Training Courses

CSA100: Implementing Control Self Assessment

CPE credits: 7.5

Description: Control self-assessment (CSA) is a methodology that can be used by managers and control professionals to assess the adequacy of an organization’s risk management and control processes. Control Self Assessment increasingly is being recognized by businesses as a powerful tool that can help auditors, management, and others examine and assess business processes and control effectiveness within their organizations.

Organizational control professionals can utilize CSA to gather relevant information about risks and controls, for focusing the audit/assessment plan on areas of high risk or concern, and to encourage greater collaboration with operating managers and work teams.

Audience: This seminar is intended for anyone charged with designing or implementing processes aimed at creating organizational change, with a requirement to understand the impact which improper control procedures have on organizational behavior, culture, and business practices, and individuals responsible for assessing their organization's internal control structures, governance and compliance programs.

Professionals who may also benefit by attending this seminar include; internal and external auditors, General Counsels, Chief Information Officers, Chief Security Officers, Controllers, Chief Privacy Officers, Corporate Ethic Officers, Human Relations professionals, and InfoSec professionals, interested in obtaining a better understanding of and general introduction to, implementing control self assessment within existing workplace environments.

Prerequisites: There is no prerequisite for this seminar.

Objectives: Individuals attending this seminar will be exposed to a formal, documented process that allows management and internal audit professionals to:

Discover how your organization can use CSA when conducting internal audits.
Understand what CSA is and what it is not
Identify the correct procedures, time requirements, and the resources (people and software) needed to conduct an effective CSA.
Evaluate your organization's culture
Identify risk factors and significant control exposures which may exist through out organizational infrastructure.
Discover how CSA can lead to proper process mapping of operational risks within your organization.
Assess the control processes that mitigate or manage those risks.
Develop action plans to reduce risks to acceptable levels.
Use an evaluative instrument designed to assess organizational culture as it relates to CSA.
Determine the likelihood of, or assist in, the achievement of business objectives.
Understand how to use a framework in CSA.
Understand how organizations are reporting CSA results.
Be familiar with the resources CSA implementation requires.

A critical message to be delivered during this seminar is that internal control is, to some degree, everyone’s responsibility, and that a solid CSA methodology and strategy provides a means to achieving this organizational-wide objective.

Course Outline:

The Control Self Assessment Goals

Relationship Between Goals, Risks, and Controls

Control Frameworks:

Enterprise Risk Management
COSO
COCO
Cadbury
COBIT

Control Self Assessment Process

Control Self Assessment Approaches

Risk
Process
Objective
Control
Departmental

Requirements to Shift from Interviews to Self-Assessment Processes

CSA Implementation Issues: What Does It Take to be Successful?

The Most Common Approaches to Performing CSA Activities

The Value of CSA to Financial Statement Audits

Risk Control Self Assessment

Process Assessments

Implementing Control Self Assessment – The Basic Steps

Assessment Methodologies

Assessment Tools

Developing Control Self-Assessment Questionnaires

Evaluation/Analytical Tools and Techniques

Best Practices

Summary

Dr. Marcella’s seminar is based on findings from his book, Certification in Control Self Assessment, published by the Institute of Internal Auditors, ISBN 0-89413-535-X.

www.businessautomationconsultants.com/published-books.html

Back to training courses.

IT Management Consulting, Training Services, and Audit & Security Reviews Since 1984