As Protiviti closes out another volume of The Bulletin (our newsletter series that focuses on key corporate governance and risk management issues for organizations), we find that the topics addressed in the course of almost three years have focused on risk management strategies, internal control, corporate governance, and key business and regulatory changes facing companies today. We hope you find this summary of Volume 5 helpful in accessing content that is relevant to your organization. All issues of The Bulletin are available at https://www.protiviti.com/US-en/tag/Bulletin.
Issue 1 – “Setting the 2013 Audit Committee Agenda” (12/2012)
The complexity and velocity of change in an increasingly interdependent world are altering the dynamics of doing business. As the business, technological and regulatory environment continues to change, so does the risk landscape that companies and their audit committees face. Given these uncertainties, this issue of The Bulletin provides ideas for consideration by boards and their audit committees with respect to various risk issues as well as important financial reporting-related matters.
Issue 2 – “Ten Keys to Managing Reputation Risk” (4/2013)
With today’s electronic media, the news cycle reporting on the downward spiral of a once-proud organization that has suffered severe reputation impairment is not pleasant to watch. Applied to a business, reputation represents the perception of an organization’s trustworthiness or integrity. If accurate over time, reputation provides a barometer for an organization’s ability to influence and how it is likely to respond in a given situation. However one defines “reputation,” everyone agrees it’s important and recognizes a reputation that has been damaged beyond repair. This issue of The Bulletin explores 10 keys to managing reputation risk arrayed among five broad categories – strategic alignment, cultural alignment, quality commitment, operational focus and organizational resiliency.
Issue 3 – “The Updated COSO Internal Control Framework: Frequently Asked Questions” (5/2013)
This issue of The Bulletin addresses various questions regarding the updated 2013 Internal Control – Integrated Framework from COSO, including why it was updated; what has (and has not) changed; the process for transitioning to its use; some of the nuances of the new principles-based approach; the implications to Sarbanes-Oxley Section 404 compliance; and steps companies should take immediately to get started with the transition process.
Issue 4 – “Applying the Five Lines of Defense in Managing Risk” (9/2013)
Many lessons were learned from the financial crisis. For example, if a CEO ignores the warning signs posed by the risk management function, resists contrarian information suggesting the corporate strategy is either not working or is losing relevance, or fails to consider critical risks when evaluating a critical decision, shareholders can end up paying a high price. It gets worse if management does not involve the board with strategic issues and important policy matters in a timely manner. An effectively designed and implemented “lines-of-defense” framework can provide strong safeguards against such developments. This issue of The Bulletin explores the five essential lines of defense that provide an integrated approach through which an organization responds to risk – the tone of the organization, business unit management and process owners, independent risk management and compliance functions, internal audit, and board risk oversight and executive management.
Issue 5 – “Setting the 2014 Audit Committee Agenda” (12/2013)
The profile of macroeconomic, strategic and operational risks continues to evolve in terms of significance and complexity for many organizations. The risks companies face in today’s global business environment create uncertainty for executive management and the board of directors. This issue of The Bulletin provides observations regarding these risks and agenda ideas for consideration by audit committees based on interactions with client audit committees, roundtables we have conducted, and discussions with directors at various forums.
Issue 6 – “The Future Auditor: The Chief Audit Executive’s Endgame” (4/2014)
According to The Institute of Internal Auditors (IIA), internal auditing “helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control, and governance processes.” This statement captures a vision concerning the endgame to which a CAE should aspire. The term “future auditor” describes a CAE who takes definitive steps toward making this vision a reality within the organization he or she serves. This issue of The Bulletin provides observations regarding our view of the future auditor and its implications to internal audit’s value proposition. Specifically, it offers 12 ways the future auditor delivers demonstrable value in the eyes of the board of directors and executive management.
Issue 7 – “10 Lessons in Integrating Risk Management with Strategy” (4/2014)
In recent years, much has been learned about the importance of integrating risk into strategy-setting. This integration theme is vital because, if ignored, risk becomes an afterthought to strategy and an appendage to performance management. We’ve distilled the learnings down to 10 lessons for executives and directors to keep in mind when integrating risk into the process of formulating and executing strategy. Every organization is different, so there is no one-size-fits-all in terms of applying these lessons for integrating risk management with strategy. However, these lessons provide insights to executive management responsible for an organization’s strategic thinking process and to directors when providing strategic and risk oversight.
Issue 8 – “Is the Collaborative Economy Reshaping Business?” (11/2014)
In a “collaborative economy,” people obtain essential goods and services from each other rather than from established brands and businesses. Just as social media enabled peer-to-peer (P2P) sharing of content, the technologies and peer communities underlying the collaborative economy enable P2P sharing of goods, services, transportation, space and money at a speed and scale unimaginable a decade ago. Underlying the collaborative economy are well-funded established companies and startups that facilitate the sharing that makes it possible. This issue of The Bulletin explores the collaborative economy and its drivers and implications, as well as why it is a strategic imperative to watch developments with this market phenomenon closely to ascertain whether established business models will be at risk or, alternatively, have an opportunity to enhance the customer experience.
Issue 9 – “Setting the 2015 Audit Committee Agenda” (12/2014)
Audit committees continue to face crowded agendas and increasing complexity as we look forward into 2015 in our annual review of potential committee priorities. In this issue, we have developed a 10-point agenda for audit committees to consider for the coming year. These agenda items fall into two groups – enterprise, process and technology issues and financial reporting issues.
Issue 10 – “Top 10 Lessons Learned From Implementing COSO 2013” (4/2015)
Implementing the updated COSO Internal Control – Integrated Framework has been an important endeavor for many public companies in their efforts to comply with SOX Section 404. The SEC requires companies to use a “suitable framework” as a basis for evaluating the effectiveness of internal control over financial reporting, as outlined in Section 404, and the COSO Framework meets that criteria. A strong majority of issuers have completed the transition from the 1992 version to the 2013 version. Much has been learned from the experience of these issuers. In this issue of The Bulletin, we share 10 important lessons learned from these successful implementations.
Issue 11 – “Does Your Organization Face Change With Confidence?” (7/2015)
In a global survey involving 275 board members and executives across a broad range of industries, one of the top 10 risks cited by respondents was that resistance to change may restrict an entity’s ability to make necessary adjustments to its business model and core operations. In a rapidly evolving business environment, executive management and the board of directors need to be able to face change with confidence. This issue of The Bulletin explores facing change with confidence – what it means and why it is vital to the long-term survival and prosperity of any enterprise, whether public, private or not-for-profit, and when and how it is accomplished. In doing so, this issue distinguishes between incremental change and disruptive change.
Issue 12 – “Accounting for Revenue Recognition: A New Era” (11/2015)
A new revenue recognition standard has been issued by the FASB in collaboration with the IASB. The standard’s overall objective is to achieve a comprehensive, principles-based revenue recognition model. It represents a big change because it eliminates prior industry-specific guidance on the one hand and expands revenue-related disclosures required in financial reporting on the other. More important, there is still much uncertainty about the standard’s impact. This issue of The Bulletin discusses the latest implementation timetable, potential significant accounting and reporting changes, industry implications, an approach for getting started, and a transition road map.