Prepared by: Dr. Savanid (Nui) Vatanasakdakul
1
Concept of Corporate Governance
Concept of IT Governance
Internal Control
COSO Framework
Preventive, Detective and Corrective Controls
2
1
Provide a real-life examples of organisational failures and of the firm(s) in which they occurred? 3
____________________________________________
____________________________________________
____________________________________________
____________________________________________
____________________________________________
____________________________________________
____________________________________________
4
2
The way companies are managed to create value, enforce accountability and control, and manage risks. (Blair and Boyce, 2006)
An elaborate system of checks and balances whereby a company’s leadership is held accountable for building shareholder value and creating confidence in the financial reporting processes. (Turner & Weickgenannt, 2009)
5
Corporate governance starts at the top levels of an organisation
The system by which companies are directed and managed
How company objectives are set and achieved
How risk is monitored and assessed
How performance is optimised
6
3
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
Lay solid foundations for management and oversight Structure the board to add value
Promote ethical and responsible decision-making
Safeguard integrity in financial reporting
Make timely and balanced disclosures
Respect the rights of shareholders
Recognise and manage risk
Encourage enhanced performance
Remunerate fairly and responsibly
Recognise the legitimate interests of stakeholders
7
The system by which companies are directed and managed. It influences how the objectives of the company are set and achieved, how risk is monitored and assessed and how performance is optimised
8
4
Areas to be considered: o o o o o Adding value
Managing risk
Managing IT strategy
Measuring performance
Managing resources
Addresses: oIT principles oIT infrastructure oIT architecture oIT investment & prioritisation 9
1. Plan
and organise
2. Acquire
3. Deliver
and implement
and support
4. Monitor
and evaluate
10
5
11
Internal control systems are part of an organisation’s corporate governance structure. They help the organisation meet its objectives. Internal Controls (IC) aim to provide a reasonable assurance that objectives will be achieved. The control framework is called the Internal
Control Structure.
12
6
Provide a real-life examples of internal control in the following situation.
Family
University
Workplace
13
14
7
Committee
Of Sponsoring Organisations of the Treadway
Commission – Enterprise Risk Management Framework
(Blair & Boyce, 2006)
15
Effectiveness and efficiency of operations
◦ Efficiency: Use of resources
◦ Effectiveness: Achieving the intended purpose
Reliability of financial reporting
◦ Are the amounts in the reports accurate?
Reliable? Timely?
Compliance with applicable laws and regulations
◦ Does the control system ensure we meet legal obligations (financial reporting, other obligations)? 16
8
Functions: Accounting and Finance, Human
Resources, Sales and Marketing, Production…
Units: Departments, Divisions, Teams,
Committees, boards…
17
Control environment
◦ The overall attitude, actions and awareness towards internal control and its importance.
Risk assessment
◦ Understand the business objectives and processes and ask
“what could go wrong?”, “how could this process fail?”
Control activities
◦ The procedures that are implemented to address the risks identified in the risk assessment.
Information and communication
◦