence - the ability to discharge the responsibilities
  2. Delegation of responsibility and authority - such as business objectives, financial reporting standards, regulatory requirements, etc.
  3. Budget and financial performance - to be able to discharge the assigned responsibilities
  4. Checks and balances - separate incompatible activities from control by any single individual or unit.
Is your business organized for internal control effectiveness?

The Internal Control Institute™ (ICI) improves organizational Internal Control worldwide by providing training, products and services and individual Professional Certifications recognized internationally. The Institute's Board of Advisors has determined it would like to further expand into areas where it is not directly represented. ICI provides world-class programs and its intellectual property to affiliates free of charge and shares all program revenue with them. If your organization is interested in partnering with ICI to earn revenue while you contribute to the development of the internal control profession worldwide please contact Dr. Michael Pregmon, Jr., Chief Operations Officer, by email at: or by phone at 727-538-4113   in the USA. 

ICI Affiliate News:

The Internal Control Institute is conducting certification training in a classroom format for the internationally recognized CICS (Certified Internal Control Specialist) certification in internal control. Information on these programs regarding dates and schedules can be found on the Events tab on our Website or directed to the affiliate named below:

ICI has entered into an agreement with Internal Control Institute of Botswana (ICI Botswana":) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in this territory. ICI Botswana will be responsible for all development activities in this area, including professional training and Certification.  Individuals or companies interested in internal control training or Certification should contact:
Contact: Humphrey Chawafambira

Training Plans :

Sao Paulo - August 8 to 14, 2019
Recife - September 2 to 7, 2019
Belo Horizonte - October 14 to 18, 2019

For more details on planned training please on the website below, or send a message to Mr. Eduardo Person PardiniEmail:

CICS training classes were completed in Beijing and Hangzhou China in June 2019.

Training Schedule: Beijing, 18 - 21 September 2019

Individuals or companies interested in inter nal control training and Certification should contact:  
Mr. Qiu Jianting
Room 1039, Block A, Jinmao Building, No. 18, 
Xizhimenwai Street,
Xicheng District, Beijing, China
Zip Code: 100044
Mobile phone: 13810588109


Training Plans :

CICS Training in Dutch in Brussels, Belgium will take place in seven sessions over the period 4 October 2019 to 10 January 2020.  

For more information on scheduled training and exams please contact Mr.Yves Dupont of ICI Belgium at: 
For more information on upcoming activities in this area please contact Mr. Summit Goyal of  ICI India at :
Phone: +91 9810575613

Myanmar and Cambodia:
Better Business Governance - APAC PTE LTD (BBG) has become a representative for Products, Services and Internal Control Certifications (CICS/CICP) in Myanmar and Cambodia.  Better Business Governance will be responsible for all development activities, including professional training and Certification.  For more information on upcoming activities in this area please contact:
Better Business Governance
Mr. Sanjeev Gathani
1 Claymore Drive
#08-14, Orchard Towers (Rear Block)
Singapore 229594
For more information on upcoming activities in this area please contact the following:
Antonio Salas Hernandez CICP,  Email: 
Joaquin Prendes Herrera, Email: 

Middle East:
The CICS exam is now being  provided in Arabic.  Osool Training and Consulting has courses and testing available in Jordan, Libya, Muscat, Sudan, Qatar, the United Arab Emirates, Kuwait and Palestine. 

Training Plan 2019
Certified Internal Control Specialist (CICS) Certification Preparation Programs are scheduled as follows:

Amman, Jordan - August 25 - 2 September 2019
Muscat, Oman - September 29 to 3 October 2019

Interested applicants in the region should contact Osool for scheduling for future programs.  For additional information on scheduled ICI Certification and program sessions, please contact:
Lina Salameh
Assistant General Manager
O SOOL for Training & Consulting
Mob Oman:  +968 95 98 98 20
Mob Jordan: +962 7 99589666
Tel:   +962 6 5927171 Ext. 107
Fax:  +962 6 5927172

Leadway Consulting conducts CICS training sessions and examinations in Nigeria. For more information on upcoming activities in Nigeria  please contact:
Mr.  Joel Aluko


For more information on activities in Pakistan individuals or companies should contact : Muhammad Farooq Hammodi


CICS Examination to be held in Bucharest on 6 December 2019
CICS Training Course to be held in Bucharest from 28 to 30 October 2019

For more information on activities in Romania contact : Cosmin Serbanescu at the National Institute for Internal Control in Romania.
Tel:  + 40 752 525 525


Singapore, Malaysia, Indonesia and Taiwan:
ICI has entered into an agreement with GRC Consultancy Pte Ltd. (ICI Singapore, Malaysia, Indonesia and Taiwan) as its representative for Products, Services and Internal Control Certifications (CICS/CICP) in those territories.  

Individuals or companies interested in internal control training or Certification should contact:
General enquiries for all 4 markets -
Singapore - Mr. Bob Seetoh -
MalaysiaMr. Melvin
IndonesiaMr. Barry Dingga -
Taiwan - Ms. Mickey Tai -


        CICS Training course to be held in Istanbul 28 and 29 September 2019.

For detailed information on scheduled ICI Certification and program sessions, please contact ICI Turkey  below:

Ms. Ilknur Tunc,  VP -
Dr. Bertan Kaya -
GOP Mahallesi, İran Caddesi, Karum İs Merkezi
No:21, D Blok, 4. Kat, D:398-399

+90 (312) 4425015 T
+90 (533) 4474444 D
CICS examinations to be held in Vietnam: 

12 September 2019
19 December 2019

For more information on upcoming activities in Vietnam please contact: NGUYEN THANH TUNG (MBA. M.Eng, PhD.) Director, FMIT Institute of Financial Management & Information Technology,  Level 5 , 126 Nguyen Thi Minh Khai Street, Ward 6, District 3, HCMC, Viet Nam
Office: 848 3803 5020 - 848 3512 9371 - 848 3512 7652

For more information on activities being planned please contact:
Mr. Proctor Nyemba at:

Internal Control Chatter  
Each month the staff of The Internal Control Institute reviews hundreds of articles related to Internal Control and Corporate Governance. Here are brief summaries of some of the top articles (along with links to the original article) that may be of interest to you.
Quiz: How well do you know internal control auditing requirements?
By Deana Thorps, CPA
July 25, 2019
Understanding and evaluating a client's  internal control are crucial to every audit and drive the procedures an auditor performs. However, a 2018 survey of peer reviewers found that over 40% of audits they evaluated didn't comply with auditing standards because auditors didn't properly obtain an understanding of their client's controls.Think you have the internal control requirements under control? Test your knowledge with this quiz.
SEC Charges Former Manufacturing Company Executives With Accounting Fraud The former CEO and two senior sales executives at Power Solutions International played a role in falsely inflating revenue by almost $25 million, the SEC said

The Securities and Exchange Commission charged three former executives at a Chicago engine manufacturer with allegedly overstating the company's revenue by almost $25 million. Prosecutors charged three former executives at  Power Solutions International   Inc.  -Gary Winemaster, Craig Davis and James Needham-with violating internal control, anti-fraud and various other provisions of U.S. securities law. All three men played a role in falsely recording revenue for incomplete sales so that the company could meet analysts' expectations, and then concealing information from the company's auditors, the SEC said Friday.  Power Solutions, which makes industrial and heavy-duty engines, materially misstated its financial results between the fourth quarter of 2014 and the fourth quarter of 2015 because of the alleged fraud, according to a complaint filed in federal district court in Chicago.
Watching the watchmen: Evolving role of auditors
By Rachael Israel and Jagriti Mohata
The roles of various gatekeepers of corporate governance, such as auditors, independent directors and credit rating agencies, has increasingly come under scrutiny as a response to the various financial scandals that shook corporate India - from Satyam to IL&FS, and more recently, in the case of the auditor resigning from Reliance Capital. While the company's management is ultimately responsible for ensuring that the accounts give a true and fair view of its state of affairs, its auditors also play a key role in assessing the accuracy and reliability of such accounts.  The auditor-company relationship has potential for conflicts of interest, where the former is providing more lucrative non-audit services (NAS) to a company that it audits, which could compromise its independence, and by extension, the quality of its audit
Let's Talk About SOX
by Peter Swabey
19 June 2019 
Should the Sarbanes-Oxley regime be adopted in the UK?
Sir John Kingman, in his Independent Review of the Financial Reporting Council included as one of his recommendations that the Government should "give serious consideration to the case for a strengthened framework around internal controls in the UK, learning any relevant lessons from operation of the Sarbanes-Oxley (SOX) regime in the US. The pros and cons of such a change should be analysed and consulted upon, giving special consideration to the importance of proportionality in relation to the size of company".
New U.K. Internal Audit Draft Code Calls for 'Unrestricted' Access
By Joseph McCafferty
July 15, 2019 
T he professional association for internal auditors in the United Kingdom and Ireland has issued a draft version today of a new "Code of Practice" that is says will promote more extensive access for internal auditors.  The  draft , issued by the Chartered Institute of Internal Auditors, is intended to strengthen corporate governance among member's organizations and to "help reduce the risk of major corporate collapses by boosting the status, standards, scope, and skills of internal audit," the group said in a  press statement  on the proposed code. 
Shareholder efforts to bootstrap FCPA violations into private securities cases meet with mixed success - key takeaways
By:Grayson D. Stratton, John Vukelj, Natasha Kanerva, Elan Gershoni, Rachael Kessler
July 10, 2019
The absence of a private right of action under the Foreign Corrupt Practices Act (FCPA) has motivated plaintiffs' attorneys to pursue indirect legal theories - often in the form of securities class actions, derivative actions, or books and records cases - in an effort to craft a recoverable private claim for corporate bribery. Typically, these attempts have relied on a company's disclosure of a government investigation or statements in a deferred prosecution agreement (DPAs) or settlement agreement between a company and a regulator in which the company admits facts about wrongful conduct and internal control failures. Plaintiffs' attorneys try to capitalize on these often full-throated admissions of wrongdoing to substantiate otherwise skeletal pleadings.
Performing Tests of Internal Controls Using Process Mining What Could Go Wrong?  
By  Tiffany Chiu, PhD, Helen L. Brown-Liburd, PhD, CPA (inactive) and Miklos A. Vasarhelyi, PhD
Process mining provides a new approach to gathering audit evidence by automatically analyzing the entire population of event logs recorded in a company's IT system. In other words, the company's business processes and the actions taken by its employees are chronologically captured in the event log for analysis. This article aims to explain how auditors can use process mining in the audit process, especially in tests of internal controls over financial reporting. Specifically, the authors use the procure-to-pay cycle as an example of how analysis of event logs provides auditors with unique information that can assist in such tests.
Benchmarking SOX Costs, Hours and Controls
SOX continues to be a demanding journey and is ripe for transformation
For many organizations, most notably large accelerated and accelerated filers, compliance with the Sarbanes-Oxley Act has been a 15-year journey, and an unexpectedly challenging one at that. Protiviti has been collecting data points and insights on all aspects of SOX compliance activities, costs and challenges for the past 10 years. The results of our decade of research make it clear that this groundbreaking law and the ongoing compliance activities it requires are anything but static and predictable. Numerous influences inside and outside of the enterprise - regulatory pronouncements and enforcement, external auditors' recalibrations in response to the Public Company Accounting Oversight Board (PCAOB) mandates, a steady procession of new accounting and auditing rules, technological disruptions, cyber threats and their influence on the implementation of internal controls, digital transformation, and more - require internal SOX teams to adapt and improve continually.
Control Quotes
"The reason many people in our society are miserable, sick, and highly stressed is because of an unhealthy attachment to things they have no control over." 
Steve Maraboli
Help Keep Everyone Informed...
If you see a news story concerning internal control or corporate governance that you feel is important for other professionals to know please send it to us .
ici logo The Internal Control Institute™ (ICI) is a worldwide organization  devoted exclusively to internal control and corporate governance. The Institute is dedicated to the development of world-class educational programs and best practice guidelines on internal control and corporate governance, based on the Sarbanes-Oxley Act and the COSO internal control framework.  Visit us on the web at the Internal Control Institute
Control Chatter is a monthly news summary of the top stories concerning internal control and corporate governance.  Control Chatter is prepared by the staff of Internal Control Institute for the benefit of their members and associates. Please consider it for your personal use or pass it on to associates who may have an interest in one or more of the topics by clicking on the Forward email button below.