Database Reference
In-Depth Information
Summary
Risk Assessment and Control Verification activities are critical for the management
to ensure that the organization achieves its objectives. These activities require
executive management sponsorship, a structured framework, workflow-based
systems, and business intelligence tools.
Most organizations perform risk assessment at least once a year to evaluate
enterprise risks for many different perspectives, such as strategic risk, operational
risk, compliance risk, IT risk, and frauds. The management also checks and verifies
the controls, which mitigate the risks to an acceptable level for the organization.
Organizations subject to Sarbanes-Oxley law require the management to assess and
certify that the internal controls over financial statements are design and operating
effectiveness every quarter as the financial results are disclosed publically.
Generally, the internal controls management function is managed through a
Program Management Office established by the Chief Financial Officer. The Chief
Audit Executive and the Audit Department review the results of the assessment, and
perform their risk assessment and audit independent of the management assessment.
Search WWH ::
Custom Search