Many people in organizations resent internal control and risk management; these two processes representing unwelcome tasks to be completed for the benefit of auditors and regulators. Over the last few years this perception has been heightened by the disastrous implementation of section 404 of the Sarbanes-Oxley Act of 2002, which is generally regarded as having been too expensive for the benefits it has brought.This important and timely book offers a way of improving this prevailing perception and increasing the value of control and risk mangement by bringing creativity and design skills to the fore. The value of risk and control activities is often limited by the value of the control ideas available and so Matthew Leitch provides an arsenal of 60 high performance control mechanisms. These include several alternative ways to design controls and control systems, as well as providing controls for monitoring and audit, controls for accelerated learning, and techniques for finding and recovering cash.This design material is combined with insights into the psychology of risk control, strategies for encouraging helpful behaviour and enabling change, and a surprisingly simple integration of internal control with risk management. The book is realistic, practical, original, and easier reading than most in the field. The material is not specific to any one country and has international appeal for internal auditors and all those concerned with risk management, corporate governance and security.
List of Tables
List of Figures
Pt. I The Bigger Picture
1 How Much Improvement is Possible? 3
2 Risk Management and Internal Control: Poised for Progress 13
3 Integrated Risk Control is Simpler 21
4 Goals from People and Behaviour 33
Pt. II High Value Control Mechanisms
5 A Summary of Control Patterns for More Value 45
6 Controls that Generate Other Controls 49
7 Audits, Reviews and Efficient Monitoring 99
8 Learning and Adapting 131
9 Protection and Inherent Reliability 157
10 Checking and Correcting 165
Pt. III Making Good Change Happen
11 Triggering Good Behaviours 189
12 Personal Education and Assessments 201
13 Understanding Barriers to Improvement 207
14 Key Roles and How Each Can Increase Value from Risk Control 213
15 Innovation and the Friendly Expansion Strategy 221
16 Helpful Alternatives to Unhelpful Ideas 229
17 The Seven Frontiers 243