Presentation is loading. Please wait.

Presentation is loading. Please wait.

Performing Governance Assessments Myrk Harkins CIA, CBM.

Published byCedric Middlemiss Modified over 9 years ago

Similar presentations

Presentation on theme: "Performing Governance Assessments Myrk Harkins CIA, CBM."— Presentation transcript:

1

2 Performing Governance Assessments Myrk Harkins CIA, CBM

3 2 Agenda  Who Is Myrk Harkins?  A little about the Southern Company  Risk Based Auditing  Governance Model

4 3 Myrk Harkins  Director of Internal Auditing West  Bachelor of Science Civil Engineering  Certified Internal Auditor & Certified Business Manager  33 Years Experience with Southern Company  Power Plant Construction  Plant Operations and Maintenance  10 Years Internal Auditing

5 4 The Southern Company  4.3 Million Customers  Alabama Power, Georgia Power, Mississippi Power, Gulf Power, Southern Power & Southern Link  42,000 MW of Generation (1 MW = 600 Homes)  Revenue of $14.3 Billion  Net Income of $1.6 Billion

6 5 Southern Company Internal Auditing We are a Risked Based Audit Organization

7 6 Sample Company Enterprise Risk Management Qualitative estimate of the potential risk’s impact on the specific function/entity RED …focused management attention is required GREEN …current management action is sufficient YELLOW …on-going active monitoring by management is required Risk Placement Guidelines: Place risk here if…: $$$ Materiality of Impact Scope of Control Likelihood Current Level of Residual Risk $

8 7 2007 Sample Company Risk profile Materiality of impact RiskAccountability 1. Environmental legislation or regulation Evans/Johnson 2. Exposure to fuel prices/availability Johnson 3. Loss of constructive state regulatory environment Operating Company CEOs 4.Nuclear Brown 5. Catastrophic business interruption Management Council 6. Change in federal regulatory or legislative policy Smith/Evans 7.Execution of the financial plan Farmer 8.Workforce issues Management Council 9. Deterioration of corporate image Management Council 10Governance failure Ratcliffe/Farmer 11 Strategy selection and implementation Ratcliffe/Management Council 9 8 Loss of constructive state regulatory environment Nuclear Change in federal regulatory or legislative policy Governance failure Workforce issues Execution of the financial plan 4 3 11 6 Likelihood $ $$$ 1 2 5 10 Exposure to fuel price/availability Catastrophic business interruption Environmental legislation or regulation 7 Strategy selection and implementation Deterioration of corporate image

9 8 2007 Sample Company Fraud risk profile Materiality of impact Fraud RiskAccountability 1. Inappropriate Capitalization of Expenses Evans/Taylor 2. Improper Use of Estimates and Judgments Ballard 3. False Compliance Reporting (EPA, OSHA, FERC, etc.) Operating Co CEOs 4. Political (Bribery of Public Officials, Illegal Contributions) Beasley 5. Vendor Fraud (Bid Rigging, Kickbacks, etc.) Management Council 6. Competitive Practices (Unfair Competition - Antitrust, Violation of Territorial Service Agreements, Wholesale Competition) Smith/Evans 7. Intentional Mistreatment of Affiliate Transactions Farmer 8. Inappropriate Executive Compensation Management Council 9. Employee Fraud / Misappropriation of Assets Management Council 9 8 False Compliance Reporting (EPA, OSHA, FERC, etc. Political (Bribery of Public Officials, Illegal Contributions) Competitive Practices (Unfair Competition – Antitrust, Violation of Territorial Service Agreements, Wholesale Competition) Inappropriate Executive Compensation Intentional Mistreatment of Affiliate Transactions 4 3 6 Likelihood $ 1 2 5 Improper Use of Estimates and Judgments Vendor Fraud (Bid Rigging, Kickbacks, etc. Inappropriate Capitalization of Expenses 7 Strategy selection and implementation Employee Fraud/Misappropriation of Assets

10 9 Audit Planning Process Fraud Risks Annual Residual Risk Assessment Executive Input IA Staff Input SOCO Risk Profile Annual Audit Plan Audit Engagement Risk Assessment Engagement Risk Assessment Engagement Risk Assessment

11 10 COSO Southern Company’s Control Framework

12 11 What is Governance Governance is composed of the key business processes utilized by representatives of an organizations stakeholders (e.g. Shareholders (BOD), management, etc.) to optimize value by providing reasonable assurance that an entity achieves it business objectives. SOCO ERM Program broadly defines governance as those business processes, internal controls, decision tools, oversight structures and corporate culture elements (Southern Style) that reasonably ensure achievement of the Company’s goals and objectives. (ERM at SOCO = Our Methodology for Managing the Business) Understanding Governance

13 12 A Simplified Approach to Governance ( Company, Functional Activity, Business Unit, etc.)  Everything Starts with Business Objectives  Identify and Evaluate Significant Risks (Anything that could prevent achievement of business objectives)  Business Processes (Internal Controls & Governance Processes) to Reasonably Ensure Achievement of Business Objectives  Assurance (Monitoring Level of Achievement and Reporting)

14 13 Tone at the Top Business Objectives Business Processes Assurance Information Communication Information Communication Information Communication Risk Assesment Information Communication A Simplified Approach to Governance

15 14  Mission,  Purpose  Strategic Direction & Business Plan  Goals Strategic Operational Reporting Compliance Objective Setting “What are you trying to accomplish”

16 15 Internal Environment “Tone at the Top”  Risk Appetite  Management Commitment  Ethics  Competence  Responsibilities and Accountability

17 16 Risk Assessment Process “What is going to keep you from your goals”  Identification  Assessment  Response

18 17 Business Processes  Control Activities  Company Policies  Procedures / Guidelines  Internal Controls  Information and Communication  Appropriate  Availability  Accurate / Complete  Timely

19 18 Assurance “Monitoring”  Ongoing Activities  Supervision  Performance Measurement & Reporting  Assessment Processes  Self  Corp. Oversight (Internal Auditing)  Independent  Reporting Deficiencies  Follow Up & Corrective Actions

20 19 Practical Application Any Audit or Consulting Project

21 Questions & Comments Myrk Harkins (rmharkin@southernco.com)@southernco.com Phone – (205-257-2135)

Download ppt "Performing Governance Assessments Myrk Harkins CIA, CBM."

Similar presentations

Internal Control Integrated Framework

Internal Control Integrated Framework
Organizational Governance

Organizational Governance
Internal Audit Capability Model (IA-CM) for the Public Sector

Internal Audit Capability Model (IA-CM) for the Public Sector
EMS Checklist (ISO model)

EMS Checklist (ISO model)
©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley 1 - 1 The Demand for Audit and Assurance Services Chapter.

©2003 Prentice Hall Business Publishing, Auditing and Assurance Services 9/e, Arens/Elder/Beasley The Demand for Audit and Assurance Services Chapter.
Basel Committee Guidance on Corporate Governance for Banks

Basel Committee Guidance on Corporate Governance for Banks
Determining the Significant Aspects

Determining the Significant Aspects
Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.

Risk The chance of something happening that will have an impact on objectives. A risk is often specified in terms of an event or circumstance and the consequences.
Strategic Financial Management 9 February 2012

Strategic Financial Management 9 February 2012
Internal Control–Integrated Framework

Internal Control–Integrated Framework
Towards More Effective Board Functioning Fall 2013 - Lausanne Confidential to CEO-CF and CEO-CF members.

Towards More Effective Board Functioning Fall Lausanne Confidential to CEO-CF and CEO-CF members.
Radmila Trkulja, Head of the CHU of Republika Srpska.

Radmila Trkulja, Head of the CHU of Republika Srpska.
Internal Control and Control Risk

Internal Control and Control Risk
Marketing Implementation and Control

Marketing Implementation and Control
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley 11 - 1 Fraud Auditing Chapter 11.

©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley Fraud Auditing Chapter 11.
Auditing Governance Functions

Auditing Governance Functions
Lisanne Sison Director ERM Bickmore

Lisanne Sison Director ERM Bickmore
Chapter 14 Fraud Risk Assessment.

Chapter 14 Fraud Risk Assessment.
IMFO Audit & Risk Indaba June 2012

IMFO Audit & Risk Indaba June 2012
Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.

Bodnar/Hopwood AIS 7th Ed1 Chapter 5 u TRANSACTION PROCESSING AND INTERNAL CONTROL PROCESS.

Similar presentations

Ads by Google