Code Date City Venue Fees
AG001 23 - 27 Sep 2019 New York - USA TBA $6,950 Register
TBA* = To be Announced   |  All fees are exclusive of VAT
Home » Seminars » Management & Leadership » Auditing Corporate Governance

Introduction

Corporate Governance is now one of the hottest topics in the business world. It is both a regulatory requirement and a business enabler.

But do you know whether your Corporate Governance activities are extracting maximum value? If not, this is probably because your Internal Audit team have not assessed this key topic.

This audit approach is crucial as the Board and the Audit Committee need comprehensive assurance about this strategic business process.

This GLOMACS Training seminar on will provide all the tools and techniques essential to audit the complex and wide-ranging field of Corporate Governance. It will help you ensure that you are applying the very best practices and meet all regulatory requirements

This GLOMACS training seminar will highlight

  • The techniques for assessing Governance risks
  • A proven method for analysing Governance controls
  • The 15 key Governance Board risks to be reviewed
  • The ways to audit IT Governance
  • The approach to review keys issues of Corporate Social responsibility and reputation management

Objectives

After completing this GLOMACS training course on Auditing Corporate Governance, you will be able to:

  • Audit the risk management process
  • Meet stakeholder expectations regarding Corporate Governance (CG)
  • Assess the effectiveness of business continuity planning
  • Assist the Audit Committee in their Corporate Governance (CG) role
  • Assess sustainability and environmental governance
  • Audit joint ventures and partnerships

Training Methodology

  • This is a basic/intermediate level course and delegates are not required to have any previous experience in fraud prevention or detection to attend
  • Delegates should have a good educational standard and/or a professional qualification
  • No advance preparation is required
  • Delivery method – Group-live (with exercises and role-plays to simulate audit scenarios and situations that assurance professionals will encounter)
  • A short examination will be given at the end of the course

Organisational Impact

This GLOMACS training course will benefit organisations in all business sectors. It will provide the basis for a systematic and thorough independent review of all key aspects of Corporate Governance and provide the Board and senior management with a clear picture of the maturity of the process.

The course will enable organisational knowledge to be enhanced in the following areas:

  • Corporate Governance requirements and recent changes
  • Gaps and challenges which need to be dealt with
  • The overall maturity of the CG process
  • The areas where increased vigilance is required
  • The efficiency and ownership of the process

Personal Impact

This GLOMACS training course will enable delegates to enhance their personal knowledge in the following disciplines:

  • Scoping a Governance audit
  • Auditing the ERM process
  • Auditing complex areas such as the audit Committee role in Governance
  • Assessing CG controls
  • Engaging senior management

Who Should Attend?

This GLOMACS training course is suitable to a wide range of professionals but will greatly benefit:

  • Lead Auditors
  • Senior Auditors
  • Audit Managers and those about to be appointed to that role
  • Assurance providers that need a greater understanding of Corporate Governance
  • Managers needing a broader understanding of how to review Governance maturity

Seminar Outline

Day 1    The Corporate Governance requirements

The key aspects of Corporate Governance

  • What is Corporate Governance
  • 6 core principles of governance
  • The governance warning signs
  • New corporate governance insights paper will be shared
  • Auditing Corporate Governance – new guidance
  • Meeting Stakeholder requirements
  • How the organisation is managed on behalf of the stakeholders
  • The key parties within Governance
    • Audit Committee
    • The Board
    • Regulators
    • Customers
    • Suppliers  
  • A new Governance and accountability tool will be shared
  • Developing a terms of reference for the assignment
  • A new audit programme will be shared
  • New guide on IA standard 2120
  • Corporate governance statements

Exercise 1– The challenges in carrying out a Governance Audit

Governance assessment techniques

  • COSO advisory paper – improving organizational performance and Governance
  • Governance and strategy
  • Governance models
  • Codes of Governance requirements
  • Financial reporting implications
  • International versus national Governance criteria
  • The 3 lines of defence
  • Who should cover what?

Exercise 2– Determining the Governance framework in place

The Business environment

  • The standards, processes, and structures
  • The tone at the top regarding the importance of internal control
  • Expected standards of conduct.
  • Management reinforcement of expectations across the organization.
  • The integrity and ethical values of the organization
  • The governance oversight responsibilities
  • The assignment of authority and responsibility
  • The process for attracting, developing, and retaining staff
  • Establishment of performance measures, incentives, and rewards

Exercise 3– Evaluating the business environment

Analysing and assessing the effectiveness of Governance controls

  • Business process analysis techniques
  • Process objectives and risk
  • The need to understand the business objectives
  • Developing a programme to reflect these objectives
  • Defining and measuring strategic objectives
  • Determining process components
  • The link between objectives and risk
  • The link between risks and controls
  • Process and business system controls
  • The link between inputs and outputs
  • Trigger events

Exercise 4– Building a picture of the Governance controls

Day 2 Preparing for the Governance audit

Scoping a Governance audit

  • Governance Structure
  • Reporting lines
  • Strategy and risk appetite
  • Leadership and Culture
  • 3 lines of defence process
  • Communication with regulators
  • Escalation
  • Delegated authorities
  • Whistleblowing
  • Accountabilities
  • Data integrity
  • Commitment to governance
  • Policies

Exercise 5– Scoping the Governance audit

The need for Governance Audit of the Board

  • The key role of the Board in Governance
  • The need to assess the risks at this level
  • Determining the key risks and causes
  • The audit approach in this sensitive area
  • How to gather the evidence

The 15 key Governance Board risks to be reviewed

  • The actions of the Board are taken without due consideration of the impact on the organisation and the stakeholders
  • Independent members of the Board are unable to give robust challenge to the executive/senior management
  • The Board does not have sufficient, complete or timely information on which to base its decisions.
  • The Board is not monitoring or taking action on the most significant risks to the organisation
  • Evidence of the decisions made by the Board, including the challenge process, is not is not transparent
  • Actions agreed by the Board are not implemented on a timely basis.
  • Committees set up by the Board may not fulfil their obligations or there are too many committees such that the oversight is fragmented
  • The Board is not effective in covering the risks relating to remote sites or does not have responsibility/oversight for all parts of the organisation.
  • Policies, procedures and projects are not aligned to the organisation’s objectives
  • The culture of the organisation is not sufficiently defined or does not support the organisation in achieving its objectives.
  • Risks are accepted or taken which are outside of the organisation’s risk appetite.
  • The organisation’s risk appetite may conflict with the objectives and values of the organisation
  • In the event of a significant incident here is an adverse effect on the wider economy or society.
  • The governance requirements of any regulatory or legislation requirements are not met leading to increased regulatory sanction, censure or closure of a business.
  • Communications from the Board are not effective such that parts of the organisation may not be operating in line with board expectations and may not support the organisation in achieving its objectives.

Exercise 6– Evaluating Board Governance

Auditing the overall risk management process

  • Establishing the position regarding RM in the business
  • Establish corporate targets and monitor overall progress
  • Risk management using ISO 31000 paper from IIA
  • Keeping the Board apprised of the most significant risks
  • Assessment of RM capabilities
  • Strategic risk assessment
  • Review of risk evaluations in each function
  • Ensuring actions to treat exposures implemented
  • Ensuring all functions evaluate their risks consistently
  • Evaluating the results and challenging where necessary
  • Identification of exposures
  • Reviewing risk registers
  • Imperatives for change – RBA planning
  • Basing audit programme on most significant risks
  • Comparing perceived versus actual controls
  • A Risk management evaluation tool will be provided

Exercise 7 – The audit of the overall risk environment

Evaluating risk appetite

  • Evaluating the risk appetite statement
  • Defining risk limits
  • The Risk profiling
  • Ensuring the risk appetite is defined for each type of risk
  • Ensuring target risk for each event

Exercise 8 – Evaluating the risk appetite

Day 3   Reviewing the key aspects of Governance

Auditing the Audit Committee process

  • The Audit Committee role
  • Structure and independence
  • Does the Committee approve (but not direct) internal audit strategy, plan and performance?
  • Does the Committee review summary IA reports and the main issues arising and seek assurance that action has been taken
  • How does the Committee consider the reports of external audit and other external agencies?
  • How are the effectiveness of relationships between IA and EA and other bodies reviewed
  • How are the effectiveness of the risk management environment and anti-fraud arrangements assessed
  • The Audit Committee / IA relationship
  • New paper on how the Audit Committee should assess IA
  • Case study and audit programme will be provided
  • How does the Committee satisfy itself that assurance statements and the annual statement of accounts properly reflect the risk
  • An Audit Committee checklist will be shared
  • Audit Committee report example

Exercise 9 –The Audit Committee challenges 

Auditing Reputation 

  • The rise of reputation as a key risk
  • The increasing importance of a positive image – the need to be admired
  • Where does reputation come from?
  • How do you measure it?
  • The magnifying effect on reputation of business failures
  • Global brands
  • How to judge reputation
  • The explosion of regulation and external assurance
  • Identifying reputational risks
  • Identifying Reputational Risks
  • A checklist for reviewing reputational risk will be provided to all delegates

Exercise 10 –Auditing reputational risk

Corporate Social Responsibility

  • The increasing importance of Corporate Social Responsibility (CSR)
  • New IIA standard 2110 re auditing of ethics
  • What constitutes CSR
  • The wider aspects of CSR and the implications for IA
  • Doing responsible things responsibly
  • A paper on auditing ethics will be provided
  • Redefining IA role with CSR in mind
  • An audit framework
  • How to audit CSR – key steps
    • Is communication with main stakeholders taken seriously?
    • Are the expectations of these stakeholders accurately understood, and what are the risks that these will not be met?
    • Are opportunities taken to develop the ethical reputation of the business?
    • How do we ensure that staff have and display the right attitudes?
    • Has the business assessed its reputation for social responsibility and its impact on our business prosperity?
    • Is the Board, and in particular the Chief Executive, sensitive and responsive to the concerns of customers

Exercise 11–The CSR audit challenges

Sustainability and environment audit

  • The need for environmental auditing
  • The key requirements for sustainability of resources
  • Why environmental audit is valuable even if you do need to comply with ISO 14001
  • Carrying out an environmental site review
  • Reviewing the audit trails
  • Meeting regulatory requirements
  • Ensuring consistency

Exercise 12 –Challenges of environmental audit

Day 4    Auditing other key Governance activities

Auditing IT Governance

  • Global Technology Audit Guides (GTAG’s)
  • The need to determine the boundaries
  • Defining the IT audit universe
  • Focus on high risk areas
  • Assess IT vulnerabilities
  • Target areas where you are focusing on process rather than technical aspects
  • Use of audit frameworks such as CoBIT and ISO 27000
  • IIA new standard on IT Governance
  • Risk based audit of general controls (GAIT)
  • IIA guidance re GAIT
  • An ISO 27000 audit checklist will be shared

Exercise 13 – Challenges of IT Governance audit

Auditing Joint ventures and partnerships

  • Ensuring that there is a risk strategy for JV’s
  • What protocol is in place?
  • What is the review mechanism?
  • Is it effective?
  • What frequency is there for review by management?
  • What mechanism is there to guide management in attending JV meetings
  • Does anyone know the number of JV’s and partnerships you are involved in and how much money and other resources are invested in them
  • Has each JV been risk reviewed

Reviewing a current JV or partnership

  • Rationale
  • Added Valu
  • Decision making
  •  Performance
  •  Finance
  •  Problems
  • Termination

Exercise 14 Select two  JV’s or partnerships – one you regard as successful and another less so. Complete the checklist and try to identify the main differences

Auditing Business Continuity Planning

  • The importance of BCP
  • The need to recognize BCP is not just about IT recovery
  • Reviewing the different types of disaster – have all been considered?
  • Does the organization’s leadership understand the current business continuity risk level and the potential impacts of likely degrees of loss?
  • Can the organization prove the business continuity risks are mitigated to an approved acceptable
  • Are they tested effectively?
  • Is the Board well set up to respond swiftly and capably in a crisis?
  • The transition from an emergency to a disaster and the questions to ask at each stage
  • Is there an appropriate contingency plan ready to be used to manage a crisis?
  • Communication testing
  • Alternative site testing
  • A paper on BCP resilience will be shared

Exercice 15 –BCP audit discussion

Day 5    Auditing Technology Governance and regulatory compliance

Reviewing key controls over technology

  • Risk and Control Matrices to Document Technology Dependencies
  • Evaluating End-User Computing
  • Implementing or Monitoring Control Activities when Outsourcing IT Functions
  • Configuring the IT Infrastructure to Support Restricted Access and Segregation of Duties
  • Configuring IT to Support the Complete and Accurate Processing of Transactions and Data
  • Administering Security and Access
  • Applying a System Development Life Cycle over Packaged Software

Exercise 16 – Assessing technology controls

Assessing management information governance

  • Inventory of Information Requirements
  • Validating Information from External Sources
  • Information from Non-Finance Management
  • Creating and Maintaining Information Repositories
  • Enhancing Information Quality Though a Data Governance Program
  • Identifying, Protecting, and Retaining Financial Data and Information
  • Adoption of ISO 27000

Exercise 17 – Assessing information management

Communication internally and externally

  • External Financial Reporting disciplines
  • Responsibilities and Guidelines for Communication to the Board of Directors
  • Communicating a Whistle-Blower Program to Company Personnel
  • Communicating through Alternative Reporting Channels
  • Establishing Cross-Functional and Multidirectional Internal Control Communication
  • Surveys for external parties

Exercise 18 – Assessing communication management

Ongoing evaluations to ascertain whether the components of internal control are present and functioning

  • Develop a baseline for effective internal control processes
  • Case study will be provided
  • Have a mix of evaluations from different sources
  • Use the most knowledgeable personnel
  • Adjust scope and frequency
  • Change the monitoring processes as the business activities and risk profile changes
  • Develop metrics
  • Consider a continuous monitoring/ audit approach

Exercise 19– Determining a continuous governance   assessment process

 

 

 

 

In Association With

Oxford Management Centre

Oxford Management Centre

A GLOMACS - Oxford Management Centre collaboration aimed at providing the best training services and benefits to our valued clients

Visit website

You may also be Interested in...

Home » Seminars » Management & Leadership » Auditing Corporate Governance

VAT Announcement: The Government of UAE have introduced Value Added Tax (VAT) on goods and services from 01-January-2018. In compliance with the legislation issued by the UAE Government, we will be applying a 5% VAT on the fees for all our programs and services offered from January 2018 as applicable and stipulated in the FTA circulars.

© 2018. Material published by GLOMACS shown here is copyrighted.

All rights reserved. Any unauthorized copying, distribution, use, dissemination, downloading, storing (in any medium), transmission, reproduction or reliance in whole or any part of this course outline is prohibited and will constitute an infringement of copyright.

DMCA.com Protection Status

Send to Colleague

© 2018. Material published by GLOMACS shown here is copyrighted.

All rights reserved. Any unauthorized copying, distribution, use, dissemination, downloading, storing (in any medium), transmission, reproduction or reliance in whole or any part of this course outline is prohibited and will constitute an infringement of copyright.





Sending your message. Please wait...

Send Successfully

There was a problem sending your message. Please try again.

Please complete all the fields in the form before sending.

Print Page

© 2018. Material published by GLOMACS shown here is copyrighted.

All rights reserved. Any unauthorized copying, distribution, use, dissemination, downloading, storing (in any medium), transmission, reproduction or reliance in whole or any part of this course outline is prohibited and will constitute an infringement of copyright.








Sending your message. Please wait...

Close

There was a problem sending your message. Please try again.

Please complete all the fields in the form before sending.

Download PDF

© 2018. Material published by GLOMACS shown here is copyrighted.

All rights reserved. Any unauthorized copying, distribution, use, dissemination, downloading, storing (in any medium), transmission, reproduction or reliance in whole or any part of this course outline is prohibited and will constitute an infringement of copyright.








Sending your message. Please wait...

Close

There was a problem sending your message. Please try again.

Please complete all the fields in the form before sending.

Download Training Calendar

Want to stay in touch with what's happening in Glomacs?
Join the conversation on our social media channels:

Facebook Twitter LinkedinYouTube