Jim Tholey - PowerPoint PPT Presentation

1 / 8
About This Presentation
Title:

Jim Tholey

Description:

Gambling With or Managing Risks ? Jim Tholey Qualitative Assessment of Accounts/Processes Risk & Impact Analysis Risky Company Risk/Impact Corridor Risky ... – PowerPoint PPT presentation

Number of Views:85
Avg rating:3.0/5.0
Slides: 9
Provided by: naTheiiaO
Learn more at: https://na.theiia.org
Category:
Tags: analysis | jim | tholey

less

Transcript and Presenter's Notes

Title: Jim Tholey


1
Gambling With or Managing Risks ?
  • Jim Tholey

2
RISKY INC. RISK ASSESSMENT MODEL 2007
Fin/Acct
Wgt
HR
Dept 2
Legal
Compl
IT
Purchas- ing
Admin
Mrktg
Dept B
Dept C
PR
Div 1
Sub A
Risk Factors
A. Business Environment 1. Management Team 2.
Risk Management/Evaluation 3. 4.
B. Financial Operating Env. 5. Susceptible to
misappropriat., fraud, loss 6. Compl./Adequacy of
Internal Mgmt Rpt 7. 8. 9. 10 11 12
C. Info Tech Financial Automation
D. Governance, Intrnl Cntrl Compl 13. Corporate
Governance 14. Internal Control Environment 15.
16. 17.
TOTAL RISK QUANTIFICATION
100
218
163
249
157
166
277
191
145
246
153
174
142
218
186
Impact
Fin/Acct
Wgt
HR
Regs
Legal
Compl
IT
Purchas- ing
Admin
Mrktg
Dept B
Dept C
PR
Div 1
Sub A
1. Impact 2. Risk 3. Risk .
TOTAL IMPACT QUANTIFICATION
100
220
180
300
200
220
260
140
100
240
180
260
180
220
220
Risk Rating Low (0-130) Medium (131-210)
High (211-300)
3
Sample SOX Qualitative Risk Assessment (Heat Map)

Relative weights 15 15 10 10 20 20 15 15 15 5 5 15 5 100
ABC Corporation 2007Business Processes Complexity/Volume of Trans-actions Complexity/Volume of Trans-actions Level of Auto- mation(inverse scoring) Level of Auto- mation(inverse scoring) Level of Estimation/Judgment Level of Estimation/Judgment Reporting Complexity/Prior Period Changes Process Nature/Inherent Risks Process Nature/Inherent Risks RoutineNon-routine RoutineNon-routine Susceptibility of loss due to errors/ fraud Related Party Trans- actions   Weighted Average Risk Score
Financial Closing Reporting High High Med Med Med Med High High High Med Med Med Low   High
Fixed Assets Low Low Med Med Med Med Low Low Low Med Med Med Low   Low
Purchasing, AP Disbursements Med Med Med Med Low Low Low High High Low Low High Low   Med
Treasury/Equity Med Med High High High High Med Med Med High High Med Low   High
Revenue, AR Receipts Med Med Med Med Med Med Low High High Low Low High Low   Med
Inventory Med Med Med Med Med Med Med Med Med Med Med High Low   Med
Record Monitor Debt Low Low Med Med Low Low Low Low Low Low Low Low Low   Low
Commitments Contingencies Low Low Med Med Med Med Low Med Med Med Med Low Low   Med
Payroll Benefits Low Low Med Med Low Low Low Med Med Low Low Med Low   Low
Income Tax High High Med Med High High High Med Med Med Med Med Low   High
Intangibles and Impairment Med Med High High High High High High High High High Med Low   High
Cash Handling Med Med Med Med Low Low Low Med Med Low Low High Low   Med
Consolidations Med Med Med Med Med Med Med Med Med Med Med Med Low   Med
Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk) Note Level of Automation evaluation text relates directly to automation of the process. The risk scoring is inverted (i.e. High more automation thus less risk, while Low less automation more risk)





4
Qualitative Assessment of Accounts/Processes
Qualitative Risk Factors (from PCAOB AS2) Weights Category 1 Category 1 Category 2 Category 2 Category 3 Category 3
Qualitative Risk Factors (from PCAOB AS2) Weights Rate Score Rate Score Rate Score
Estimation 20
Routine/Non-routine 10
Automatic/Manual 10
Account/Reporting Complexity/Changes from Prior Period 10
Susceptibility of Loss Due to Errors or Fraud 10
Complexity/Homogeneity Volume of Activity 10
Nature of Accounts (Suspense/Reserve, etc.) 10
Likelihood of Significant Contingent Liabilities 10
Existence of Related Party Transactions 10
TOTAL 100 100 100 100
Risk Factors are taken directly from AS2/AS5
Risk Ratings Rating
No Risk or N/A 0
Low 1
Medium Low 2
Medium 3
Medium High 4
High 5
Risk Score Score
Low 0-150
Medium 150-300
High 300-500
5
Risk Impact Analysis Risky Company
HIGH
  • Information Technology
  • Supply Chain Management
  • Finance/Acctg
  • Compliance
  • Marketing
  • Purchasing

BUSINESS UNIT HEAT MAP
MED
  • Investor Relations
  • Human Resources
  • Legal
  • Administration
  • Public Relations

RISK
LOW
IMPACT
6
Risk/Impact Corridor Risky Company
RISK CORRIDOR
BUSINESS UNIT HEAT MAP
  • Information Technology

HIGH
  • Supply Chain Mgmt
  • Finance/Acctg
  • Compliance
  • Marketing
  • Purchasing
  • Investor Relations

MED
  • Human Resources

RISK
  • Legal
  • Administration
  • Public Relations

LOW
IMPACT
7
Risk Impact Analysis Risky Company
  • Capacity Planning
  • Business Continuity Planning

AUDIT UNIVERSE HEAT MAP
  • Disaster Recovery

HIGH
  • Plant Operations
  • Supply Chain
  • SOX Compliance
  • Financial Reporting
  • Compliance
  • Revenue Receivables
  • Cash Receipts

MED
  • Human Resources

RISK
  • Marketing
  • Cash Reimbursements
  • Accounts Payable
  • Purchasing
  • Investments
  • Public Relations
  • Legal Corp Secretary
  • Physical Security
  • TE Reporting
  • Fixed Assets
  • Budgeting

LOW
  • Bank Reconciliations
  • Facilities
  • Payroll

Audits are in italics
IMPACT
8
Risk Impact Corridor Risky Company
RISK CORRIDOR
  • Capacity Planning

AUDIT UNIVERSE HEAT MAP
  • Business Continuity Planning
  • Disaster Recovery

HIGH
  • Plant Operations
  • Supply Chain
  • SOX Compliance
  • Financial Reporting
  • Compliance
  • Revenue Receivables
  • Cash Receipts

MED
RISK
  • Human Resources
  • Marketing
  • Cash Reimbursements
  • Accounts Payable
  • Purchasing
  • Investments
  • Public Relations
  • Physical Security
  • Legal Corp Secretary
  • TE Reporting
  • Fixed Assets
  • Budgeting

LOW
  • Bank Reconciliations
  • Facilities
  • Payroll

IMPACT
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Jim Tholey" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!