book

Enterprise Risk Management Best Practices: From Assessment to Ongoing Compliance

Name: Enterprise Risk Management Best Practices: From Assessment to Ongoing Compliance
Author: Anne M. Marchetti
ISBN: 9780470917404

by Anne M. Marchetti

October 2011

Intermediate to advanced

180 pages

4h 31m

English

Wiley

Read now

Unlock full access

Cover
Endorsenment
Title Page
Copyright
Dedication
Preface
CHAPTER ONE: Overview of Enterprise Risk Management
ERM INTRODUCTIONGUIDANCE: HISTORY AND RELATIONSHIPORGANIZATION VIEWERM TODAYINCREASED PRESSURE TO MANAGE RISKADDITIONAL EVIDENCEPERCEIVED BARRIERS TO RISK MANAGEMENTBUILDING THE BUSINESS CASE FOR ERM: VALUE AND BENEFITSKEYS TO SUCCESSSUMMARYNOTES
CHAPTER TWO: Corporate Governance and Roles and Responsibilities
BOARD BEHAVIORCORPORATE CULTUREROLES AND RESPONSIBILITIESSUMMARY
CHAPTER THREE: ERM Defined
DEFINITIONS AND CONCEPTSRISK CATEGORIESINTERNAL ENVIRONMENTSUMMARYNOTE
CHAPTER FOUR: The ERM Process: Step by Step
STEP 1: STRATEGY AND OBJECTIVE DEFINITIONSTEP 2: EVENT IDENTIFICATIONSTEP 3: RISK ASSESSMENTSTEP 4: RISK RESPONSESTEP 5: COMMUNICATIONSTEP 6: MONITORINGOVERSIGHTSUMMARYNOTES

CHAPTER FIVE: COSO Framework and Financial Controls
FOCUS ON FINANCIAL CONTROLSCONTROL ENVIRONMENTINTEGRITY AND ETHICAL VALUESBOARD OF DIRECTORSMANAGEMENT's PHILOSOPHY AND OPERATING STYLEORGANIZATIONAL STRUCTUREFINANCIAL REPORTING COMPETENCIESAUTHORITY AND RESPONSIBILITYHUMAN RESOURCESSUMMARYNOTES
APPENDIX FIVE A: Excerpt from a Code of Ethics Policy
OUR GUIDING PRINCIPLES AND VALUESCONFLICTS OF INTERESTCONFIDENTIAL INFORMATION; INTELLECTUAL PROPERTY
APPENDIX FIVE B: Whistleblower Program
REPORTS REGARDING ACCOUNTING MATTERSINVESTIGATION OF SUSPECTED VIOLATIONSDISCIPLINE FOR VIOLATIONS
APPENDIX FIVE C: Approval Policy and Procedures
POLICYPURPOSESCOPEAPPROVALS/DOCUMENTATION
CHAPTER SIX: Financial Controls and Risk Assessment
RISK ASSESSMENTFINANCIAL REPORTING OBJECTIVESFINANCIAL REPORTING RISKSFRAUD RISKENTITY-LEVEL CONTROLSEXAMPLE: RISK ASSESSMENT AND FINANCIAL CONTROLSEVALUATING DEFICIENCIESSUMMARYNOTES
APPENDIX SIX A: Entity-Level Control Assessment
CONTROL ASSESSMENT OVERVIEWCONTROL ENVIRONMENTOVERALL EVALUATION OF CONTROL ENVIRONMENTRISK ASSESSMENTOVERALL EVALUATION OF RISK ASSESSMENTCONTROL ACTIVITIESOVERALL EVALUATION OF CONTROL ACTIVITIESINFORMATION AND COMMUNICATIONOVERALL EVALUATION OF INFORMATION AND COMMUNICATIONMONITORINGOVERALL EVALUATION OF MONITORINGSUMMARY ASSESSMENTOVERALL ASSESSMENT OF INTERNAL CONTROLS
APPENDIX SIX B: Accounts Payable: Preliminary Controls Assessment Questionnaire
PURCHASING CONTROLS QUESTIONNAIREINTERNAL CONTROL ASSESSMENT
APPENDIX SIX C: Fraud Risk Factors: AU Section 316
RISK FACTORS RELATING TO MISSTATEMENTS ARISING FROM FRAUDULENT FINANCIAL REPORTING
CHAPTER SEVEN: Ongoing Compliance Overview
ORIGIN OF THE SARBANES-OXLEY ACTGENERATING VALUE FROM COMPLIANCEMOVING BEYOND INITIAL COMPLIANCEREEVALUATING THE COMPLIANCE PROGRAMSUMMARY
CHAPTER EIGHT: Ongoing Compliance Challenges
FUTURE STATE OPPORTUNITY: COMPLIANCE OPTIMIZATIONISSUES TO CONSIDER WHEN OPTIMIZING COMPLIANCEONGOING COMPLIANCE PLANROLE OF INTERNAL AUDIT: BALANCING THE COMPLIANCE AND AUDIT FUNCTIONSEVOLVING ROLE OF THE AUDIT COMMITTEESUMMARY
CHAPTER NINE: Addressing Compliance and Risk Management Challenges through Automation
SOFTWARE CAN ADD VALUE BEYOND COMPLIANCEMONITORING SOFTWAREUTILIZATION OF CONTINUOUS MONITORING: CONTROL TESTING AND CONTROL AUTOMATIONBENEFITS OF CONTINUOUS MONITORINGCONTINUOUS MONITORING TOOL CONSIDERATIONSCONTINUOUS MONITORING PROCESSRISK MANAGEMENT SOFTWAREUNIFYING FINANCIAL STATEMENTS, CLOSE TASKS, AND SOX CONTROLSDETERMINING THE RIGHT SOLUTIONSUMMARYNOTE
CHAPTER TEN: Ongoing Compliance and IFRS
INTERNATIONAL FINANCIAL REPORTING STANDARDSCOMMUNICATING THE IMPACTPREPARING FOR IFRSCOMPREHENSIVE IFRS TRANSITION APPROACHKEY ELEMENTS OF AN EFFECTIVE IFRS IMPLEMENTATIONSUMMARY
About the Author
Index

Content preview from Enterprise Risk Management Best Practices: From Assessment to Ongoing Compliance

CHAPTER NINE

Addressing Compliance and Risk Management Challenges through Automation

ORGANIZATIONS INVESTED MILLIONS OF DOLLARS on initial compliance and subsequently spent as much as 80% of those same dollars in year two refining documentation, testing, and remediating control weaknesses. Now that they have moved past year three and beyond, companies are exploring automation as a means for making the ongoing compliance process more efficient and less costly.

As a result of several factors, not the least of which is a lack of integrated testing as well as a significant amount of manual compliance testing and reporting, external audit costs increased-in many cases, significantly. In addition, the anticipated reduction of subsequent-year audit fees has not been realized. Lack of automation also has contributed to the high cost of compliance. In many organizations, a high number of manual controls still remain, and a substantial amount of manual testing continues to occur.

Compliance monitoring, testing, and reporting automation can play a key role in achieving process improvement and efficiency. When implemented effectively, technology enables an efficient, repeatable, and reliable process that can significantly lower the cost of compliance and offer increased visibility into the business. It also can strengthen the control environment, increase data integrity, improve process efficiency, and minimize risk by providing better visibility into control issues, allowing organizations ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781118149539Purchase book

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills

Enterprise Risk Management Best Practices: From Assessment to Ongoing Compliance

by Anne M. Marchetti

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.