controlself-assessmentworkshop(53页)-经营管理(编辑修改稿)

controlself-assessmentworkshop(53页)-经营管理(编辑修改稿)内容摘要：

Don’t hire the most qualified applicant.  Hire someone who does not work well with others.  Ask inappropriate interview question.  Fail to ply with HR procedures. 26 How will you manage these risks?  Take actions to manage each significant risk. • Include requisite skills in job descriptions. • Distribute “Legal and Effective Interviewing Techniques.” • Have several employees interview candidates.  Design control activities to help ensure that actions to manage risks are carried out properly and in a timely manner. • Hiring process checklist in file. • Director review and signoff prior to offer. 27 So what do we need to do?  Assess risks at the department level (page 17).  Assess risks at the activity (or process) level.  Complete a Risk/Control Worksheet for each significant activity (or process) in the department.  Make sure that all departmental risks are addressed in the Risk/Control Worksheets. 28 What is a Risk/Control Worksheet?  Worksheet instructions (page 18).  Sample worksheet (page 19).  Sample overview flowchart (page 20). • Who does what? • When do they do it? • What are the inputs and outputs? 29 Break 10 Minutes 30 Internal Control Process Establish Control Environment Implement Control Activities Perform Risk Assessment Goals amp。 Objectives Monitor Performance Information Communication and and 31 What control activities do we need?  Enough to help ensure that you are managing your significant risks (page 21).  Actions should be taken and control activities should be performed to mitigate significant risks to prudently acceptable levels.  An action to manage a risk can be anything.  Control activities include approvals, reconciliations, reviewing reports, securing assets, segregating duties, and IS controls. 32 What needs to be approved?  It depends on the risk assessment (page 22).  High risk activities should be approved by management.  Generally, high dollar transactions should be approved by the Chair/Director of the department.  Approval means that the approver has reviewed the supporting documentation and is satisfied that the transaction is appropriate. 33 What needs to be reconciled?  It depends on the risk assessment (page 23).  Information about high risk activities should be reconciled to ensure its accuracy and pleteness.  Reconciliations pare different sets of data (check logs/deposit slips to financial reports).  Generally, monthly financial reports from Accounting should be reconciled to departmental records. 34 What reports should be reviewed?  It depends。