|
|
>
Internal audit and Risk Advisory
Enterprise Risk Management
Enterprise risk management (ERM) is the process of identifying and addressing methodically the potential events that represent risks to the achievement of strategic objectives, or to opportunities to gain competitive advantage. which may otherwise adversely affect company’s operation, reputation and sustenance. It enables corporates to proactively manage risks by adopting following strategies.
- Identifying various risk associated like Resource’s risk, Budget risk, Requirement risk and Scheduling risk etc
- Them accepting or limiting risks if they are not material in comparison with the cost of control
- Eliminating risks by appropriate risk mitigation and by insuring them when cost of control is less than the risks
- Risks Assessment to prioritise risks based on likelihood and impact post meetings/ discussions with the respective stakeholders
- Internal Audit Plan covering prioritised audit areas and execution of the same
- Risk Register compilation which contains all the risks and corresponding controls / risk mitigation measures
Process Control Design Review
This process involves an independent review of Processes to identify process weaknesses at the process design level from control perspective and Explore opportunities to achieve process efficacy and efficiency before proceeding to carry out full-fledged internal audit. The process involves :
- Mapping the "As-is" actual processes
- Comparing them with "To-be" processes
- Documenting activity specific maker, checker, activity frequency, Turn Around Time, KPIs and escalation matrix
- Proactive identification of risks associated with the activities and suggesting risk mitigation steps and way forwards.
Internal/Management Audit
Internal Audits help in evaluating a company's internal controls, including its corporate governance and accounting processes. These audits ensure compliance with laws and regulations and help to maintain accurate and timely financial reporting and data collection. We at VSM apart from standard internal audit practices covers the following:
- Review of Standard Operating Procedures (SOPs)
- Review of Operational Risk Management Processes and Risk Control Matrix
- Review of Internal Financial Control processes
- Analytical and trend analysis to understand operational efficiency
Risk Compliance Service
Governments in India and other countries have through law has mandated compliances to protect and safeguard investors. Like the Internal Financial Controls (IFC) as mandated in the Companies Act, 2013 (Act), The Sarbanes-Oxley Act of 2002, often simply called SOX or Sarbox, is U.S. law meant to protect investors from fraudulent accounting activities by corporations and The Foreign Corrupt Practices Act of 1977 (FCPA)that prohibits U.S. citizens and entities from bribing foreign government officials to benefit their business.
These laws have rewritten the rules for corporate governance and disclosures by institutionalizing measures to strengthen a company’s internal checks and balances through greater accountability. This is realized through significantly redefined roles and responsibilities for the Board, Audit Committee, statutory auditors, and management. The regulation makes Boards explicitly responsible for evaluating and monitoring the efficacy of compliance with this acts.
We at VSM provide following services to ensure compliances with this provisions of Law :
Internal Financial Control (IFC)
- Preparation of design and implementation of operational/financial processes and review thereof
- Preparation of Risk Control Matrix and review thereof
- Risk mitigation steps/suggestions to make existing operational/financial processes more robust
SOX 404 Compliance
- Helping the organization with the implementation, documentation, evaluation, improvement and maintenance of internal control systems
- Annual assessment of the internal control system
Foreign Corrupt Practices Act Compliance Services (FCPA)
- Design, implementation, review and improvement of an existing program that promotes ethical conduct and minimizes the risk of bribery law violations in companies
IT Risk Assurance
We help our clients to ensure that their systems deliver the maximum business benefit, while minimising inherent risks. This includes risk management on IT systems and IT projects and business continuity services to allow a business to recover from a disaster, like the loss of its IT systems. At VSM we provide review , assessment and solutions on following controls:
- Logical access controls over applications, data and supporting infrastructure
- Program change management controls
- Backup and recovery controls
- Computer operation controls
- Data center physical security controls
- System development life cycle controls
Corporate Governance
Corporate governance is the combination of rules, processes or laws by which businesses are operated, regulated or controlled. The term encompasses the internal and external factors that affect the interests of a company's stakeholders, including shareholders, customers, suppliers, government regulators and management. To ensure proper installation of corporate governances in company, we provide the following services:
- Preparation of Audit Committee Charter
- Preparation of Internal Audit Charter
- Preparation of Internal Audit Manual
- Clause 49 Compliance Reviews
- SOX Compliance
- Creation of Whistle Blower Policy
- Designing and review of authority Metrix for financial powers
- Supporting Corporates in certifications by reviewing processes and controls such as Internal Financial Control Testing and Internal Controls over Financial Reporting
Special Assignments- Compliance Reviews
- Operations Audits
- Data Analytics
- IT Audits
|
|
|
|
|