Preface.
1. Enterprise Risk Management Overview.
-ERM Introduction.
-Guidance: History and Relationship.
-Organization View.
-ERM Today.
-Increased Pressure to Manage Risk.
-Additional Evidence.
-Perceived Barriers to Risk Management.
-Building the Business Case for ERM: Value and Benefits.
-Keys to Success.
-Summary.
2. Corporate Governance and Roles and Responsibilities.
-Board Behavior.
-Corporate Culture.
-Roles and Responsibilities.
-Summary.
3. ERM Defined.
-Definitions and Concepts
-Risk Categories.
-The Internal Environment.
-Summary.
-Notes.
4. The ERM Process: Step by Step.
-Step 1: Strategy and Objective Definition.
-Step 2: Event Identification.
-Step 3: Risk Assessment.
-Step 4: Risk Response.
-Step 5: Communication.
-Step 6: Monitoring.
-Oversight.
-Summary.
Notes.
5. COSO Framework and Financial Controls.
-Focus on Financial Controls.
-Control Environment.
-Integrity and Ethical Values.
-Board of Directors.
-Management's Philosophy and Operating Style.
-Organizational Structure.
-Financial Reporting Competencies.
-Authority and Responsibility.
-Human Resources.
-Summary
-Notes.
Appendix 5A: Whistleblower Program.
-Reports Regarding Accounting Matters.
-Investigation of Suspected Violations.
-Discipline for Violations.
Appendix 5B: Excerpt from a Code of Ethics Policy.
-1.0 Our Guiding Principles and Values.
-2.0 Conflicts of Interest.
-3.0 Confidential Information; Intellectual Property.
Appendix 5C: Approval Policy and Procedures.
-Policy.
-Purpose.
-Scope.
-Approvals/Documentation.
6. Financial Controls and Risk Assessment.
-Risk Assessment.
-Financial Reporting Objectives.
-Financial Reporting Risks.
-Fraud Risk.
-Entity-Level Controls.
-Example: Risk Assessment and Financial Controls.
-Evaluating Deficiencies.
-Summary.
-Notes.
Appendix 6A: Entity Level Control Assessment.
-Control Assessment Overview.
-Control Environment.
-Overall Evaluation of Control Environment.
-Risk Assessment.
-Overall Evaluation of Risk Assessment.
-Control Activities.
-Overall Evaluation of Control Activities.
-Information and Communication.
-Overall Evaluation of Information and Communication.
-Monitoring.
-Overall Evaluation of Monitoring.
-Summary Assessment.
-Overall Assessment of Internal Controls.
Appendix 6B: Accounts Payable: Preliminary Controls Assessment Questionnaire.
-Purchasing Controls Questionnaire.
-Internal Control Assessment.
Appendix 6C: Fraud Risk Factors: AU Section 316.
-Risk Factors Relating to Misstatements Arising from Fraudulent -Financial Reporting.
7. Ongoing Compliance Overview.
-Origin of Sarbanes-Oxley Act.
-Generating Value from Compliance.
-Moving beyond Initial Compliance.
-Reevaluating the Compliance Program.
-Summary.
8. Ongoing Compliance Challenges.
-Future State Opportunity: Compliance Optimization.
-Issues to Consider When Optimizing Compliance.
-Ongoing Compliance Plan.
-Role of Internal Audit: Balancing the Compliance and Audit Functions.
-The Evolving Role of the Audit Committee.
-Summary.
9. Addressing Compliance and Risk Management Challenges through Automation.
-Software Can Add Value beyond Compliance.
-Monitoring Software.
-Utilization of Continuous Monitoring: Control Testing and Control Automation.
-Benefits of Continuous Monitoring.
-Continuous Monitoring Tool Considerations.
-Continuous Monitoring Process.
-Risk Management Software.
-Unifying Financial Statements, Close Tasks, and SOX Controls.
-Determining the Right Solution.
-Summary.
-Notes.
10. Ongoing Compliance and IFRS
-International Financial Reporting Standards.
-Communicating the Impact.
-Preparing for International Financial Reporting Standards.
-Comprehensive IFRS Transition Approach.
-Key Elements of an Effective IFRS Implementation.
-Summary.
About the Author.
Index.
