TEAM FOCUS: RISK ADVISORY SERVICES
However, based on our experience helping
Once your key stakeholders’ expectations are clear, ownership and project management should be established so that a project plan and budget can be developed covering the following fundamental stages: X Assessment – understand the current state of your internal controls and assurance X Design – develop your process documentation and risk and control matrices X Implementation – establish any new controls and carry out a proof-of-concept walkthrough X Embedding – complete your operational effectiveness testing regime and undertake any remediation actions
As your management team works through these stages, it’s important to consider other critical success factors, including: X Developing and maintaining effective governance arrangements X Assessing the current and desired organisational culture relating to risk and control X Using a digital governance, risk and control (GRC) tool to help create a unified but flexible approach to managing risk and controls in decentralised businesses.
businesses respond to other international SOx regimes, successful programmes can take between 18 and 36 months to implement and embed. Due to this lead time, early planning is encouraged. A key first step is to determine whether your business falls within the scope of the new PIE definitions. If it does, it’s important to understand the intentions and expectations of your directors and your audit committee with regards to the benchmarking system and the need for external assurance.
X Improve – look for
ways to enhance your controls and testing regime, including more automation.
DOWNLOAD our summary of the proposed corporate governance reforms and impacts on directors, and practical advice on the steps management teams can take to prepare.
15
Made with FlippingBook HTML5