Suchergebnisse

• eBook-Kapitel aus dem Buch Global Management Challenges for Internal Auditors

  The Financial Sector: Risks, Controls and Assurance after the Financial Crisis

  Daniel Nelson

  …summarise four main kinds of causes: macroeconomic, meaning big-picture economics issues; market discipline failures; inadequate market policies and risk… …situation. Lastly, risk management. One aspect is that risk management or risk mitigation has been viewed as more of a nuisance, more a need to adhere… …to compliance require- ments, rather than a useful and integrated part of the business. Most risk units in fact were also placed in a support function… …which has a different risk and return profile. The business model used by AIG was reportedly based on the principle that if the swaps activity, the CDSs… …area in an entity. Nelson 96 It has also been reported that enterprise risk management (ERM) and the finance complex did not have adequate… …oversight or coverage of the AIGFP business, par- ticularly on AIGFP’s valuation practices, its risk models. According to public re- cords, this appears to… …have been a major concern also for the external auditor. Other reports indicate that risk taking at AIGFP had deteriorated particularly in the last few… …lesson-learned here is obvious: internal audit should review the risk management governance and op- erational arrangements, to ensure that there are no such gaps… …requirement compared to the 2006 charter. The second change in the 2009 charter is the new wording added to the risk management section which indicates that… …the audit committee is not the only body responsible for oversight of AIG’s risk assessment and management. The 2009 charter also goes on to state…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Global Management Challenges for Internal Auditors

  International Professional Practices Framework – Overview of the current guidance of the Institute of Internal Auditors

  T. Flemming Ruud, Philipp Friebe, Daniela Schmitz, Shqiponja Isufi

  …different legislative and regulatory initiatives aimed at improving the Governance, Risk Management and Internal Control of an organization. The PPF has… …systematic, disciplined approach to evaluate and improve the effectiveness of Risk Management, Control, and Governance processes. Figure 2: Definition of… …Governance, Risk Manage- ment and Internal Control. The Position Papers primarily explain the roles of Inter- nal Audit in relation to these processes. For… …example, the Position Paper "The Role of Internal Auditing in Enterprise-Wide Risk Management" describes the role of Internal Audit within the scope of… …Risk Management.11 Included in the IPPF, the previous existing Position Papers have gained in importance. The Practice Guides are detailed… …scope of the Internal Audit includes the systematic evaluation of the adequacy and the effectiveness of the Governance, Risk Management and Internal… …(previously Risk Man- agement). Standard 2120 relates to Risk Management (previously Internal Control), while Standard 2130 describes the tasks of Internal… …structures, and processes that ensure that the enterprise's information technology sustains and supports the organiza- tion's strategies and objectives. Risk… …Appetite The level of risk that an organization is willing to accept. Technology based Audit Techniques Any automated audit tool, such as generalized… …the strate- gies and objectives of the organization. According to Standard 2120.A2, when evaluating the Risk Management processes the Internal Audit…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Global Management Challenges for Internal Auditors

  Governance Works, in Principle

  Neil Baker

  …corporate governance in the financial sector. There was much talk about the need for banks to improve their modelling and their risk management practices… …should “provide entrepreneurial leadership of the company within a frame- work of prudent and effective controls which enables risk to be assessed and man-… …financial controls and systems of risk management are robust and defensible.” Some bank boards have arguably failed to meet either of those principles. But… …managers who sit just below board level, such as the directors responsible for human resources and information technology and the chief risk officer. In a… …recently about the risk of companies fracturing into “organisational silos” based on highly techni- cal management functions. Poorly run companies often… …“lacked an effective forum in which senior business managers and risk managers could meet to discuss emerging issues frequently; some lacked even the… …“demonstrated a comprehensive approach to viewing firm-wide ex- posures and risk, sharing quantitative and qualitative information more effectively across the… …firm and engaging in more effective dialogue.” Baker 56 There was a risk of disconnect, the group said, between the people effectively run- ning… …prepare to ask ourselves some serious questions,” says Institute President Philip Ratcliffe. “The most basic objective of risk management is not… …departments, and boards which gave serious contemplation to the demands of good governance and risk management, have almost overnight gone to the wall.”…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Global Management Challenges for Internal Auditors

  Doing More with Less

  Neil Baker

  …then audit all the high-risk areas within five years. “This downsizing puts us at risk of not being able to do that,” he says. Storms conveyed this… …first-time audits; a great deal of uncertainty existed around the level of inherent risk in some business areas, in addition to residual risk, he explains… …aware of any resource issues or challenges they face.” 3 Changing Risk Profile Budget cuts are not the only reason to revisit the audit plan in a… …downturn: The risk profile of the organisation is likely to be changing too. A recent survey from The IIA’s Global Audit Information Network – Knowledge… …changing economic climate. A third of organisa- tions in the survey say the downturn is affecting the focus of their work, with the risk of fraud… …control coverage, but the majority (58 %) have no plans to do any work on this risk. Jim LaTorre is managing partner of PricewaterhouseCoopers’ U.S… …. For some, that would entail a significant re-examination of internal audit’s role in relation to risk. Michael Fucilli, auditor general at the… …in the change business – how to address risk and how to make the company better. It’s not easy to audit this way, but if you search out areas where… …: 1. Review your last risk assessment. Everything has changed so dramatically in the last few months that you may be chasing risks that are… …needed to deal with the issues in the new risk assessment, look for short-term, creative ways to fill those gaps. One solution might be to bring in guest…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Accounting Fraud

  Chapter 4: Conclusion and Outlook

  Prof. Dr. Klaus Henselmann, Dr. Stefan Hofmann

  …responsibility of companies to enhance their anti-fraud efforts. Thus, managing fraud risk has become a business imperative today. However, there are clear… …guidelines for “best practice” in fraud risk management. For a summary of basic anti-fraud strategies, see Exhibit 9 (the definitions are extracted from… …environment where the risk of fraud is minimal and opportunity is eliminated Fraud Remediation: Recovery of losses through insurance or the legal… …, all of these strategies are interrelated. Nevertheless, prevention clearly is the first line of defence in minimizing fraud risk. Strong preventive… …and hiring and promotion standards. – A comprehensive fraud risk assessment helps senior management to under- stand their fraud risks, identify gaps… …in their preventive controls, and develop a plan for eliminating these control weaknesses. The fraud risk assessment process should be performed on a… …misconduct. The regular delivery of fraud awareness trainings is vital for maintaining a quality compliance organiz- ation. – Based on the fraud risk… …cannot assure that fraud will not be committed. Nevertheless, companies can certainly take steps to mitigate the risk of fraud. There is a wide variety… …Fraud Examiners: Managing the Business Risk of Fraud: A Practical Guide, www.acfe.com/documents, November 2007 Ball, Ray: Market… …Exit Plan?), www.theconglomerate.org, January 2010 KPMG: Fraud Risk Management: Developing a Strategy for Prevention, Detection, and Response…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Accounting Fraud

  Case 31: Bankgesellschaft Berlin (Germany, 2001)

  Prof. Dr. Klaus Henselmann, Dr. Stefan Hofmann

  …mix of businesses made it difficult for the supervisory board of the parent institution to maintain control and insist on clear risk reporting from… …the assignment of shares in various real estate funds (the so-called “VIP funds”), with which the entire risk was removed for each investor. The… …admitted it could not complete its 2000 accounts because of the ongoing investiga- tion and deep uncertainties about the potential risk in the… …second transaction in December 2001, the severely cash-strapped state provided another EUR 21.6 billion in risk guarantees (the so- called “risk shield”)… …, management was not able to uncover the full extent of the bank’s risk exposure or to push through the necessary changes. In November 2001, the BGB board… …BGB’s risk management was insufficient and that its risk provisions had to be revised upwards. But he had sounded the alarm in vain. BGB asked him to… …learned from the BGB debacle was that politicians and bank risk management don’t mix well. The new BGB chairman, Hans-Joerg Vetter, put forward a plan…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Global Management Challenges for Internal Auditors

  Continuous Auditing: Myth and Reality

  Adrian Garrido

  …risk? – In fact, what is exactly the meaning of “continuous”? Are we talking about real-time, daily or monthly activities? – Finally and most… …systems) that a project to monitor a business or a specific process runs the risk of becoming irrelevant even before having ended because the risks intended… …that follows two lines of work: – A Risk Assessment Module which receives information on a monthly basis re- garding risk factors (operational and… …be reviewed through physical audits, as well as the customers whose credit risk will be remotely analyze by means of another specific module. – A… …“false friends” in referring to ideas which appear very appealing at a theoretical level but can lead us down high risk paths if they are not properly… …that of obtaining shorter cycles that are more flexible and have a greater focus on risk. 4. Continuous Auditing is entirely based on Technology… …information 6.3 A (mainly) Qualitative Assessment of the Risks and Selection of the “Focal Points” The next stage is a Risk Assessment process (another… …what extend this data implies the appear- ance of new priorities or risks. In many cases, the methodologies for Risk Assessment involve numeric… …ranking by risk level. Continuous Auditing: Myth and Reality 89 Although these kinds of models work well for certain types of very homogeneous… …impacts). Obviously, the identification of these types of aspects as risk areas to be considered within an Audit Plan is not something new. But, the…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Controlling und Corporate Governance-Anforderungen

  Anforderungen des Sarbanes-Oxley Act an das Interne Kontrollsystem der SAP

  Werner Brandt, Luka Mucic

  …IT bestand. Ab 2003 kam zu diesen Bereichen ergänzend die neu gegründete Abteilung Global Risk Management hinzu, in der SAP die Verantwort- lichkeiten… …für den Aufbau und Betrieb eines ganzheitlichen Enterprise Risk Mana- gement Systems, die globalen Versicherungsprogramme der SAP-Gruppe sowie die… …Prozesse mit hohem Quali- tätsanspruch. Der Gesamtprozess wurde daher seit 2003 zentral von der Abteilung „Global Risk Management“, unterstützt durch die… …Gestaltung einer ad- äquaten Organisationsstruktur. Hierzu wurde das innerhalb der Abteilung „Global Risk Management“ für die zentrale Koordination des… …2007 gemeinsam mit dem Bereich „Global Risk Management“ und dem Bereich Corporate Security der SAP in eine Globale Governance, Risk- und Compliance… …Hinsicht hat die SAP – koordiniert durch die Abteilung „Global Risk Management“ – auf Basis des „COSO II“-Standards7 unternehmensweit ein einheitliches… …, integriertes Enterprise Risk Management System aufgebaut, in das die Dokumentations- und Bewertungsprozesse von „MIC@SAP“ eingebettet wur- den.8 Im Rahmen des… …Enterprise Risk Management Systems der SAP finden regel- mäßige Risiko Assessments für eine Vielzahl strategischer (z.B. M&A-Projekte) und operativer (z.B… …eine integrierte und globale Sichtweise auf die Themenkomplexe Governance, Enterprise Risk Management und Compliance. Informationstechnologie Um… …Kontroll- systems der SAP zu implementieren. Darüber hinaus wurde eine interne Risikoma- nagementapplikation „Operational Risk Management (ORM)“ realisiert…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Leitfaden zur Prüfung von Projekten

  Projektbegleitende Revision in den einzelnen Projektphasen

  DIIR – Deutsches Institut für Interne Revision e. V., Robert Düsterwald, Susanne Fries-Palm, Michael Peis, u.a.

  …sind dies: � Die Vollumfängliche Projektbegleitung � Die Audit-Serie � Der Advisory Service bzw. das Risk Screening Dabei nimmt der Aufwand der… …Revision von der Vollumfänglichen Projekt- begleitung hin zum Risk Screening ab. In der Praxis kommen immer wieder Mischformen vor. 6.4.1 Vollumfängliche… …zu Beginn einer jeden Einzelprüfung auf eine angemessene Aktualisierung projektspezifischer Informationen zu achten. 6.4.3 Risk Screening Das Risk… …wichtiger Projekte, für die eine Prüfung im eigentlichen Sinn (noch) nicht vorgesehen ist. Beim Risk Screening eines Projektes lässt sich die Interne… …Interne Revision ohne größere Vorerhe- bungsphase in der Lage, kurzfristig ein solches durchzuführen. Vorteile von Risk Screening Risk Screening ist eine… …hocheffiziente Form der Projektbegleitung. 111 Formen der projektbegleitenden Revision Risiken von Risk Screening Da Risk Screening aufgrund seiner… …Block anfällt. Wird dies vernachlässigt, leidet die Informationsaufnahme. Zudem wird Risk Screening meist parallel zu Arbeiten an einer ,regulären‘… …vernachlässigen. Empfehlungen Risk Screening empfiehlt sich bei der Begleitung besonders risikobehafte- ter, unternehmenswichtiger Projekte, für die eine Prüfung… …ist es sinnvoll, beim Risk Screening den Revisionsmitarbeiter in den Informationsfluss des Projektes fest einzubinden, der im Fall der Fälle auch die… …Projektbegleitung Neben den genannten Formen kann es Mischformen geben. Als Beispiel sei hier nur die Audit-Serie mit Risk Screening genannt: Ein für das…

  Alle Treffer im Inhalt anzeigen
• eBook-Kapitel aus dem Buch Controlling und Corporate Governance-Anforderungen

  Governance im Finanz- und Treasurymanagement bei Nichtbanken

  Christian Engelbrechtsmüller

  …empfehlenswerte Praxis angesehen wird.7 Ein unternehmensweites Risikomanagement (Enterprise Risk Management) ist für das Committee of Sponsoring Organizations of… …zu gewährleisten“.8 Der Prozess umfasst die Komponenten Risikoidentifikation (event identification), Risikobeurteilung (risk assessment)… …, Risikosteuerung (risk response) und Information und Kommuni- kation (information and communication). Risikomanagement enthält auch die Fest- legung der… …Integrated Framework (COSO I) und dem Enterprise Risk Manage- ment – Integrated Framework (COSO II) global anerkannte betriebswirtschaftliche Empfeh- lungen… …relationship management – Management reporting – Management of controls and risk – Tax reporting and payments – Accounting for financial Instruments –… …treasury). Capital Markets and Funding Cash and Liquidity Management Corporate Financial Management Risk Management Treasury… …and operatio- nal risk – Commodity risk – Credit risk – Exotic risk – Foreign ex- change risk – Interest rate risk – Managing risk –… …Pension risk – Control and reporting – Policy and objectives – Technology and systems – Treasury organization – The treasury professional… …. Cash and Liquidity Management, Risk Management und Treasury Operations and Control werden regelmäßig als besonders wichtig wahrge- nommen, wobei die… …der Ebene der Geschäftslei- tung vor. Die Einführung eines Risk Advisory Directors innerhalb der Geschäfts- leitung, der sich auf Risikofragen…

  Alle Treffer im Inhalt anzeigen