book

Enterprise Risk Management Best Practices: From Assessment to Ongoing Compliance

Name: Enterprise Risk Management Best Practices: From Assessment to Ongoing Compliance
Author: Anne M. Marchetti
ISBN: 9780470917404

by Anne M. Marchetti

October 2011

Intermediate to advanced

180 pages

4h 31m

English

Wiley

Read now

Unlock full access

Cover
Endorsenment
Title Page
Copyright
Dedication
Preface
CHAPTER ONE: Overview of Enterprise Risk Management
ERM INTRODUCTIONGUIDANCE: HISTORY AND RELATIONSHIPORGANIZATION VIEWERM TODAYINCREASED PRESSURE TO MANAGE RISKADDITIONAL EVIDENCEPERCEIVED BARRIERS TO RISK MANAGEMENTBUILDING THE BUSINESS CASE FOR ERM: VALUE AND BENEFITSKEYS TO SUCCESSSUMMARYNOTES
CHAPTER TWO: Corporate Governance and Roles and Responsibilities
BOARD BEHAVIORCORPORATE CULTUREROLES AND RESPONSIBILITIESSUMMARY
CHAPTER THREE: ERM Defined
DEFINITIONS AND CONCEPTSRISK CATEGORIESINTERNAL ENVIRONMENTSUMMARYNOTE
CHAPTER FOUR: The ERM Process: Step by Step
STEP 1: STRATEGY AND OBJECTIVE DEFINITIONSTEP 2: EVENT IDENTIFICATIONSTEP 3: RISK ASSESSMENTSTEP 4: RISK RESPONSESTEP 5: COMMUNICATIONSTEP 6: MONITORINGOVERSIGHTSUMMARYNOTES

CHAPTER FIVE: COSO Framework and Financial Controls
FOCUS ON FINANCIAL CONTROLSCONTROL ENVIRONMENTINTEGRITY AND ETHICAL VALUESBOARD OF DIRECTORSMANAGEMENT's PHILOSOPHY AND OPERATING STYLEORGANIZATIONAL STRUCTUREFINANCIAL REPORTING COMPETENCIESAUTHORITY AND RESPONSIBILITYHUMAN RESOURCESSUMMARYNOTES
APPENDIX FIVE A: Excerpt from a Code of Ethics Policy
OUR GUIDING PRINCIPLES AND VALUESCONFLICTS OF INTERESTCONFIDENTIAL INFORMATION; INTELLECTUAL PROPERTY
APPENDIX FIVE B: Whistleblower Program
REPORTS REGARDING ACCOUNTING MATTERSINVESTIGATION OF SUSPECTED VIOLATIONSDISCIPLINE FOR VIOLATIONS
APPENDIX FIVE C: Approval Policy and Procedures
POLICYPURPOSESCOPEAPPROVALS/DOCUMENTATION
CHAPTER SIX: Financial Controls and Risk Assessment
RISK ASSESSMENTFINANCIAL REPORTING OBJECTIVESFINANCIAL REPORTING RISKSFRAUD RISKENTITY-LEVEL CONTROLSEXAMPLE: RISK ASSESSMENT AND FINANCIAL CONTROLSEVALUATING DEFICIENCIESSUMMARYNOTES
APPENDIX SIX A: Entity-Level Control Assessment
CONTROL ASSESSMENT OVERVIEWCONTROL ENVIRONMENTOVERALL EVALUATION OF CONTROL ENVIRONMENTRISK ASSESSMENTOVERALL EVALUATION OF RISK ASSESSMENTCONTROL ACTIVITIESOVERALL EVALUATION OF CONTROL ACTIVITIESINFORMATION AND COMMUNICATIONOVERALL EVALUATION OF INFORMATION AND COMMUNICATIONMONITORINGOVERALL EVALUATION OF MONITORINGSUMMARY ASSESSMENTOVERALL ASSESSMENT OF INTERNAL CONTROLS
APPENDIX SIX B: Accounts Payable: Preliminary Controls Assessment Questionnaire
PURCHASING CONTROLS QUESTIONNAIREINTERNAL CONTROL ASSESSMENT
APPENDIX SIX C: Fraud Risk Factors: AU Section 316
RISK FACTORS RELATING TO MISSTATEMENTS ARISING FROM FRAUDULENT FINANCIAL REPORTING
CHAPTER SEVEN: Ongoing Compliance Overview
ORIGIN OF THE SARBANES-OXLEY ACTGENERATING VALUE FROM COMPLIANCEMOVING BEYOND INITIAL COMPLIANCEREEVALUATING THE COMPLIANCE PROGRAMSUMMARY
CHAPTER EIGHT: Ongoing Compliance Challenges
FUTURE STATE OPPORTUNITY: COMPLIANCE OPTIMIZATIONISSUES TO CONSIDER WHEN OPTIMIZING COMPLIANCEONGOING COMPLIANCE PLANROLE OF INTERNAL AUDIT: BALANCING THE COMPLIANCE AND AUDIT FUNCTIONSEVOLVING ROLE OF THE AUDIT COMMITTEESUMMARY
CHAPTER NINE: Addressing Compliance and Risk Management Challenges through Automation
SOFTWARE CAN ADD VALUE BEYOND COMPLIANCEMONITORING SOFTWAREUTILIZATION OF CONTINUOUS MONITORING: CONTROL TESTING AND CONTROL AUTOMATIONBENEFITS OF CONTINUOUS MONITORINGCONTINUOUS MONITORING TOOL CONSIDERATIONSCONTINUOUS MONITORING PROCESSRISK MANAGEMENT SOFTWAREUNIFYING FINANCIAL STATEMENTS, CLOSE TASKS, AND SOX CONTROLSDETERMINING THE RIGHT SOLUTIONSUMMARYNOTE
CHAPTER TEN: Ongoing Compliance and IFRS
INTERNATIONAL FINANCIAL REPORTING STANDARDSCOMMUNICATING THE IMPACTPREPARING FOR IFRSCOMPREHENSIVE IFRS TRANSITION APPROACHKEY ELEMENTS OF AN EFFECTIVE IFRS IMPLEMENTATIONSUMMARY
About the Author
Index

Content preview from Enterprise Risk Management Best Practices: From Assessment to Ongoing Compliance

CHAPTER FIVE

COSO Framework and Financial Controls

FOCUS ON FINANCIAL CONTROLS

It is important to establish the reason for the substantial dedication of time and focus specifically on controls over financial reporting. Many private companies lack appropriate documentation regarding the existence of controls associated with the financial reporting and disclosure process. In each case, these controls may or may not exist. Therefore, the most practical approach for these organizations is to focus initially on analyzing and building a strong foundation of internal control through risk assessment in the area of financial reporting and disclosure. Subsequently, management may utilize that foundation as a platform for concentrating on overall risk related to the business, which will facilitate the design and implementation of a robust, holistic risk management program.

Smaller companies should consider beginning their risk assessment program by focusing initially in the area of financial reporting and disclosure. This concentration can serve as a dual-purpose initiative for an organization since risks and risk mitigation in this area fall into the overall enterprise risk management (ERM) category of financial risk and subcategory of financial reporting and disclosure. Often smaller and private organizations are lacking in internal control over financial reporting and do not have the stringent regulatory requirements of a public company (i.e., Sarbanes-Oxley). By focusing on the period-end ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781118149539Purchase book

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Enterprise Risk Management Best Practices: From Assessment to Ongoing Compliance

by Anne M. Marchetti

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.