Controls are specific processes set up to assure the achievement of objectives. These controls shall uncover any deviation from what is planned. Controls typically are put in place where risks may threat the proper operation of a process. However, for controls are processes themselves their effectiveness and efficiency needs to be monitored. Control Self Assessments are a proven methodology for auditing controls.
Control Self Assessment is a software tool that helps assessing and improving the quality of internal controls. Control Self Assessment is web-enabled and maintains information right across the enterprise and enables easy yearly update.
Typical assessments seek compliance with:
- business objectives
- stock exchange principles
- internal procedures: effectiveness and efficiency
- cost savings and revenue enhancement programmes
- risk mitigating strategies.
Control Self Assessment increases the power of controls:
- Fast Evaluation: Control Self Assessment is a very efficient software. It allows for fast evaluations of business processes and helps achieving best practices quickly.
- Unlimited number of Assessments: Control Self Assessment is very powerful and allows to enter an unlimited number of assessments by division, department, facility or function. And it allows any number of questions per assessment.
- Constructive Assessments The outcome of is not just a count of negative responses. In case of a non-conforming response to a question the required action is explained.
- Rating: After completion of an assessment the system provides a rating based on a scoring formula.
- Enterprise Risk Manager™ Interfaces: Control Self Assessment may stand alone or be an extension of Enterprise Risk Manager™. When a non-conformance cannot be fixed straight away risk can be entered into the Enterprise Risk Manager™ for analysis and mitigating actions.
- Assessment Management: Management of assessments includes ownership at each level of the business, reference documents and assessment history.
Control Self Assessment as part of PLAN - DO - CHECK - ACT
The 'C' of the PDCA Cycle
The elements of the PDCA cycle:
- PLAN: The planning step is to decide about setting up controls. A risk management system is a valuable resource for decision making because controls should be employed where a process is at risk.
- DO: This is the process of running controls to monitor critical areas and raise corrective actions if necessary.
- CHECK: This is the step of running control self assessments. Control self assessments are implemented to both identify new areas of risk exposure and areas of insufficient control monitoring.
- ACT: Actions are taken upon any findings during the control self assessment. These can be corrective actions and preventive actions as they are well known in quality management.
However, when new risks are uncovered there needs to be a feedback to the risk management system.
Enterprise software within Incom's product portfolio
Control Self Assessment is developed by