Every entity faces a variety of risks from external and internal sources. Risk is defined as the possibility that an event will occur and adversely affect the achievement of objectives. Risk assessment involves a dynamic and iterative process for identifying and assessing risks to the achievement of objectives. Risks to the achievement of these objectives from across the entity are considered relative to established risk tolerances. Thus, risk assessment forms the basis for determining how risks will be managed. A precondition to risk assessment is the establishment of objectives, linked at different levels of the entity.
Control activities are the actions established through policies and procedures that help ensure that management’s directives to mitigate risks to the achievement of objectives are carried out. Control activities are performed at all levels of the entity, at various stages within business processes, and over the technology environment. They may be preventive or detective in nature and may encompass a range of manual and automated activities such as authorizations and approvals, verifications, reconciliations, and business performance reviews. Segregation of duties is typically built into the selection and development of control activities. Where segregation of duties is not practical, management selects and develops alternative control activities.
The course presents the summary, definitions, principles and points of focus of the risk assessment and control activities components of the Internal Control Integrated Framework, 2013. The concepts and applications of the objectives setting, risk assessment and control activities are explored in detail in cumulative cases and exercises through each topic. The objective of the course is for participants to gain a detailed understanding and ability to apply the concepts, principles and points of focus of the risk assessment and control activities components of the Internal Control Integrated Framework.
The component evaluation templates from the COSO Illustrative Tools for Assessing Effectiveness of a System of Internal Control serve as the basis for principle analysis in the cases and exercises. Participants will gain a working knowledge of how to adapt the tools for use in their daily work in their respective organizations.
This course is an applications course and requires an in-depth working knowledge of the overall Framework, its components, concepts and approaches. Only those who have attended the COSO2013 Internal Control Framework Overview Course or those who have a detailed working knowledge of the new Framework should attend this course.
The course was written by Michael L. Piazza, who is the primary presenter for the course. If date conflicts arise, the client will be given the option of a secondary instructor.
Who Should Attend:
Anyone in an organization who designs, implements, applies or reviews internal control including will greatly benefit from the course and applications. These include: administrators; accountants; finance officers; managers; risk management officers; quality assurance personnel; internal auditors; and anyone providing assurance to internal control and risk management effectiveness.
Purchase and Schedule a Course Offering:
PDA courses are offered through the Institute for Internal Controls (IIC). To have an IIC representative contact you about conducting the course at your organization or chapter, please complete the Request for Information form. An IIC representative will contact within one business day to discuss the details and arrange a course date that suites your organization's needs.
The course can be modified for custom presentation including organizational specific cases, examples and concepts. A $5,000 customization fee covers all conversions and customizations and a one day consulting trip to the client location for interviews and sample analysis.