Presentation is loading. Please wait.

Presentation is loading. Please wait.

Risks and Controls A day in the life of our Advisory Practice November 2015.

Published byMelvyn Chandler Modified over 8 years ago

Similar presentations

Presentation on theme: "Risks and Controls A day in the life of our Advisory Practice November 2015."— Presentation transcript:

1 Risks and Controls A day in the life of our Advisory Practice November 2015

2 Copyright © 2015 Deloitte Development LLC. All rights reserved. 1 Agenda  Recent Newsworthy Events  Deloitte’s Risk Advisory Practice  Risks and Controls  Understanding Internal Control  Team Activity  Q&A

3 Copyright © 2015 Deloitte Development LLC. All rights reserved. 2 Recent Newsworthy Events

4 Deloitte Risk Advisory Practice

5 Copyright © 2015 Deloitte Development LLC. All rights reserved. 4 Deloitte's Global Footprint North America 2 countries LACRO (Latin America and Caribbean) 28 countries Europe 47 countries Africa 21 countries Middle East 16 countries Asia Pacific 26 countries Deloitte has a global network of member firms in more than 150 countries Deloitte has more than 210,000 professionals around the world serving clients Global Revenues US $34.2 Billion

6 Copyright © 2015 Deloitte Development LLC. All rights reserved. Deloitte in Greater Washington: Who We Serve

7 Copyright © 2015 Deloitte Development LLC. All rights reserved. 6 Types of Risk Services Offered S TRATEGIC Incorrect business decisions or those that impact the business model R EGULATORY C OMPLIANCE Non-compliance with existing/new regulations F INANCIAL Financial conduct of business operations O PERATIONAL Operations or execution of business activities I NFORMATION T ECHNOLOGY Data, information or technology resources supporting business operations R ISK T YPES A DVISORY C ATEGORIES DevelopmentImplementationManagementAssessmentValidationResponse

8 Risks and Controls

9 Copyright © 2015 Deloitte Development LLC. All rights reserved. 8 What are Risks and Controls? Ask most people why cars have brakes and they’ll say, “It's so you can slow down”… Risk is the potential for loss or harm — or the diminished opportunity for gain — that can adversely affect the achievement of an organization’s objectives. Risk: Meeting with an Accident Control: Presence of Brakes …But the real reason is so you can go faster, and still be in control.

10 Copyright © 2015 Deloitte Development LLC. All rights reserved. 9 Risks and their Impact on Organizations Fraud Disasters Penalties and fines Target new markets New product development New pricing models Manage risks to create shareholder value (future growth) Manage risks to protect shareholder value (existing assets) VALUE Risk Intelligence enables organizations to create and preserve value. Businesses thrive by taking risks but falter when risk is managed ineffectively. A Risk Intelligent Enterprise recognizes this dual nature of risk, and devotes sufficient resources both to risk taking for reward and to the protection of existing assets.

11 Understanding Internal Control

12 Copyright © 2015 Deloitte Development LLC. All rights reserved. Compliance with applicable laws and regulations Effectiveness and efficiency of operations Reliability of financial reporting Objectives Management Process Reasonable Assurance Internal Controls

13 Copyright © 2015 Deloitte Development LLC. All rights reserved. The overall attitude, awareness, and actions of the directors and management concerning the importance of internal control in the entity The process used to identify, analyze, and manage the risks faced by the entity The information systems and communication used to capture and exchange information needed to conduct, manage, and control operations Policies and procedures designed to help ensure that management directives are carried out The process of assessing the quality of internal control performance over time Components of Internal Controls

14 Copyright © 2015 Deloitte Development LLC. All rights reserved. Relationship between Business Process Controls and General IT Controls Business Processes Financial Information Internal Financial Reports Financial Statements Automated Controls General IT Controls (ITGCs) Other Controls Data

15 Copyright © 2015 Deloitte Development LLC. All rights reserved. Walkthroughs Process flow diagrams Detailed description of the control Building an Understanding of Controls

16 Copyright © 2015 Deloitte Development LLC. All rights reserved. Walkthroughs We perform inquiry with the client, sometimes called a “walkthrough”, to understand the business process controls and IT controls in place. The client individual will explain the following: Steps involved in performing the control Reports and other information used, including how such information is obtained and used Procedures performed when an exception or misstatement is identified Procedures performed when the individual is absent Procedures performed with respect to unusual transactions Changes to the controls during the period, including changes to personnel who perform the controls

17 Copyright © 2015 Deloitte Development LLC. All rights reserved. Process Flow Diagrams – Example (Revenue) Revenue Include Order processing Shipping & invoicing Sales returns Exclude None Symbol legend

18 Copyright © 2015 Deloitte Development LLC. All rights reserved. 17 Facilitates our assessment of the design of the control, and also our assessment of risk associated with the control Important for planning tests of operating effectiveness Inadequate written descriptions of control procedures may result in inconsistent performance of the control because control performers may not fully understand the expectations Detailed Description of the Control

19 Team Activity

20 Copyright © 2015 Deloitte Development LLC. All rights reserved. 19 Your facilitator will assign you into groups. Work in your groups to review the IT Risks and General IT Controls, and then determine which controls address each of the risks. Be prepared to share your insights on how the controls address the risks. Team Activity

21 Copyright © 2015 Deloitte Development LLC. All rights reserved. 20 Team Exercise – IT Risks Risk IdentifierRisk Description 1Unauthorized users have access to the database. 2Duplicate data entries exist within the database. 3Unauthorized or invalid changes are made to data. Note: Multiple controls can address the same risk.

22 Copyright © 2015 Deloitte Development LLC. All rights reserved. 21 Team Exercise – General IT Controls Control NumberControl Description APasswords are configured to require a minimum length of 8 characters, complexity settings enabled, and must be changed every 90 days. BChanges made to data are logged, monitored, and reviewed by management on a weekly basis. CNew access to the database must be approved by a manager before the access is granted. DWhen a user leaves the company (i.e., “terminated user”), their access to the database must be removed within 48 hours. EBefore a change is made to the database, the change must be documented in a change ticket, which then must be approved by management. FWhen duplicate data entries are inserted into the database, an error message appears.

23 What Questions Do You Have?

24 About Deloitte Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Copyright © 2012 Deloitte Development LLC. All rights reserved. Member of Deloitte Touche Tohmatsu Limitedwww.deloitte.com/about www.deloitte.com/us/about

Download ppt "Risks and Controls A day in the life of our Advisory Practice November 2015."

Similar presentations

General tax landscape.

General tax landscape.
The Corporate Laws Amendment Bill, B6/2006. © 2006 Deloitte Touche Tohmatsu Corporate Laws Amendment Bill, B6/2006 – 29 May 2006 Introduction Presenting.

The Corporate Laws Amendment Bill, B6/2006. © 2006 Deloitte Touche Tohmatsu Corporate Laws Amendment Bill, B6/2006 – 29 May 2006 Introduction Presenting.
Deloitte UK screen 4:3 (19.05 cm x 25.40 cm) © 2013 Deloitte LLP. All rights reserved. April 2013 Parameters of Competition for a Turkish International.

Deloitte UK screen 4:3 (19.05 cm x cm) © 2013 Deloitte LLP. All rights reserved. April 2013 Parameters of Competition for a Turkish International.
Global Rewards Update Sandy Shurin Deloitte Tax LLP.

Global Rewards Update Sandy Shurin Deloitte Tax LLP.
Mind the Gap: Evaluating Internal Controls in Pharmaceutical Supply Chains across Sub-Saharan Africa AIDS 2012: July 22-27 Julianna Kohler, Revathi Avasarala,

Mind the Gap: Evaluating Internal Controls in Pharmaceutical Supply Chains across Sub-Saharan Africa AIDS 2012: July Julianna Kohler, Revathi Avasarala,
Deloitte Consulting LLP June 22-25, 2014 IIS 50 th Annual Seminar, London 2014 Big Data in Insurance International Insurance Society.

Deloitte Consulting LLP June 22-25, 2014 IIS 50 th Annual Seminar, London 2014 Big Data in Insurance International Insurance Society.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
WebEx Training Wednesday, January 15 th 2014 1. - 2 - Agenda Payment Locations Payment Extension Loss of Health Coverage on 01/31 Retroactive Special.

WebEx Training Wednesday, January 15 th Agenda Payment Locations Payment Extension Loss of Health Coverage on 01/31 Retroactive Special.
Pacific Cities Sustainability Initiative – Second Annual Forum Session 4: Public-Private Partnerships Case Studies Jim O’Gara, Director Deloitte Transactions.

Pacific Cities Sustainability Initiative – Second Annual Forum Session 4: Public-Private Partnerships Case Studies Jim O’Gara, Director Deloitte Transactions.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS

IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
Internal Control in a Financial Statement Audit

Internal Control in a Financial Statement Audit
Financial structure, management, and IFRS Reporting Creating value for growth Presenter: John Robinson Partner.

Financial structure, management, and IFRS Reporting Creating value for growth Presenter: John Robinson Partner.
Trade Across the Americas: Bolstering Security and Efficiency Supply Chain Risk Analytics May 2015.

Trade Across the Americas: Bolstering Security and Efficiency Supply Chain Risk Analytics May 2015.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing
2nd Global ABC Conference and Exhibition October 2013

2nd Global ABC Conference and Exhibition October 2013
Tax Transformation: What does it mean to you?

Tax Transformation: What does it mean to you?
Planning an Audit The Audit Process consists of the following phases:

Planning an Audit The Audit Process consists of the following phases:
Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.

Chapter 07 Internal Control McGraw-Hill/IrwinCopyright © 2014 by The McGraw-Hill Companies, Inc. All rights reserved.
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING

Similar presentations

Ads by Google