Governance
23
GOVERNANCE
-
Upload
cat-valentine -
Category
Documents
-
view
214 -
download
0
description
Internal auditing and assurance services chapter 3
Transcript of Governance
GOVERNANCE
LEARNING OBJECTIVES
Define governance and contrast the different roles and responsibilities within governance.
Articulate the different enterprise wide governance principles.
Describe the changes in regulations and how governance has evolved into its present state.
Describe the role of the internal audit function in the governance process.
Know where to find information about governance codes and regulations from countries around the world.
Governance
Is the process conducted by the board of directors to authorize, direct, and oversee management toward the achievement of the organization’s objectives.
Corporate governance involves a set of relationships between a company’s management, its board, its shareholders, and other stakeholders. It also provides a structure through which the objectives of the company are set, and the means of attaining those objectives and monitoring performance are determined.
Strategic Decision – The board is responsible for providing strategic direction and guidance relative to the establishment of key business objectives, consistent with the organization’s business model and aligned with stakeholder priorities.
Governance Oversight – focuses on the board’s role in managing and monitoring the organization’s operations.
KEY POINTS
1. Governance begins with the board of directors and its committees.
2. The board must understand and focus on the needs of key stakeholders.
3. Day-to-day, governance is executed by management of the organization.
4. Internal and external activities provide management and the board with assurances regarding the effectiveness of governance activities.
ROLES AND RESPONSIBILITIES WITHIN GOVERNANCE, THE BOARD, AND ITS COMMITTEES Stakeholders can be viewed as having one
or more of the following characteristics:1. directly involved in the operation of the organization’s business. (DIRECTLY INVOLVED)2. not directly involved, but are interested in the organization’s business. (INTERESTED)3. neither directly involved nor interested in the organization’s business, but these stakeholders nonetheless influence the organization (INFLUENCE)
Common Stakeholders
Employees Customers Vendors Shareholders/Investors Regulatory Agencies Financial Institutions
Types of outcomes
Financial Compliance Operations Strategic
RISK APPETITE – The amount of risk, on a broad level, an organization is willing to accept in pursuit of its business objectives.
RISK TOLERANCE – The acceptable levels of risk size and variation relative to the achievement of objectives, which must align with the organization’s risk appetite.
The board can best execute its governance responsibilities by:
Establishing a governance committee.
Articulating requirements for reporting to the board.
Reevaluating governance expectations periodically
To execute its governance responsibilities, senior management is responsible for:
Ensuring that the full scope of direction and authority delegated is understood appropriately.
Identifying the processes and activities within the organization that are integral to executing the governance direction provided by the board.
Evaluating what other business considerations or factors might create a justification for delegating a lower tolerance level to risk owners than that delegated by the board.
Ensuring that sufficient information is gathered from the risk owners to support its reporting requirements to the board.
The senior management can best execute its governance responsibilities by: Establishing a risk committee. Articulating reporting requirements. Reevaluating governance
expectations periodically.
RISK OWNERS
The responsibilities of risk owners include: Evaluating whether the risk management activities
are designed adequately to manage the related risks within the tolerance levels specified by senior management.
Assessing the ongoing capabilities of the organization to execute those risk management activities.
Determining whether the risk management activities are currently operating as designed
Conducting day-to-day monitoring activities Ensure accurate information that are readily
available to senior management and the boards
RISK OWNERS
The risk owners can best execute its governance responsibilities by:
Presenting governance recommendations to the risk committee.
Reevaluating risk management activities periodically.
ASSURANCE ACTIVITIES
The internal audit function’s governance responsibilities may include any or all of the following:
The internal audit function’s governance responsibilities may include any or all of the following:
THREE LINES OF DEFENSE MODEL
