Greetings All,
Our goals for Assurance:
q Plan and perform
effective Assurance engagements for Sipradi Companies’ :
q To identify risks
which may lead to fail in achievement of performance and profitability
targets
q To provide assurance
on effectiveness of overall internal control system in managing those risks
q To aid in preventing
loss of Assets and strengthen safeguarding
|
|
Key Principles of Evaluating and Improving Internal Control
A. Supporting the Organization’s
Objectives
|
Internal control should be used
to support the organization in achieving its objectives by managing its
risks, while complying with rules, regulations, and organizational policies.
The organization should therefore make internal control part of risk management
and integrate both in its overall governance system.
|
B. Determining Roles and
Responsibilities
|
The organization should
determine the various roles and responsibilities with respect to internal
control, including the governing body, management at all levels, employees,
and internal and external assurance providers, as well as coordinate the
collaboration among participants.
|
C. Fostering a Motivational
Culture
|
The governing body and
management should foster an organizational culture that motivates members of
the organization to act in line with risk management strategy and policies on
internal control set by the governing body to achieve the organization’s objectives.
The tone and action at the top are critical in this respect.
|
D. Linking to Individual
Performance
|
The governing body and
management should link achievement of the organization’s internal control
objectives to individual performance objectives. Each person within the
organization should be held accountable for the achievement of assigned
internal control objectives.
|
E. Ensuring Sufficient
Competency
|
The governing body, management,
and other participants in the organization’s governance system should be
sufficiently competent to fulfill the internal control responsibilities
associated with their roles.
|
F. Responding to Risk
|
Controls should always be
designed, implemented, and applied as a response to specific risks and their
causes and consequences.
|
G. Communicating Regularly
|
Management should ensure that
regular communication regarding the internal control system, as well as the
outcomes, takes place at all levels within the organization to make sure that
the internal control principles are fully understood and correctly applied by
all.
|
H. Monitoring and Evaluating
|
Both individual controls as well
as the internal control system as a whole should be regularly monitored and
evaluated. Identification of unacceptably high levels of risk, control
failures, or events that are outside the limits for risk taking could be a
sign that an individual control or the internal control system is ineffective
and needs to be improved.
|
I. Providing for Transparency
and Accountability
|
The governing body, together
with management, should periodically report to stakeholders the
organization’s risk profile as well as the structure and factual performance
of the organization’s internal control system.
Let’s observe whether above principles are applied within
the organization and guide management on implementing it.
Regards,
CBS
|
No comments:
Post a Comment