ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "COSO Objective III: Control Activities"
Episode Synopsis
In its Framework Volume, COSO Control Activities “are the actions established through policies and procedures that help ensure that management’s directives to mitigate risks to the achievement of objectives are carried out.” They should be performed at all levels in an organization’s process cycle.
Principle 10: Selects and develops controls activities.
Principle 11: Selects and develops general controls over technology.
Principle 12: Control activities established through policies and procedures.
Discussion. While the objective of Control Activities should be the most familiar to the CCO or compliance practitioner, this objective demonstrates the inter-relatedness of all the five COSO Objectives and the corporate functions in your organization. It is your control environment and then risk assessment that should lead you to this point. It is the Control Activities objective that lays the groundwork for a living, breathing compliance program going forward.
This objective requires that you have new ways of capturing, gathering, confirming the accuracy and completeness of the information and the controls reporting it. The Control Activities regarding the policies and procedures needed is certainly an important consideration going forward.
Three key takeaways:
Think of a “second set of eyes” as a primary control activity.
SODs must always be employed.
Control Activities should be performed at all levels in the business process cycle and this speaks directly to the operationalization of your compliance program.
Learn more about your ad choices. Visit megaphone.fm/adchoices
Principle 10: Selects and develops controls activities.
Principle 11: Selects and develops general controls over technology.
Principle 12: Control activities established through policies and procedures.
Discussion. While the objective of Control Activities should be the most familiar to the CCO or compliance practitioner, this objective demonstrates the inter-relatedness of all the five COSO Objectives and the corporate functions in your organization. It is your control environment and then risk assessment that should lead you to this point. It is the Control Activities objective that lays the groundwork for a living, breathing compliance program going forward.
This objective requires that you have new ways of capturing, gathering, confirming the accuracy and completeness of the information and the controls reporting it. The Control Activities regarding the policies and procedures needed is certainly an important consideration going forward.
Three key takeaways:
Think of a “second set of eyes” as a primary control activity.
SODs must always be employed.
Control Activities should be performed at all levels in the business process cycle and this speaks directly to the operationalization of your compliance program.
Learn more about your ad choices. Visit megaphone.fm/adchoices
More episodes of the podcast 31 Days to a More Effective Compliance Program
Day 28 - The Importance of Data Governance
28/01/2025
Day 26 - CCO Authority and Independence
26/01/2025
Day 24 - Internal Reporting and Triage
24/01/2025
Day 23 - Investigative Protocols
23/01/2025
Day 22 - Levels of Due Diligence
22/01/2025
In God we trust