By the end of the course delegates will be able to:

• Describe key risk management and internal control concepts
• Apply  the main industry frameworks and standards which influence internal controls
• Assess the effectiveness of their organisations internal controls
• Demonstrate to and guide executives and management in the establishment of an appropriate control environment
• Understand the effective usage of internal controls

• What is Corporate Governance?
• Why is it different for financial institutions?
• Internal controls as a mechanism for controlling risks
• Board and senior management responsibilities for internal controls and the establishment of a control culture
• US Sarbanes Oxley Act 2002 and its requirements for monitoring and annual reporting on internal controls effectiveness

• The definition and purpose of internal controls
• The five components of the original COSO internal controls framework
• Integration of the original COSO control framework into COSO Enterprise Risk Management framework (ERM)
• Linking COBIT to COSO – Information technology framework and internal controls

• The three categories of objectives for internal controls
• COSO internal controls framework – the expanded 2013 revision
• The new seventeen principles – practical application to provide comprehensive controls
• The strong link between Basel II operational risk management and COSO
• Inherent limitations of internal controls

• The vital first step – establishing the management tone at the top and an institution-wide code of conduct reflecting integrity and ethical values
• Board and management’s delegation of authority
• Commitment to competence – attracting, developing and retaining the right human resources
• Performance measures, incentives and rewards

• Risk appetite and strategy established by the Board and risk response strategies
• Control activities, internal controls, responsibilities and uses through the eyes of different stakeholders
• Inherent and residual risks
• Reporting and assurance