Essay PreviewMore ↓
In the wake of high-profile corporate scandals and subsequent regulatory legislation, reporting internal controls has become a requirement. These requirements have led to organizations viewing risk management as an area of vital importance. Best practice organizations have for years looked to the Committee of Sponsoring Organizations of the Treadway’s (COSO) Internal Control Integrated Framework as the standard to build a solid system of internal controls (Managing Risk, 2003). Formed in 1985, COSO is a voluntary and independent private sector organization that sponsored the National Commission of Financial Reporting. The National Commission was made up of various industry representatives who studied the underlying causes that lead to fraudulent financial reporting. The committee developed recommendations for public companies, independent auditors, regulators, and educational organizations, which are designed to improve “the quality of financial reporting through business ethics, effective internal controls, and corporate governance” (COSO, n.d., 1). Recognizing the need for organizations to evaluate risk management efforts, COSO developed a framework for Enterprise Risk Management (ERM) that British Petroleum (BP) Oil Company and other companies can use to establish strong internal controls.
Corporate governance is the monitoring of companies and management. In recent years, due to the negligence of upper management the government has formed regulatory groups to help monitor the process. The National Commission on Fraudulent Financial Reporting, more commonly referred to as the Treadway Commission, was formed in 1985 to inspect, analyze, and make recommendations in what appeared at that time an alarming increase in fraudulent corporate financial reporting. The Commission made a number of recommendations designed for the public company, independent public accountant, the Securities and Exchange Commission, and field of education for the accountant. Treadway Commissions has made recommendations for public companies such as British Petroleum, such as: 1) The tone of management as set by the company officials 2) Careful design of the internal accounting and auditing functions 3) An audit committee composed of independent directors 4) Management and audit committee reports describing the activity and the effectiveness of internal control measures 5) More public dialogue by management when seeking a second opinion on a significant accounting issue.
Implementation plan for enterprise risk management (ERM)
British Petroleum Oil Company broke with the industry and reported the possible link between emission and global warning, so how did the CEO, John Browne wind up as the scapegoat for one of the largest oil spills in the North Slop and the worst refinery incidents in the U.
How to Cite this Page
"Corporate Compliance Report." 123HelpMe.com. 12 Nov 2019
Need Writing Help?
Get feedback on grammar, clarity, concision and logic instantly.Check your paper »
- Corporate Compliance Report When a company is facing issues dealing with corporate compliance, implementing a system to deal with the compliance and corporate governance issues is the best opportunity for the company. The company should develop a process to analyze alternatives and integrate the appropriate opportunity into the company's system. The company will begin by developing an internal control and corporate governance system. This process includes defining and implementing compliance steps and process.... [tags: Business Regulation]
1648 words (4.7 pages)
- Corporate Compliance Report Internal control means different things to different people. This causes confusion among businesspeople, legislators, regulators and others. Resulting miscommunication and different expectations cause problems within an enterprise. Problems are compounded when the term, if not clearly defined, is written into law, regulation or rule. (COSO, 2006) Internal control over financial reporting has always been a major area in the governance of an organization, and this importance has been magnified in recent years.... [tags: Business Regulation ]
1040 words (3 pages)
- Introduction Corporate governance can be thought of as the overall umbrella of control and direction under which a corporation operates. Enterprise Risk Management (ERM) is "a process, effected by an entity's board of directors, management and other personnel, applied in strategy setting and across the enterprise, designed to identify potential events that may affect the entity, and manage risks to be within its risk appetite, to provide reasonable assurance regarding the achievement of entity objectives," (BusinessDictionary.com, 2008).... [tags: Corporate Governance]
1765 words (5 pages)
- In the wake of high-profile corporate scandals and subsequent regulatory legislation, reporting internal controls has become a requirement. These requirements have led to organizations viewing risk management as an area of vital importance. Best practice organizations have for years looked to the Committee of Sponsoring Organizations of the Treadway's (COSO) Internal Control Integrated Framework as the standard to build a solid system of internal controls (Managing Risk, 2003). Formed in 1985, COSO is a voluntary and independent private sector organization that sponsored the National Commission of Financial Reporting.... [tags: Business]
1921 words (5.5 pages)
- In the early years of the Twenty-first Century the United States economy was rocked in part by large corporate scandals that resulted in huge losses for many stockholders and dissolved much investor confidence. In response to these unfortunate incidents of fraudulent financial reporting, laws were passed and committees were organized in an effort to prevent them from happening again. Due to earlier scandals however, the Committee of Sponsoring Organizations of the Treadway Commission (COSO) was formed in 1985 to initially research and create a report on forming integrated frameworks of internal corporate control.... [tags: Finance Accounting Regulation Business]
1673 words (4.8 pages)
- Introduction Corporate governance is a system that ensure companies to be directed and controlled (Cadbury 1992). Among all segments of the corporate governance, boards of directors are quiet essential, because the board have the obligation to governance the whole company and draw up long-term scheme to make it success (ppt wk1 pg21). As for the Corporate Governance Code (CG code), it was first reported in UK, which aimed to regulate the conduct of directors and investors (ppt wk2 pg20). Instead of being adopted as statutory rules for listing on stock exchange market, the CG code only can be regarded as a guidance for corporates, which lacks of statutory backing (Should the Hong Kong Code o... [tags: Corporate governance, Board of directors]
1768 words (5.1 pages)
- With the recent wave of corporate scandals and the subsequent interest in corporate governance, a excess of norms and standards have arisen up around the globe. Corporate governance goes beyond corporate law as objective is to ensure commitment on managing transparency for maximising shareholder values along with fulfillment of legal requirements. As competition rises, technology pronounces the system of Corporate Governance also need to upgrade itself with the changing needs and demands of evolving economic society.... [tags: Corporate governance, Corporation]
735 words (2.1 pages)
- Corporate Compliance Introduction When companies are facing issues dealing with corporate compliance, implementing a system to deal with the compliance and corporate governance issues is the best opportunity for the companies. The companies should develop a process to analyze alternatives and integrate the appropriate opportunity into the companies system. The process includes defining and implementing compliance steps and process. Next, the companies will recommend a preventative solution that incorporates risk mitigation.... [tags: Auditing Finance Business Regulation]
1231 words (3.5 pages)
- Corporate Compliance The United States corporate governance system must seem to be in terrible shape. Top executive compensation is also routinely criticized as excessive by the press, academics, and even top Federal Reserve officials. These failures and concerns in turn have served as catalysts for legislative change— in the form of the Sarbanes-Oxley Act of 2002(SOX) — and regulatory change, including new governance guidelines from the NYSE and NASDAQ. The move toward shareholder value and increased capital market influence has also been apparent in the way corporations have reorganized themselves.... [tags: Business Management Analysis]
2345 words (6.7 pages)
- Introduction Senior executives have long sought ways to better control the enterprises they run. Internal controls are put in place to keep the company on course toward profitability goals and achievement of its mission, and to minimize surprises along the way. Corporate governance has become a top priority for boards of directors, management, auditors, and stakeholders. How can Enterprise Risk Management (ERM) be integrated with internal controls and corporate governance to effectively minimize risk for an organization.... [tags: Business Management Organization]
1466 words (4.2 pages)
“Enterprise Risk Management, ERM, is an iterative and sequential series of steps that utilizes risk self-assessment (the process of identifying and evaluating risk with regard to their potential impact and likelihood, as well as related controls) as well as the subsequent risk management process of control evaluation, action plan definition, monitoring of risk- and implementation development.” (Minsky, 2006) “The goal of ERM is to create, protect, and enhance shareholder value by managing the uncertainties surrounding the achievement of the organization’s objectives.” (Paul J Sorbel, 2004) John Browne is determined to turn British Petroleum’s situation around by hiring outside consultants to determine what went wrong. ERM best practice process is as follows:
1. Let your line management lead the risk management process for their areas.
2. Capture this expert opinion with a framework of risk indicators and a root cause discipline to ensure the quality of capturing the expert opinion.
3. Document their self-assessments of their operating processes to identify “What could go wrong?” based on their powerful expertise gathered from intimate knowledge of the subject matter.
4. Evaluate the expert opinion to determine if action needs to be taken.
5. Formalize the mitigation process to follow-up on these instincts to craft a plan of action that takes into account historical data and traditional analysis.
6. Monitor the plan of action to make sure it actually achieves the goal rather than just appearance. (Minsky, 2006)
The plan for British Petroleum Oil will have to start with internal control consists of five interrelated components. These are derived from the way management runs a business and are integrated with the management process. The components are listed below.
1. Control Environment -The control environment sets the tone of an organization, influencing the control consciousness of its people. It is the foundation for all other components of internal control, providing discipline and structure. (COSO, 2006)
2. Risk Assessment - Risk assessment is the identification and analysis of relevant risks to achievement of the objectives, forming a basis for determining how the risks should be managed. (COSO, 2006)
3. Control Activities - Control activities are the policies and procedures that help ensure management directives are carried out. They help ensure that necessary actions are taken to address risks to achievement of the entity's objectives. (COSO, 2006)
4. Information and Communication - Pertinent information must be identified, captured and communicated in a form and timeframe that enable people to carry out their responsibilities. Information systems produce reports, containing operational, financial and compliance-related information, that make the process possible to run and control the business. The information and communication deal not only with internally generated data, but also information about external events, activities and conditions necessary to make informed business decision-making and external reporting. (COSO, 2006)
5. Monitoring- Internal control systems need to be monitored--a process that assesses the quality of the system's performance over time. This is accomplished through ongoing monitoring activities, separate evaluations or a combination of the two. Ongoing monitoring occurs in the course of operations. It includes regular management and supervisory activities, and other actions personnel take in performing their duties. (COSO, 2006)
With each process of the operation inherent risk is involved. No matter what steps are incorporated in the process, missteps will occur due to human error and machinery breakdowns that can occur. Machinery malfunctions can cause risk to increase likewise. Controls are capable of ensuring that BP process does not go to the extremes. A medium is established and with continuous checks incorporated into the petroleum manufacturing process, upper and lower control limits can be gauged. Minor adjustments to the process to ensure the British Petroleum manufacturing process is maintained in the proper control limits can be made. Statistical Process control is a form of internal controls used in various system processes.
Control activities include the job instructions that are written to ensure the correct steps would be taken if the process went beyond the upper or lower control limits. The risks can be minimized if the proper steps are maintained. The down flow of information is a must to ensure that the appropriate steps can be taken. Information can be daily manufacturing reports or deviations that may have occurred within the last hour of manufacturing or instant updates notifying key personnel of possible irregularities. Real time date would allow defects to be kept to the minimum thus allowing instant corrections to be made to the process.
The last and most important aspect of internal control would be monitoring. This can include random or continuous. The responses that come from the monitoring will determine if all the appropriate parties react correctly. If the results of the monitoring do not cause a reaction whether good or bad, then the internal control process is a wasted effort.
SPC is used to monitor the consistency of processes used to manufacture a product as designed. It aims to get and keep processes under control. No matter how good or bad the design, SPC can ensure that the product is being manufactured as designed and intended. Thus, SPC will not improve a poorly designed product's reliability, but can be used to maintain the consistency of how the product is made and therefore, of the manufactured product itself and its as-designed reliability. (Center for System Reliability, 2005)
Distinguishing among preventive, detective, and corrective internal controls and recommending preventive solutions that incorporates risk mitigation are all part of corporate governance and the regulatory agencies assigned to police upper management and the fair dealings of large corporations that are entrusted to manage our investments. Without a plan of action, there would be more Enron and Worldcom incidences of unethical behavior.
American Institute of Certified Public Accountants (2006) Internal Control: A Tool for
the Audit Committee. Retrieved April 6, 2008 from
COSO (n.d.) Retrieved April 4, 2008 from http://www.coso.org/
COSO (2006) Internal Control - Integrated Framework Retrieved on April 4, 2006 from
COSO (December, 2006) Management’s Report on Internal Controls over Financial
Minsky, S. (2006, October 05). BP Oil Pipeline Leak: A Cry for Enterprise Risk
Management. Retrieved April 7, 2008, from ebiz:
Paul J Sorbel, a. K. (2004). Aligning Corporate Governance with Enterprist Risk
Management. Management Quarterly
Schwartz, N. (2006, October 2). BP was warned. Retrieved April 7, 2008, from
The Institute of Internal Auditors (2003). Managing Risk from the Mailroom to the
Boardroom. Retrieved April 4, 2008 from