effective internalcontrols
Presented by Eric Roring Pesik atCorruption and ComplianceSouth & South East Asia Summit        September 2012    Hilton H...
effective internal controls
internal controls
finance & accounting procedures
corporate IT systems
company policies & procedures
humanize internal controls
simplify internal controls
restaurant guest check
restaurant procedures
take your order
prepare your order
serve your order
pay for your order
receipt for order
restaurant guest check
human scale controls
1. simple2. effective3. efficient
organic controls
internal controlintegrated framework
internal control is a process
affected by people
reasonable assurance
achieve objectives
1.   process2.   people3.   assurances4.   objectives
integrated framework
human framework
human laziness
human carelessness
human dishonesty
1. laziness2. carelessness3. dishonesty
human framework
internal controls methods
segregation of duties
retention of records
supervision or monitoring
information processing
authorization of transactions
top-level reviews
electronic security
physical security
1.   segregation of duties2.   retention of records3.   super vision or monitoring4.   information processing5.   authoriz...
internal controls methods
effective internal controls
risk focused
risk assessment
High Magnitude                 High Magnitude                    Low Probability                High ProbabilityMagnitude ...
who determines risk?
risk experts
subjective opinions
objective data
sources of data
categories of risk
Corruption                               51%             Billing                      19%          Non-Cash               ...
Financial Statement                            $1,730         Corruption          $175  Check Tampering        $131       ...
Financial Statement                                          10.0        Corruption                                     7....
perpetrators of risk
Sales                                        21.0%             Operations                                 15.4%           ...
Exec/Upper Mgmt                                      $829     Board of Directors                                   $800   ...
Exec/Upper Mgmt                                 10.0             Accounting                         3.5             Purcha...
external data
internal data
company constituents
human laziness
human carelessness
human dishonesty
risk experts
ordinary employees
formal risk assessment
risk inventory
probability of occurrence
magnitude of loss
risk matrix
internal controls methods
1.   segregation of duties2.   retention of records3.   super vision or monitoring4.   information processing5.   authoriz...
effectiveness of controls
cost of mitigating or avoiding
follow the money
Hotline                           59.2%        Employee Support Programs                              59.0%               ...
Hotline    $100                     $245        Employee Support Programs        $100                     $244            ...
risk detection
Tip                               42.3%         Internal Audit                     14.3%  Management Review               ...
Employee                                   49.2%   Customer                     17.8% Anonymous               13.4%      V...
With Hotline         47.1%Tips Overall        42.3% No Hotline       33.8%               companies with hotlines
With Hotline      47.1%Tips Overall     42.3% No Hotline    33.8%      13.3%         companies without hotlines
importance of hotlines
whistleblower bounties
follow the money
recap
effective internal controls
1. simple2. effective3. efficient
1.   process2.   people3.   assurances4.   objectives
1. laziness2. carelessness3. dishonesty
1.   segregation of duties2.   retention of records3.   super vision or monitoring4.   information processing5.   authoriz...
risk focused
objective data
follow the money
questions?
get more fromhttp://www.slideshare.net/ericpesik/
License and CreditsThis presentation, excluding the images, is provided under creative commons attribution license.http://...
Upcoming SlideShare
Loading in...5
×

Effective Internal Controls by @EricPesik

2,641

Published on

Instilling good governance and ensuring full compliance with an effective internal control program. Presented at Corruption and Compliance South & South East Asia Summit, September 2012, Hilton Hotel, Singapore.

Published in: Business, Technology
0 Comments
4 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,641
On Slideshare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
385
Comments
0
Likes
4
Embeds 0
No embeds

No notes for slide

Effective Internal Controls by @EricPesik

  1. 1. effective internalcontrols
  2. 2. Presented by Eric Roring Pesik atCorruption and ComplianceSouth & South East Asia Summit September 2012 Hilton Hotel, Singapore
  3. 3. effective internal controls
  4. 4. internal controls
  5. 5. finance & accounting procedures
  6. 6. corporate IT systems
  7. 7. company policies & procedures
  8. 8. humanize internal controls
  9. 9. simplify internal controls
  10. 10. restaurant guest check
  11. 11. restaurant procedures
  12. 12. take your order
  13. 13. prepare your order
  14. 14. serve your order
  15. 15. pay for your order
  16. 16. receipt for order
  17. 17. restaurant guest check
  18. 18. human scale controls
  19. 19. 1. simple2. effective3. efficient
  20. 20. organic controls
  21. 21. internal controlintegrated framework
  22. 22. internal control is a process
  23. 23. affected by people
  24. 24. reasonable assurance
  25. 25. achieve objectives
  26. 26. 1. process2. people3. assurances4. objectives
  27. 27. integrated framework
  28. 28. human framework
  29. 29. human laziness
  30. 30. human carelessness
  31. 31. human dishonesty
  32. 32. 1. laziness2. carelessness3. dishonesty
  33. 33. human framework
  34. 34. internal controls methods
  35. 35. segregation of duties
  36. 36. retention of records
  37. 37. supervision or monitoring
  38. 38. information processing
  39. 39. authorization of transactions
  40. 40. top-level reviews
  41. 41. electronic security
  42. 42. physical security
  43. 43. 1. segregation of duties2. retention of records3. super vision or monitoring4. information processing5. authorization of transactions6. top-level reviews7. electronic security8. physical security
  44. 44. internal controls methods
  45. 45. effective internal controls
  46. 46. risk focused
  47. 47. risk assessment
  48. 48. High Magnitude High Magnitude Low Probability High ProbabilityMagnitude of Loss Low Magnitude Low Magnitude Low Probability High Probability Probability of Risk risk matrix
  49. 49. who determines risk?
  50. 50. risk experts
  51. 51. subjective opinions
  52. 52. objective data
  53. 53. sources of data
  54. 54. categories of risk
  55. 55. Corruption 51% Billing 19% Non-Cash 19% Expense Account 14% Skimming 13% Cash on Hand 11% Cash Larceny 9% Check Tampering 7%Financial Statement 7% Payroll 4% Cash Register 2% probability of the risk
  56. 56. Financial Statement $1,730 Corruption $175 Check Tampering $131 Billing $128 Cash Larceny $100 Non-Cash $90 Payroll $72 Skimming $60 Expense Account $33 Cash on Hand $23 Cash Register $23 magnitude of the loss
  57. 57. Financial Statement 10.0 Corruption 7.4 Billing 2.0 Non-Cash 1.3 Check Tampering 0.7 Cash Larceny 0.7 Skimming 0.6 Expense Account 0.4 Payroll 0.2 Cash on Hand 0.2 Cash Register 0.0 adjusted risk profile
  58. 58. perpetrators of risk
  59. 59. Sales 21.0% Operations 15.4% Accounting 15.1% Exec/Upper Mgmt 14.0% Purchasing 10.7%Warehousing/Inventory 4.0% Finance 4.0% Customer Service 3.3%Marketing/Pub Relations 2.9% Board of Directors 2.9% Mfg and Production 2.2% Human Resources 2.2%Information Technology 1.5% Internal Audit 0.4% Research and Dev 0.4% Legal 0.0% probability of the risk
  60. 60. Exec/Upper Mgmt $829 Board of Directors $800 Legal $566 Purchasing $500 Finance $450Marketing/Pub Relations $248Warehousing/Inventory $239 Human Resources $200 Accounting $180 Mfg and Production $150 Operations $105 Research and Dev $100 Sales $95Information Technology $71 Customer Service $46 Internal Audit $13 magnitude of the loss
  61. 61. Exec/Upper Mgmt 10.0 Accounting 3.5 Purchasing 2.8 Operations 1.7 Finance 1.7 Sales 1.1Warehousing/Inventory 1.0 Board of Directors 1.0Marketing/Pub Relations 0.4 Customer Service 0.3 Legal 0.2 Human Resources 0.2 Mfg and Production 0.2Information Technology 0.2 Research and Dev 0.0 Internal Audit 0.0 adjusted risk profile
  62. 62. external data
  63. 63. internal data
  64. 64. company constituents
  65. 65. human laziness
  66. 66. human carelessness
  67. 67. human dishonesty
  68. 68. risk experts
  69. 69. ordinary employees
  70. 70. formal risk assessment
  71. 71. risk inventory
  72. 72. probability of occurrence
  73. 73. magnitude of loss
  74. 74. risk matrix
  75. 75. internal controls methods
  76. 76. 1. segregation of duties2. retention of records3. super vision or monitoring4. information processing5. authorization of transactions6. top-level reviews7. electronic security8. physical security
  77. 77. effectiveness of controls
  78. 78. cost of mitigating or avoiding
  79. 79. follow the money
  80. 80. Hotline 59.2% Employee Support Programs 59.0% Surprise Audits 51.5%Fraud Training for Managers/Execs 50.0% Fraud Training for Employees 50.0% Job Rotation/Mandatory Vacation 46.8% Code of Conduct 46.6% Management Review 40.0% Anti-Fraud Policy 40.0% External Audit of ICOFR 34.9% Internal Audit Department 30.6% Independent Audit Committee 30.0% External Audit of F/S 25.0% Management Certification of F/S 25.0% Rewards for Whistleblowers 23.2% effective loss reduction
  81. 81. Hotline $100 $245 Employee Support Programs $100 $244 Surprise Audits $97 $200Fraud Training for Managers/Execs $100 $200 Fraud Training for Employees $100 $200 Job Rotation/Mandatory Vacation $100 $188 Code of Conduct $140 $262 Management Review $120 $200 Anti-Fraud Policy $120 $200 External Audit of ICOFR $140 $215 Internal Audit Department $145 $209 Independent Audit Committee $140 $200 External Audit of F/S $150 $200 Management Certification of F/S $150 $200 Rewards for Whistleblowers $119 $155 benefit of loss reduction
  82. 82. risk detection
  83. 83. Tip 42.3% Internal Audit 14.3% Management Review 11.3% By Accident 8.9% External Audit 5.8% Account Reconciliation 5.5%Document Examination 4.4%Surveillance/Monitoring 2.7% Confession 2.4% Notified by Police 1.7% IT Controls 0.7% detection method
  84. 84. Employee 49.2% Customer 17.8% Anonymous 13.4% Vendor 12.1%Shareholder/ 3.7% Owner Competitor 2.5%Perpetrators 1.8%Acquaintance source of tips
  85. 85. With Hotline 47.1%Tips Overall 42.3% No Hotline 33.8% companies with hotlines
  86. 86. With Hotline 47.1%Tips Overall 42.3% No Hotline 33.8% 13.3% companies without hotlines
  87. 87. importance of hotlines
  88. 88. whistleblower bounties
  89. 89. follow the money
  90. 90. recap
  91. 91. effective internal controls
  92. 92. 1. simple2. effective3. efficient
  93. 93. 1. process2. people3. assurances4. objectives
  94. 94. 1. laziness2. carelessness3. dishonesty
  95. 95. 1. segregation of duties2. retention of records3. super vision or monitoring4. information processing5. authorization of transactions6. top-level reviews7. electronic security8. physical security
  96. 96. risk focused
  97. 97. objective data
  98. 98. follow the money
  99. 99. questions?
  100. 100. get more fromhttp://www.slideshare.net/ericpesik/
  101. 101. License and CreditsThis presentation, excluding the images, is provided under creative commons attribution license.http://creativecommons.org/licenses/by/3.0/You are free to share, copy, distribute, and transmit this work; to remix, adapt this work; and to make commercial use of the work; under the condition that you attributethis work to me by including the following attribution “Effective Internal Controls by Eric Pesik. Used with permission,” and URL Link:http://www.slideshare.net/ericpesik/Microsoft Office Online:Except as noted below, all images in this presentation are from Microsoft Office Online. Used with permission from Microsoft:http://office.microsoft.com/en-us/images/Flickr Creative Commons:The following images are from flickr creative commons and are licensed and used under creative commons attribution license:http://creativecommons.org/licenses/by/2.0/deed.en Art Coffee House Waitress by Wonderlane http://www.flickr.com/photos/wonderlane/293137892/ Waitress by Adikos http://www.flickr.com/photos/adikos/4319818916/ Rutherford Grill by Neeta Lind http://www.flickr.com/photos/neeta_lind/2517034517/ Serving Food by Adrian Nier http://www.flickr.com/photos/adriannier/4004167201/ Donut Shop Owner by Robert Couse-Baker http://www.flickr.com/photos/29233640@N07/7104455917/ Two chorizo burritos with cheese and sour cream by Rick http://www.flickr.com/photos/spine/1994814081/ Waiter by Hans Van Den Berg http://www.flickr.com/photos/myimage/4353456304/ Blue Telephone by UggBoy♥UggGirl http://www.flickr.com/photos/uggboy/5345135964/Association of Certified Fraud Examiners:All data is from the Association of Certified Fraud Examiners, Report to the Nations on Occupational Fraud and Abuse, 2010 Global Fraud Study based on 1,843 casesof occupational fraud that were reported by the Certified Fraud Examiners who investigated them. http://www.acfe.comCommittee on Sponsoring Organizations of the Treadway Commission:The Internal Control — Integrated Framework was commissioned by the Committee on Sponsoring Organizations of the Treadway Commission. It establishes a commondefinition of internal control that services the needs of different parties for assessing and improving their control systems. http://www.coso.org
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×