GRC Workshop Summary

Internal control management has become a critical foundation for corporate governance, risk management, and compliance (GRC). Operationally effective controls are the cornerstone that ensures the organization can reliably achieve objectives while addressing uncertainty and acting with integrity. Controls are critical throughout business strategies, operations, and processes. Reactive and siloed approaches to internal control management leave organizations unable to see the big picture of how controls interrelate with risks and compliance obligations.

In the US, following ongoing discussions around strengthening audit practices and corporate governance, organizations face increasing regulatory scrutiny over internal controls. Boards are expected to provide assurances regarding the effectiveness of the organization’s risk management and internal control systems for the reporting period.

Organizations need a blueprint for effective, efficient, and agile internal control management in a business environment increasingly challenged by growing regulations, globalization, and distributed operations. This requires organizations to design internal control management as an integrated part of strategy and operations, supported by an integrated internal control information architecture that provides a 360° situational awareness of controls within business strategy and operations.

Internal Control Management Workshop

This workshop provides participants with a comprehensive blueprint for effective internal control management strategies in a dynamic business and risk environment. We’ll explore how to integrate internal control management seamlessly into your governance, risk management, and compliance (CoreStream GRC) processes and operations, ensuring a unified approach.

Participants will learn to design diverse internal control management architecture models tailored to their organization’s unique needs, enabling them to reliably achieve objectives, address uncertainty and risk, and act with integrity. Discover a range of internal control assessment and monitoring techniques to safeguard your business effectively. We’ll guide you in developing a structured internal control management information and technology architecture that aligns seamlessly with business operations, enhancing efficiency, effectiveness, resilience, and agility. Join us to empower your organization with comprehensive, strategic internal control management skills.

Agenda for the Internal Control Workshop

• Internal Control Drivers & Trends Impacting Organizations
• Internal Control Management Strategy
• Internal Control Management Processes
• Internal Control Management Information, Technology & Automation

Internal Control Workshop objectives

The objective of this workshop is to equip attendees with the ability to effectively manage internal controls in the context of governance, risk management, and compliance (CoreStream GRC). Participants will gain the tools to help their organization reliably achieve objectives, address uncertainty, and act with integrity.

Key learning outcomes include:

• Understanding the challenges and pitfalls of managing internal controls and achieving success with an integrated internal control management strategy.
• Mastering ongoing monitoring and automation of internal controls.
• Defining a structured internal control management lifecycle.
• Establishing ownership and accountability for internal control management.
• Tracking critical workflows and tasks related to internal control processes and assessments.
• Delivering effective internal control governance and assurance to boards, regulators, and stakeholders.
• Monitoring metrics to evaluate the effectiveness of internal controls.
• Mapping internal controls to objectives, risks, policies, issues, and other GRC areas.

Detailed agenda

Part 1: Internal Control Drivers & Trends

• Why internal control management matters.
• Internal control challenges: how organizations mismanage controls.
• Risk exposure: how poorly managed controls increase organizational risk.
• Drivers and trends impacting internal control management.
• Approaches to internal control management.
• Benefits of effective internal control management: its role in CoreStream GRC.

Part 2: Internal Control Strategy & Governance

• Blueprint for effective internal control management.
• Internal control governance: unifying internal control roles and responsibilities.
• Developing a collaborative, enterprise-wide view of internal controls in relation to performance, risk, and compliance.
• Crafting a robust internal control management strategy.

Part 3: Internal Control Management Process & Lifecycle

• Managing internal controls within the lifecycle and capabilities of CoreStream GRC.
• Identifying internal controls collaboratively from top-down and bottom-up perspectives.
• Analyzing controls to ensure they are effective, operational, and risk-mitigating.
• Strategies for managing controls in the context of performance, risk, and compliance.
• Assigning and managing internal control ownership and accountability.
• Metrics and reporting for internal controls.

Part 4: Internal Control Information & Technology Architecture

• Leveraging technology for internal control management.
• Internal control information architecture: a blueprint for managing data and content.
• Types of internal control automation and how they integrate into CoreStream GRC.
• Selecting the right technologies for your organization’s needs.
• Building the business case for effective internal control management.

---

Frequently Asked Questions (FAQ)

1. What is internal control management, and why is it important?

Internal control management involves designing, implementing, and monitoring controls that help an organization achieve its objectives, address risks, and ensure compliance with regulatory requirements. It is critical because it provides assurance to stakeholders that the organization operates with integrity, mitigates risks effectively, and adheres to governance standards.

2. How does CoreStream GRC support internal control management?

CoreStream GRC provides an integrated platform for managing governance, risk, and compliance processes, including internal controls. It streamlines workflows, improves visibility, and enhances collaboration by centralizing data and automating control assessments and reporting.

3. What are some common challenges organizations face in internal control management?

Organizations often struggle with siloed processes, lack of visibility into control effectiveness, insufficient accountability, and outdated technology. These challenges lead to inefficiencies, increased risks, and difficulties in ensuring compliance.

4. How can automation improve internal control management?

Automation enhances efficiency by reducing manual tasks, improving accuracy in control assessments, and providing real-time reporting. It also enables continuous monitoring, which helps organizations quickly identify and address control gaps.

5. What are the key metrics for evaluating internal control effectiveness?

Common metrics include the percentage of controls operating effectively, the number of control failures, the time taken to remediate issues, and the alignment of controls with organizational objectives and risks.

6. Why is ownership and accountability important in internal control management?

Clear ownership and accountability ensure that controls are consistently managed and monitored. Assigning responsibility fosters a culture of compliance and helps avoid gaps in control processes.

7. How can the GRC 2020 CoreStream GRC workshop help my organization?

This workshop provides actionable insights, tools, and strategies to build a robust internal control management framework. It helps attendees align internal controls with business objectives, adopt advanced technologies, and ensure compliance with best-practice processes.