Evaluating Corporate Governance through Auditing (10 Days)

Introduction

Corporate Governance has emerged as a prominent facet of sophistication in today's business actions and practices. This Corporate Governance Audit course is both a legal obligation and a strategic advantage.

Are you confident that the Corporate Governance practices within your organization enable you to achieve maximum levels of efficiency and accountability? If not, it may be because you have not yet fully gauged the impact of Internal Audit on this vital aspect.

An exhaustive audit approach is essential, as the Board of Directors and the Audit Committee require adequate assurance regarding this critical area. This Corporate Governance Audit course equips you with the necessary skills and strategies to review and enhance the versatile and multifaceted regime of corporate governance.

Completion of this course will ensure that your practices align with optimal standards and that you adhere to and fulfill all required regulations.

Objectives

By the end of this Corporate Governance training program, participants will be able to:

• Crystalize the entire risk management system and conduct comprehensive risk management audits.
• Embed Corporate Governance (CG) mechanisms that meet stakeholder expectations.
• Assess the effectiveness and productivity of business continuity planning.
• Understand the role of the Audit Committee in Corporate Governance (CG).
• Review sustainability and environmental governance initiatives.
• Audit joint ventures and partnerships for increased effectiveness.

Training Methodology

• Engaging presentations and discussions with participants
• Real-world case studies and examples
• ADA (auditing) exercises
• Brainstorming sessions on key topics
• Role-playing audit scenarios
• Step-by-step guidance on conducting various audit processes
• Use of templates and checklists for auditing
• Peer reviews and critiques
• Course material revisions
• Final project on integrating governance in corporations

Course Outline

Unit 1: Corporate Governance: The Main Aspects

• Understanding Corporate Governance
• The 6 Guiding Principles of Governance
• Red Flags for Governance
• New Insight Paper on Corporate Governance
• Country Reports on Auditing Corporate Governance – First Edition
• Meeting Stakeholder Requirements
• Identifying and managing stakeholders
• Key Parties in Governance: Audit Committee, Board, Regulators, Customers, Suppliers
• Governance and Accountability Tool
• Secondary Addresses – TORs for Assignment Development
• New Audit Programme
• New Guidance on IA Standard 2120
• The Corporate Governance Framework Statements

Unit 2: Governance Assessment Methods

• COSO Advisory Paper – Enhancing Governance and Management Effectiveness
• Relationship between Governance and Strategy
• Types of Governance
• Codes of Governance Requirements
• Financial Reporting Implications
• International vs. National Governance Criteria
• The 3 Lines of Defence
• Defining responsibilities within governance

Unit 3: The Business Environment

• Checks, Components, and Procedures
• The Tone at the Top Regarding Internal Control
• Ethical Behavior Standards
• Enforcing Cross-Organizational Expectations
• Corporate Integrity and Ethics
• Governance Responsibilities
• Authority and Responsibility Matrix
• Recruitment, Development, and Retention of Employees
• Setting Up Performance Indicators and Reward Systems

Unit 4: Analyzing and Measuring Governance Control Effectiveness

• Business Process Aspect Analysis
• Objectives and Risk of Processes
• Understanding Business Goals
• Creating Programmes to Achieve Goals
• Defining and Quantifying Aims
• Identifying Process Components
• Linking Goals to Risks
• Linking Risks to Control Measures
• Controlling Business Processes and Systems
• Managing Input and Output Linkages
• Identifying Trigger Events

Unit 5: Scoping a Governance Audit

• Governance Architecture
• Reporting Lines
• Strategy and Risk Appetite
• Leadership and Culture
• 3 Lines of Defence Process
• Communication with Regulators
• Escalation Procedures
• Delegated Authorities
• Whistleblowing Policies
• Accountability Structures
• Data Integrity Measures
• Commitment to Governance
• Policy Management

Unit 6: The Need for Governance Audit of the Board

• The Key Role of the Board in Governance
• Assessing Risks at the Board Level
• Identifying Key Risks and Their Causes
• The Audit Approach in Sensitive Areas
• Gathering Evidence for Audits

Unit 7: The 15 Key Governance Board Risks to be Reviewed

• Board actions impacting the organization and stakeholders
• Challenges faced by independent Board members
• Timeliness of information for Board decisions
• Monitoring and addressing significant organizational risks
• Transparency in the Board's decision-making process
• Timely implementation of Board-agreed actions
• Effective supervision of Board Committees
• Addressing risks related to remote sites and organizational segments
• Alignment of policies, procedures, and projects with organizational objectives
• Defining and nurturing organizational culture to achieve goals
• Managing risks outside the organization's risk tolerance
• Aligning risk tolerance with organizational goals and ethics
• Addressing economic or societal impacts of serious incidents
• Ensuring compliance with regulatory and legislative requirements
• Effectiveness of Board communications within the organization

Unit 8: Auditing the Overall Risk Management Process

• Positioning RM within the business context
• Defining and setting corporate objectives
• Monitoring overall objective achievement
• Managing risk using ISO 31000 and internal auditing guidance from IIA
• Keeping the Board informed of significant risks
• Evaluating RM capabilities
• Conducting strategic risk assessments
• Reviewing departmental risk assessment processes
• Ensuring consistent risk treatment across functions
• Assessing and challenging risk management results
• Identifying and reviewing risk exposures
• Reviewing risk registers
• Adapting to changes – RBA approach
• Basing audit plans on key risks
• Comparing expected and actual controls
• Introducing a tool for evaluating risk management

Unit 9: Evaluating Risk Appetite

• Understanding the Risk Appetite Statement
• Setting risk limits
• Preparing a Risk Profile
• Articulating Risk Appetite for each risk occurrence
• Establishing target risk levels for each event

Unit 10: Auditing the Audit Committee Process

• The Role of the Audit Committee
• Committee Structure and Independence
• Approving internal audit strategies and performance evaluations
• Reviewing and addressing issues from IA reports
• Procedures for external audit report reviews
• Evaluating IA, EA, and other body relationships
• Assessing the risk management environment and anti-fraud measures
• Audit Committee's relationship with Internal Auditors
• Assessing Internal Auditors through the Audit Committee
• Ensuring minimal risk in assurance statements and annual accounts
• Audit Committee Report Case Study

Unit 11: Auditing Reputation

• The growing importance of reputation
• The need for a positive image and admiration
• Understanding the sources of reputation
• Measuring reputation
• The amplifying impact of business reputation on brand strength
• Evaluating reputation
• Addressing the urge for regulation or external assurance
• Identifying reputational threats

Unit 12: Corporate Social Responsibility

• The evolution and importance of CSR
• New IIA Standard 2110 – Re-auditing of Ethics
• Understanding CSR components
• Broader CSR framework and its impact on Internal Audit
• Undertaking responsible actions responsibly
• Ethics Audit Paper
• Restructuring Internal Audit with a CSR perspective
• Establishing an Audit Structure
• Steps for auditing CSR: Ensuring stakeholder dialogue and understanding expectations
• Managing the ethics of the business
• Ensuring staff mindset aligns with organizational ethics
• Investigating the company's reputation for social responsibility
• Understanding the Board's response to customer issues and needs

Unit 13: Sustainability and Environment Audit

• Importance of Environmental Audits
• Key criteria for resource sustainability
• The role of ISO 14001 in environmental audits
• Conducting Environmental Site Assessments
• Evaluating audit logs
• Ensuring regulatory compliance
• Avoiding inconsistencies

Unit 14: Auditing IT Governance

• Global Technology Audit Guides (GTAGs)
• Defining the IT Audit Universe
• Focusing on high-risk areas
• Examining IT Controls
• Targeting process-focused areas over technical ones
• Utilizing Audit Frameworks like CoBIT and ISO 27000
• New IIA Standard on IT Governance
• Risk Assessment Procedures for General Control Objective (GAIT)
• IIA Guidance on GAIT

Unit 15: Auditing Joint Ventures and Partnerships

• Ensuring a Risk Strategy for JVs
• Establishing protocols and review mechanisms
• Frequency and effectiveness of JV management reviews
• Systems in place to support JV meeting attendance
• Understanding the extent of involvement in JVs and partnerships
• Conducting risk reviews of each JV

Unit 16: Assessing Business Continuity Planning (BCP) Services and Functions

• Significance of BCP
• Addressing simplistic or deterrent approaches to BCP
• Examining all types of potential disasters
• Awareness of current business continuity risk levels and potential impacts
• Ensuring business continuity risks are mitigated to approved levels
• Testing procedures for BCP effectiveness
• Equipping the Board to respond effectively in emergencies
• Categorizing crises within the Decline and Disaster Framework
• Developing and testing crisis management contingency plans
• Testing communication and alternative site readiness

Unit 17: Reviewing Key Controls Over Technology

• Documenting Technology Dependencies through Risk and Control Matrices
• Evaluating End-User Computing
• Implementing or monitoring control activities when outsourcing IT functions
• Restricting access and ensuring segregation of duties within IT environments
• Processing transactions and data accurately within IT systems
• Managing security and access controls
• Applying the System Development Life Cycle to packaged software

Unit 18: Assessing Management Information Governance

• Managing Information Inventories
• Rectifying information from external sources
• Handling information from non-financial management
• Creating and updating knowledge bases
• Improving information quality using data governance tools
• Recognizing, securing, and suppressing financial facts and information
• Implementing ISO 27000 for information governance

Unit 19: Communication Internally and Externally

• Reporting financial results to external users
• Establishing procedures for communication with the Board of Directors
• Discussing the Whistleblower Programme with employees
• Using various communication channels for reporting
• Establishing multi-functional and multi-directional internal control communication systems
• Conducting surveys with external parties

Unit 20: Ongoing Evaluations to Ensure Internal Control Components are Present and Functioning

• Establishing an operating baseline for internal control procedures
• Including evaluative views from various sources
• Utilizing experienced staff for evaluations
• Adjusting scope and frequency of evaluations
• Modifying evaluation processes based on business activity and risk level changes
• Creating metrics for continuous monitoring
• Tracking towards audit continuity