Professional Documents
Culture Documents
CA Sivaram Subramoniam
The views discussed are presenter’s personal view and not related to his current / previous organisations
CONTENTS
4. Constituents of
IFC 5. Responsibilities 6. Leveraging IFC &
IA
What IS IFC
including
including
IFC
Information
Monitoring
Control Environment Risk Assessment Control Activities &
Activities
Communication
Entity Level Controls
Information
Monitoring
Control Environment Risk Assessment Control Activities &
Activities
Communication
• Orgn – Commitment • Clear Objectives to • Select Control • Generates and Uses • Performs ongoing
to Integrity facilitate risk Activities that Relevant and Quality activities to ascertain
• Board – identification and Mitigate the Risk Information internal controls are
Independence assessment • Selects General • Internally working
• Mgmt- Oversight, • Identifies and Control Activity over Communicates • Informs and
Structure, Roles & Analyses the Risks Technology information including Communicates
Responsibilities • Fraud Risks • Deploys Control objectives and Internal Control
• Orgn – Talent Focus considered Activities through responsibilities for Deficiency in a timely
• Identifies and policies and Internal Audit manner
• Orgn- Holds
Accountable for Assesses Changes procedures • Communicates with
Internal Control External Parties
Responsibilities
Process Level Controls
• Identify Processes
Relevant to your
Business
• Ensure Proper
Bifurcation
Process Level Controls
• Discussions with
various stakeholders to
identify controls
incorporated to
address the risk
• Ensure that the Control
addresses the risk
• Ensure that the control
is defined properly to
facilitate proper
testing/ evaluation
Process Level Controls
User Access
Change Management
Form Vs Substance
Testing Responsibility Risk of Management Override of Controls
Failure Response
Requirements
IFC
Review Review
Certify Test Facilitate Document Advise
Framework Results
Board a
Audit Committee a a
Management a a
CEO/CXO a a
Finance a a
Statutory Audit a a
Internal Audit a a a
Leveraging IFC and Internal Audit
Planning
Upgrade and
Support
IFC support to Internal Audit
04
Focus to be made on the tests to be
Approach performed, manual & automated checks
etc.
Internal Audit to IFC
04
Periodic and Specific Reporting to Audit
AC Reporting Committees on IFC Failures (instead of
year end) facilitates timely review by AC