Revision as of 19:08, 10 March 2012 editMarcGarver (talk | contribs)Autopatrolled, Extended confirmed users, New page reviewers, Pending changes reviewers, Rollbackers38,354 edits Create | Revision as of 19:08, 10 March 2012 edit undoMarcGarver (talk | contribs)Autopatrolled, Extended confirmed users, New page reviewers, Pending changes reviewers, Rollbackers38,354 editsm oops = remove sandboxNext edit → | ||
Line 1: | Line 1: | ||
{{User sandbox}} | |||
'''Control self-assessment''' is a technique used by an organisation to assess its risk management and control processes. The results of the self-assessment are often used to design new or change existing procedures to reduce the probability of risks occurring. Internal auditors may use a control self-assessment to focus audit work on high risk or unusual areas.<ref>{{cite web|url=http://www.theiia.org/training/index.cfm?act=seminar.detail&semID=38|title=Control Self-assessment: An Introduction|publisher=]|accessdate=2012-03-10}}</ref> There are a number of ways a control self-assessment can be implemented but its key feature is that the evaluation of the effectiveness of the organisation's controls is performed by operational staff or junior managers who work in the area being evaluated.<ref name=CPAJournal>{{cite web|url=http://www.nysscpa.org/cpajournal/2005/1205/essentials/p38.htm|title=The Use of Control Self-Assessment by Independent Auditors|authors=Gilbert W. Joseph and Terry J. Engle|date=December 2005|accessdate=2012-03-10|publisher=The CPA Journal}}</ref> | '''Control self-assessment''' is a technique used by an organisation to assess its risk management and control processes. The results of the self-assessment are often used to design new or change existing procedures to reduce the probability of risks occurring. Internal auditors may use a control self-assessment to focus audit work on high risk or unusual areas.<ref>{{cite web|url=http://www.theiia.org/training/index.cfm?act=seminar.detail&semID=38|title=Control Self-assessment: An Introduction|publisher=]|accessdate=2012-03-10}}</ref> There are a number of ways a control self-assessment can be implemented but its key feature is that the evaluation of the effectiveness of the organisation's controls is performed by operational staff or junior managers who work in the area being evaluated.<ref name=CPAJournal>{{cite web|url=http://www.nysscpa.org/cpajournal/2005/1205/essentials/p38.htm|title=The Use of Control Self-Assessment by Independent Auditors|authors=Gilbert W. Joseph and Terry J. Engle|date=December 2005|accessdate=2012-03-10|publisher=The CPA Journal}}</ref> |
Revision as of 19:08, 10 March 2012
Control self-assessment is a technique used by an organisation to assess its risk management and control processes. The results of the self-assessment are often used to design new or change existing procedures to reduce the probability of risks occurring. Internal auditors may use a control self-assessment to focus audit work on high risk or unusual areas. There are a number of ways a control self-assessment can be implemented but its key feature is that the evaluation of the effectiveness of the organisation's controls is performed by operational staff or junior managers who work in the area being evaluated.
Performing the control self-assessment
The control self-assessment is always performed by operational staff who work in the organisational unit being evaluated. These staff have a detailed understanding of the operation of the existing control processes and are ideally positioned to assess their effectiveness. The two common techniques for performing the evaluations are:
- Workshops involving a small number of staff whose work is subject to the internal controls being evaluated. These workshops may be facilitated and recorded by an independent facilitator.
- Surveys or questionnaires distributed to the staff to complete with their evaluation of the controls. This approach differs from that taken in traditional audits where the auditors perform the assessment.
Control self-assessment methodologies
A number of methodologies to standardise the control self-assessment have been published.
Benefits of a control self-assessment
A number of benefits have been claimed for organisations performing control self-assessment. PriceWaterhouseCoopers, a "Big Four" audit firm lists:
- Establishing a clear understanding of the objectives and activities of business units and processes
- Building the awareness of risk and controls and embedding responsibility for the controls amongst managers and staff
- Providing a framework for improving controls throughout the organisation
- Identifying areas for improving the organisation's performance as well as standardising process across different locations and organisational units
- Strengthening the corporate governance regime
- Simplifying the work of internal auditors
See also
References
- "Control Self-assessment: An Introduction". The Institute of Internal Auditors. Retrieved 2012-03-10.
- ^ "The Use of Control Self-Assessment by Independent Auditors". The CPA Journal. December 2005. Retrieved 2012-03-10.
{{cite web}}
: Unknown parameter|authors=
ignored (help) - Álvarez, Gene (2004). Operational Risk: Practical Approaches to Implementation.
- Gene Álvarez and Phil Gledhill (24 November 2010). "A comprehensive risk and control self-assessment methodology". Risk.net. Retrieved 2012-03-10.
- "Control Self Assessment". PriceWaterhouseCoopers. Retrieved 2012-03-10.