Upload
rowell-casas
View
236
Download
0
Embed Size (px)
Citation preview
8/6/2019 Rdc Presentation
1/15
MANAGEMENT SYSTEMS DEPARTMENT
Norkis Group of Companies
2008-09-A2-RDC-01
September 10, 2008
Internal
ControlSystem
8/6/2019 Rdc Presentation
2/15
INTERNAL CONTROL
//a process designed and effected by those charged withgovernance, management, and other personnel to provide
reasonable assurance about the achievement of the
entitys objectives//
Purpose:
reliability of financial reporting
effectiveness and efficiency of operations
compliance with applicable laws and regulations
8/6/2019 Rdc Presentation
3/15
3.4 REGULATIONS
3.5 POLICIES
3.6 RISK ASSESSMENT
O U T L I N E:
Internal Control System
8/6/2019 Rdc Presentation
4/15
3.4 REGULATIONS
Securities and Exchange Commission Acts
to oversee the setting of GAAP for publicly traded
companies
convey the authority to investigate cases of suspected
financial fraud and to censure companies from trading
Internal Control System
8/6/2019 Rdc Presentation
5/15
Foreign Corrupt
Practices Act (1977)
requires SEC companies to maintain an internal controlsystem with reasonable assurance that organizations
objectives are being met, and even providing penalties
for violations
3.4 REGULATIONS
Internal Control System
8/6/2019 Rdc Presentation
6/15
Copyright Laws
protect intellectual property
management is legally responsible for violations of the
organization
IS auditors responsibility: be aware of such risks
communicate these risks
review software implementation
develop adequate control procedures
incorporate appropriate techniques/tools in audit programs to detect
unauthorized use of software
3.4 REGULATIONS
Internal Control System
8/6/2019 Rdc Presentation
7/15
Sarbanes-Oxley Act (2002)
state the responsibility of management for establishing
and maintaining an adequate internal control structureand procedures
contain an assessment of the effectiveness of internal
structure and procedures
3.4 REGULATIONS
Internal Control System
8/6/2019 Rdc Presentation
8/15
Environmental Laws
laws regarding environmental issues that affect many
organizations. Internal auditors must be cognizant ofany applicable environmental laws due to stiff penalties
and negative public image that result from violations
3.4 REGULATIONS
Internal Control System
8/6/2019 Rdc Presentation
9/15
3.5 POLICIES
System Development Life Cycle Policysegregates processes of systems development, usage and
maintenance
Systems Usage Policyfocus on identifying t e aut orized uses of computer
resources
Internal Control System
8/6/2019 Rdc Presentation
10/15
3.5 POLICIES
Security Policyemp asize all stake olders t at information and data are
not just computer files, t ey are assets t at ave a value
Password Policya strategic advantage in maintaining strong internal
controls and elps to minimize adverse events suc
as computer crime and fraud
Internal Control System
8/6/2019 Rdc Presentation
11/15
3.5 POLICIES
E-mail Policydescribes appropriate use of corporate
e-mail resources.
Bus. Recovery Policyinclude adequate planning for business recovery of systems,
disaster recovery and incident
response plan
Privacy Policy
information about individuals, eit er personal data or data
about actions
Internal Control System
8/6/2019 Rdc Presentation
12/15
3.6 RISK ASSESSMENT
/a critical step in building an effective internalcontrol system that has the ability to manage
undesirable events/
/Internal audit activity should assist the organization
by identifying and evaluating significant exposures to
risk and contributing to the improvement of risk
management and control systems/
Internal Control System
8/6/2019 Rdc Presentation
13/15
3.6 RISK ASSESSMENT
INTERNAL RISKS
Internal Control System
WHO?
disgruntled employees
management employees with
personal problems
WHAT? malicious activities
accidents
ineffective accountability
8/6/2019 Rdc Presentation
14/15
3.6 RISK ASSESSMENT
EXTERNAL RISKS
Internal Control System
WHO?
hackers
crackers intruders
WHAT?
remote access
viruses
computer crimes
theft/robbery
8/6/2019 Rdc Presentation
15/15
CHIEF EDITOR
GRAPHIC ARTIST
PHOTOGRAPHER
CONTRIBUTOR
EDITORIAL STAFF
HEADLINERSThe official publicationof Mgt. Systems Dept.
Maraming salamat po.