CPE Credits: 7.5
Description:
Control self-assessment (CSA) is a methodology that can be used by managers and control professionals to assess the adequacy of an organization’s risk management and control processes. Control Self Assessment increasingly is being recognized by businesses as a powerful tool that can help auditors, management, and others examine and assess business processes and control effectiveness within their organizations.
Organizational control professionals can utilize CSA to gather relevant information about risks and controls, for focusing the audit/assessment plan on areas of high risk or concern, and to encourage greater collaboration with operating managers and work teams.
Audience:
This seminar is intended for anyone charged with designing or implementing processes aimed at creating organizational change, with a requirement to understand the impact which improper control procedures have on organizational behavior, culture, and business practices, and individuals responsible for assessing their organization's internal control structures, governance and compliance programs.
Professionals who may also benefit by attending this seminar include; internal and external auditors, General Counsels, Chief Information Officers, Chief Security Officers, Controllers, Chief Privacy Officers, Corporate Ethic Officers, Human Relations professionals, and InfoSec professionals, interested in obtaining a better understanding of and general introduction to, implementing control self assessment within existing workplace environments.
Prerequisites:
There is no prerequisite for this seminar.
Objectives:
Individuals attending this seminar will be exposed to a formal, documented process that allows management and internal audit professionals to:
- Discover how your organization can use CSA when conducting internal audits.
- Understand what CSA is and what it is not
- Identify the correct procedures, time requirements, and the resources (people and software) needed to conduct an effective CSA.
- Evaluate your organization's culture
- Identify risk factors and significant control exposures which may exist through out organizational infrastructure.
- Discover how CSA can lead to proper process mapping of operational risks within your organization.
- Assess the control processes that mitigate or manage those risks.
- Develop action plans to reduce risks to acceptable levels.
- Use an evaluative instrument designed to assess organizational culture as it relates to CSA.
- Determine the likelihood of, or assist in, the achievement of business objectives.
- Understand how to use a framework in CSA.
- Understand how organizations are reporting CSA results.
- Be familiar with the resources CSA implementation requires.
A critical message to be delivered during this seminar is that internal control is, to some degree, everyone’s responsibility, and that a solid CSA methodology and strategy provides a means to achieving this organizational-wide objective.
Course Outline:
The Control Self Assessment Goals
Relationship Between Goals, Risks, and Controls
Control Frameworks:
- Enterprise Risk Management
- COSO
- COCO
- Cadbury
- COBIT
Control Self Assessment Process
Control Self Assessment Approaches
- Risk
- Process
- Objective
- Control
- Departmental
Requirements to Shift from Interviews to Self-Assessment Processes
CSA Implementation Issues: What Does It Take to be Successful?
The Most Common Approaches to Performing CSA Activities
The Value of CSA to Financial Statement Audits
Risk Control Self Assessment
Process Assessments
Implementing Control Self Assessment – The Basic Steps
Assessment Methodologies
Assessment Tools
Developing Control Self-Assessment Questionnaires
Evaluation/Analytical Tools and Techniques
Best Practices
Summary
Dr. Marcella’s seminar is based on findings from his book, Certification in Control Self Assessment, published by the Institute of Internal Auditors, ISBN 0-89413-535-X.