Get valuable advice on optimizing payable and expense processes and achieving effective control from industry expert Chris Doxey and Oracle Consulting's Managing Practice Lead, Swarnali Bag. Then learn how to automate identification of transactions that indicate fraud, error and policy violation; configure our upcoming Advanced Financial Controls cloud service to analyze and manage those transactions; and achieve fastest implementation, minimum effort, and maximum return on investment from Oracle Product Development's process/solution designers Sujay Bandyopadhyay and Barry Greenhut.
4. Arturo Martínez del
Campo Saucedo
Corporate Chief Financial Officer
Grupo Posadas S.A.B. de C.V. .
LEADERSHIP IN FINANCE
LATIN AMERICA - CLOUD
2016
Best
Practice
Adopter
First
Adopter
of Risk
Cloud
9. An Integrated Governance, Risk, and
Compliance (GRC) Monitoring Model
23
Assertion and Attestation
Test/Evaluate Controls
Define Control Activities
Define Control Objectives
Identify Risk
Document the Process
Document the Process
and System
Identify Financial
Processes and Systems
Define the Scope
The Building Blocks of
an Internal Control
Framework
• Processes
• System
• Entity
• Compliance
• Fraud Prevention
• Organization Wide
Internal Controls
Supports
12. Best Practice 2: Ten Tips for
Developing Risk Based Internal
Controls
26
13. Ten Tips for Developing Risk Based
Internal Controls
1. The focus should be on the business process rather than only the
expect outcome of the audit process.
2. The control should be process focused rather than purely
transaction focused. Although, the control should address the
accuracy of a transaction, a risk based control addresses the total
business process – not just a single transaction.
3. The expected outcome is to identify and mitigate the risk as well
determine opportunities for process improvements and fraud
prevention.
4. There should be a focus on risk management rather than solely
following current policies and procedures.
5. The goal should be on continual risk assessment coverage through
automation.
27
14. Ten Tips for Developing Risk Based
Internal Controls (Cont.)
6. Risk based internal controls facilitate change since they should be
updated on a regular basis.
7. This approach should set the foundation for implementing
meaningful operational metrics.
8. Risk based controls can resolve identifying risks within business
process gaps.
9. Risk based controls can help prevent and detect fraud since they
truly can reflect the end to end business process.
10. Risk based controls should always be suggested by the business
process owners.
28