Control and accounting information systems suggested answers to discussion questions
Discuss several ways that ERM processes can be continuously monitored and modified so that deficiencies are reported to management
Download 197.32 Kb.
|
| 7.10 Discuss several ways that ERM processes can be continuously monitored and modified so that deficiencies are reported to management.
Have a special team or internal auditing perform a formal or a self-assessment ERM evaluation. Supervise effectively, including training and assisting employees, correcting errors, and overseeing employees who have access to assets. Use Responsibility Accounting Systems such as budgets, quotas, schedules, standard costs, and quality standards; reports comparing actual and planned performance; and procedures for investigating and correcting significant variances. Use risk analysis and management software packages to review computer and network security measures, detect illegal access, test for weaknesses and vulnerabilities, report weaknesses found, and suggest improvements. Track purchased software to comply with copyrights and protect against software piracy lawsuits. Companies should periodically conduct software audits. Employees should be informed of the consequences of using unlicensed software. Track and monitor mobile devices, as their loss could represent a substantial exposure. Also, track who has them, what tasks they perform, the security features installed, and what software is needed to maintain adequate system and network security. Have periodic external, internal, and network security audits to assess and monitor risk as well as detect fraud and errors. Have a chief security officer (CSO), who is independent of the information system function, be in charge of system security and report to the chief operating officer (COO) or the CEO. Have a chief compliance officer (CCO), who reports to the same people, be responsible for all compliance issues Use forensic investigatorss, who specialize in fraud detection and investigation, help with the financial reporting and corporate governance process. Most forensic investigators received specialized training with the FBI, IRS, or other law enforcement agencies. Investigators with the computer skills to ferret out fraud perpetrators are in great demand. Install fraud detection software to help ferret out fraud, such as illegal credit card use, and notify forensic investigators when it is found. Use a fraud hotline so people witnessing fraudulent behavior can report it anonymously. Download 197.32 Kb. Share with your friends:
|