Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
2013: What YOU Need to Know

2013:

What YOU
Need to Know
CONTROL ENVIRONMENT

October 17, 2013 | 12:00 p.m. ET | 1 hour |...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Housekeeping
• If you experience technical ...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

CPE Credit
•

Today’s webcast is worth one ...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

About the Speaker
Jim DeLoach
Managing Dire...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Agenda
Why Focus on the Control Environment...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Where It All Starts

“The set of standards,...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Internal and External Factors Influence It…...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Why Focus on the Control Environment?
• Is ...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Importance of the Control Environment
• It’...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

The “Usual Suspects”: 10 Examples
(1) Press...
The New

2013: What YOU Need to Know
Framework

Polling Question 1
The control environment:
a. Consists of a set of standa...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Key Changes in the 2013 Framework
 

• Comb...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Key Changes in the 2013 Framework
 

• Expa...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Key Principles Under Control Environment
 
...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Commitment to Integrity and Ethical Values
...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Using the Points of Focus as Guidance…
 

S...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Principle 1: Suggested Approaches

 

• Set...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Principle 1: Suggested Approaches

 

• Ana...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Case in Point #1
 

The senior management o...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Case in Point #2
 

A not-for-profit organi...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Independent Board Exercises Oversight
 

Es...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Polling Question 2
Under the 2013 New Frame...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Polling Question 3
Under the 2013 New Frame...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Case in Point
The audit committee of an ele...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Appropriate Structures, Reporting Lines,
Au...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Third Point of Focus

Points
of Focus

Slid...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Principle 3: Suggested Approaches
• Managem...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Case in Point
The senior management at a ga...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Attract, Develop and Retain Competence
Esta...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Principle 4: Suggested Approaches
• Managem...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Principle 4: Suggested Approaches
• The Boa...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Case in Point
The bylaws of the board of a ...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Hold Individuals Accountable
Enforces Accou...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Principle 5: Suggested Approaches
• Senior ...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Principle 5: Suggested Approaches
• Communi...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Case in Point #1
 

A forest products compa...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Case in Point #2
 

A private company that ...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Interdependencies with Other Components
 

...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Implications to Sarbanes-Oxley Applications...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Polling Question 4
To support a conclusion ...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

In Conclusion
• The explicit listing of und...
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Slide 42

Framework
Principles and Points ofYOU Need to Know
2013: What Focus: The New

Framework

Thank you for your
participation!
In 2-3 bu...
Upcoming SlideShare
Loading in …5
×

Coso 2013 - What You Need to Know!

771 views

Published on

Originally a webcast given by Protiviti expert Jim DeLoach, this presentation focuses on key changes in the COSO 2013 framework, with its implications for SOX compliance. This presentation is also available on the FEI website at http://www.financialexecutives.org/eweb/upload/fei/events/replay/tc_131017/

Published in: Business, Technology
  • Be the first to comment

  • Be the first to like this

Coso 2013 - What You Need to Know!

  1. 1. 2013: What YOU Need to Know 2013: What YOU Need to Know CONTROL ENVIRONMENT October 17, 2013 | 12:00 p.m. ET | 1 hour | 1 CPE credit Slide 1
  2. 2. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Housekeeping • If you experience technical difficulties, please use: • use the “Ask a Question” Tab or • use the “Help” Tab or • call 1.866.490.5412 or • email support@vcall.com • Experiencing difficulty hearing today's broadcast? Dial-in: (Toll Free) 877-445-9761 (Int’l) 201-689-8592 Passcode: 421488 • Use the “Download Tab” below to download a handout of the today’s presentation. • Use the “Ask a Question” Tab to ask questions at any time during the presentation. Questions will be addressed at the end of the presentation. Slide 2
  3. 3. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework CPE Credit • Today’s webcast is worth one (1.0) CPE credit. • To qualify for CPE, one must have registered via FEI’s website, as well as, meet both duration, poll requirements and complete an on-line survey evaluation. • In accordance with the standards for the National Registry of CPE Sponsors, CPE credit will be granted based on a 50-minute hour. • You must answer at least 3 polling questions (during the webcast) to qualify for CPE credit. • Qualifying participants will have access to the NASBA required survey, in FEI’s CPE Center, within 2-3 business days and the online certificate for CPE credit is available immediately upon completion of this survey. • Additional information will be provided in a follow-up email after today’s webcast. Slide 3
  4. 4. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework About the Speaker Jim DeLoach Managing Director| With over 35 years of experience and a member of the Protiviti’s Solutions Leadership Team, Jim DeLoach assists organizations in responding to government mandates, shareholder demands and a changing business environment in a cost-effective and sustainable manner. His focus is on managing risk and integrating risk with strategy setting, business planning with performance management. DeLoach was one of 25 recipients of the “Consultant of the Year” award from Consulting Magazine in 2011. In 2012 and again in 2013, he was named to the National Association of Corporate Directors’ Directorship 100 list, recognizing him as one of the 100 most influential people in the boardroom community. DeLoach has authored several books, including Enterprise-wide Risk Management: Strategies for linking risk and opportunity, which was published by Financial Times in June 2000 and was the first book written on the subject of enterprise risk management. Widely quoted in the press, he has published numerous articles and thought papers over the last 15 years covering various aspects of governance, managing business risk and effective internal controls. He has served on the COSO Advisory Board for 10 years contributing to the development of several frameworks and projects. Slide 4
  5. 5. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Agenda Why Focus on the Control Environment? Key Changes in 2013 Framework – Control Environment Key Principles Interdependencies with Other Components Implications to Sarbanes-Oxley Applications Conclusion Slide 5
  6. 6. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Where It All Starts “The set of standards, processes, and structures that provide the basis for carrying out internal control across the organization.” Slide 6
  7. 7. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Internal and External Factors Influence It… • Company history and ethical values • Industry considerations • Management's philosophy and operating style • Competence of the entity's people at all levels and the standards, processes, and structures that guide them • Effectiveness of board oversight Slide 7
  8. 8. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Why Focus on the Control Environment? • Is the foundation for all other components of internal control • Sets the tone of an organization • May help an organization be more resilient when facing pressures Slide 8
  9. 9. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Importance of the Control Environment • It’s often where the problems start • The core of any business is its people and the environment in which they operate • Without an effective control environment, it’s game over Slide 9
  10. 10. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework The “Usual Suspects”: 10 Examples (1) Pressure to meet unrealistic performance targets, particularly short-term results (2) Unbalanced compensation structures that encourage excessive risk taking (3) Passive boards that fail to exercise effective oversight (4) Inadequate board communications (5) Selective consideration of facts to fit management’s bias (6) Lack of transparency into what matters (7) Inability to manage conflicting objectives and metrics (8) Board waiver of conflict of interests policy (9) Poor escalation processes (10) Management override of controls Slide 10
  11. 11. The New 2013: What YOU Need to Know Framework Polling Question 1 The control environment: a. Consists of a set of standards, processes, and structures b. Is the foundation for carrying out internal control across the organization c. Sets the tone for the organization’s internal control d. May help an organization be more resilient when facing external and internal pressures e. All of the above Slide 11
  12. 12. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Key Changes in the 2013 Framework   • Combines the SEVEN factors into FIVE underlying principles • Provides in-depth account on what is involved in an effective control environment • Explains interdependencies and linkages between components • Covers implications of extended business models utilizing external parties Slide 12
  13. 13. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Key Changes in the 2013 Framework   • Expands on the concepts of governance in an organization • Clarifies the expectations of integrity and ethical values to reflect lessons learned and new developments Slide 13
  14. 14. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Key Principles Under Control Environment   1 Commitment to integrity and ethical values Independence board of directors exercising oversight of internal control Structures, reporting lines, and appropriate 3 authorities and responsibilities Commitment to attract, develop, and retain 4 competent individuals 2 5 Slide 14 Individuals held accountable for their internal control responsibilities
  15. 15. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Commitment to Integrity and Ethical Values   Sets the Tone at the Top Points of Focus Establishes Standards of Conduct Evaluates Adherence to Standards of Conduct Addresses Deviations in a Timely Manner Slide 15
  16. 16. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Using the Points of Focus as Guidance…   Sets the Tone at the Top Evaluates Adherence to Standards of Conduct Slide 16 Establishes Standards of Conduct Addresses Deviations in a Timely Manner
  17. 17. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Principle 1: Suggested Approaches   • Set the tone from the top for day-to-day actions and decision making across the organization • Consider legal, ethical, and other expectations in the conduct of business and financial reporting to establish expected standards of conduct • Train new and existing employees on the entity’s standards of conduct Slide 17
  18. 18. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Principle 1: Suggested Approaches   • Analyze issues and trends from hotlines and help lines made available within the organization that could indicate potential fraud occurrences • Make explicit the consequences for deviations from standards of conduct at any level in the organization • Establish, communicate and enforce standards of conduct throughout the organization Slide 18
  19. 19. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Case in Point #1   The senior management of a publicly traded company maintains and distributes the company’s code of business conduct and ethical standards to all employees and external parties acting on its’ behalf. It also provides for a supplier code of conduct to its vendors as part of its agreements, which provide for a basis of evaluation along with product/service delivery evaluation. Source: COSO; Internal Control over External Financial Reporting: A Compendium of Approaches and Examples Slide 19
  20. 20. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Case in Point #2   A not-for-profit organization conducts scheduled audits to determine whether employees are receiving and understanding the board approved standards of conduct when they are first hired and as part of ongoing communications. This helps to determine if there are any instances of noncompliance and to use those findings to assess and correct any deficiencies in the organization’s new-hire orientation, communications, training, and employee review processes. Source: COSO; Internal Control over External Financial Reporting: A Compendium of Approaches and Examples Slide 20
  21. 21. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Independent Board Exercises Oversight   Establishes Oversight Responsibilities Points of Focus Applies Relevant Expertise Operates Independently Provides Oversight Slide 21
  22. 22. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Polling Question 2 Under the 2013 New Framework, the control environment  consists of 7 important principles. a. True b. False Slide 22
  23. 23. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Polling Question 3 Under the 2013 New Framework, the points of focus provided for each principle are intended to provide helpful guidance but are not required to be evaluated separately. a. True b. False Slide 23
  24. 24. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Case in Point The audit committee of an electricity transmission and distribution company meets, at least annually, in executive session to discuss its assessment of the risks of management override of internal control, including motivations, opportunities, and rationalizations for management override and how those activities might be concealed. It also collects information whenever any concerns are expressed about ethics or possible management override of internal controls. The process of questioning continues until resolution is reached. Source: COSO; Internal Control over External Financial Reporting: A Compendium of Approaches and Examples Slide 24
  25. 25. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Appropriate Structures, Reporting Lines, Authorities and Accountabilities Points of Focus Considers All Structures of the Entity Establishes Reporting Lines Defines, Assigns, and Limits Authorities / Responsibilities Slide 25
  26. 26. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Third Point of Focus Points of Focus Slide 26 Defines, Assigns, and Limits Authorities / Responsibilities: •Board of Directors •Senior Management •Management •Personnel •Outsourced Service Providers
  27. 27. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Principle 3: Suggested Approaches • Management periodically considers the impact on the control environment and the importance of effectively segregating duties, as part of reviewing the assignment of authorities and responsibilities • Job descriptions outlining financial reporting responsibilities are maintained and are updated when necessary when circumstances change • Management provides sufficient direction to ensure that the appropriate employees recognize their responsibility for internal control and the importance of applying appropriate diligence / business judgment when they carry out their assigned job responsibilities Slide 27
  28. 28. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Case in Point The senior management at a games software developer, has recognized that the company’s recent significant growth is causing many of the roles and responsibilities of its management executives to be no longer relevant. In response, the senior managers have initiated a project to realign responsibilities among its leadership team. The goals are to adequately support financial reporting objectives, with clear lines of reporting supported by new written job descriptions. Source: COSO; Internal Control over External Financial Reporting: A Compendium of Approaches and Examples Slide 28
  29. 29. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Attract, Develop and Retain Competence Establishes Policies and Practices Points of Focus Evaluates Competence and Addresses Shortcomings Attracts, Develops and Retains Individuals Plans and Prepares for Succession Slide 29
  30. 30. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Principle 4: Suggested Approaches • Management identifies the required skills and experience necessary to support the entity’s objectives • Training needs are identified / delivered to targeted personnel • Senior management evaluates the sufficiency and competency of the personnel involved in recording and reporting financial information and in designing and developing financial reporting systems Slide 30
  31. 31. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Principle 4: Suggested Approaches • The Board of Directors identifies essential roles for functioning of the business and, for those roles, management defines succession plans • Management sets expectations that personnel raise issues or questions relating to the application of defined standards • Performance evaluation processes and incentives are established to promote expected standards of behavior consistent with entity objectives Slide 31
  32. 32. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Case in Point The bylaws of the board of a metal products company specify the responsibility of the audit committee of the board for reviewing the principal roles and responsibilities of key financial reporting senior management. To this end, the audit committee chair meets annually with the company’s human resources director, chief audit executive, and legal counsel to review the roles, responsibilities, and performance of the various company managers. The review focuses on aligning respective managerial responsibilities with the company’s organization chart. Source: COSO; Internal Control over External Financial Reporting: A Compendium of Approaches and Examples Slide 32
  33. 33. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Hold Individuals Accountable Enforces Accountability Through Structures, Authorities and Responsibilities Points of Focus Establishes Performance Measures, Incentives, and Rewards Evaluates Performance Measures, Incentives, Rewards for Ongoing Relevance Considers Excessive Pressures Evaluates Performance and Rewards or Disciplines Individuals Slide 33
  34. 34. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Principle 5: Suggested Approaches • Senior management defines performance measures / rewards aligned with ethical values and inclusive of financial and non-financial measures • The board of directors and management periodically evaluate appropriateness of performance measures • Management designs objective employee evaluation and compensation systems that periodically provide individual rewards or disciplinary action Slide 34
  35. 35. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Principle 5: Suggested Approaches • Communicating and reinforcing the accountability for responsible conduct of all personnel • Policies that stress interactions with suppliers, customers, and other external parties reflect fair and honest dealings • Anomalies in key performance indicators and internal analytical reviews of operational and financial information that could be a potential indicator of fraud or other misconduct are considered Slide 35
  36. 36. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Case in Point #1   A forest products company, structures its bonus plan to have 30% of the potential incentive award directly related to the demonstration of the company’s core values. Information items that the company values are specific comments on how management does or does not reflect values are captured through employee feedback. Source: COSO; Internal Control over External Financial Reporting: A Compendium of Approaches and Examples Slide 36
  37. 37. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Case in Point #2   A private company that researches, develops, produces, and markets medical scanning equipment, encourages its employees to identify and submit suggestions for improving internal control, including internal control over financial reporting. Employees are rewarded in the form of company awards and/or cash bonuses for ideas that are used. Source: COSO; Internal Control over External Financial Reporting: A Compendium of Approaches and Examples Slide 37
  38. 38. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Interdependencies with Other Components   • All components must operate together in an integrated manner • Components are interdependent with a multitude of interrelationships and linkages among them • Examples of components operating together: − The organization establishes expected standards of conduct and sets performance incentives within the Control Environment that may impact the assessed level of fraud risk evaluated within Risk Assessment − The communication of internal control deficiencies as part of Monitoring Activities requires a full understanding of the entity’s structures, reporting lines, authorities and responsibilities as set forth in the Control Environment Slide 38
  39. 39. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Implications to Sarbanes-Oxley Applications   • For established companies, existing documentation must be converted to the principles-based approach − For the Control Environment, the 7 factors under the original 1992 version can be organized easily under the 5 principles • A separate ICEFR compendium may be useful to companies complying with Sarbanes-Oxley − For newly public companies or IPO companies, the ICFRE Compendium provides useful guidance for getting started − For established companies, use the ICEFR Compendium selectively or in situations involving changes in conditions and processes Slide 39
  40. 40. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Polling Question 4 To support a conclusion that internal control is effective, all components  must be present and functioning and operate together.  a. True b. False Slide 40
  41. 41. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework In Conclusion • The explicit listing of underlying principles increases the framework’s utility • The control environment has a pervasive impact on the overall system of internal control • A strong control environment positions organizations to respond and adapt to internal and external pressures  • Organizational culture supports and is influenced by the control environment Slide 41
  42. 42. Principles and Points ofYOU Need to Know 2013: What Focus: The New Slide 42 Framework
  43. 43. Principles and Points ofYOU Need to Know 2013: What Focus: The New Framework Thank you for your participation! In 2-3 business days, a follow-up email will provide instructions on accessing your CPE credits. Our series continues… COSO 2013 : What YOU Need to Know – Control Environment Thursday, October 17 at 12:00 p.m. Eastern Slide 43

×