Fundamentals of Risk Management
Internal audit activities
Download 3.45 Mb. Pdf ko'rish
|
Fundamentals of Risk Management
|
Internal audit activities
417 The three lines of defence approach is also compatible with the concept of govern- ance, risk and compliance (GRC), which is illustrated in Figure 35.2. The GRC approach is based on the overall view that the board is responsible for governance issues across the whole organization. In this role, the board will look to all three lines of defence to ensure adequate attention is paid to risk. The non-executive directors, in particular, will look to internal audit to provide assurance on the broad range of compliance issues within the organization. The requirement for keeping accurate financial records applies to all organizations, and these will often be produced by an external accountancy firm, which will also act as external auditors. External auditors will be required to confirm, and in some cases attest to, the accuracy of the financial records. These external auditors may be considered to be the fourth line of defence. Additionally, for highly regulated organ- izations, there will be regulators requiring compliance with the rules and regulations within their scope. In the circumstances, the regulator may be considered to be the fifth line of defence. As with so many areas of risk management and internal control, the terminology used will vary from organization to organization. The box on page 418 describes the three lines of defence approach applied to tax and how it varies from the approach defined above. Nevertheless, the organization in this example is recognizing that responsibilities need to be divided and three lines of responsibilities is an appropriate and robust way of ensuring adequate governance and compliance and, in the case of the example, efficient and effective management of tax risks. An area where risk management and internal control can work together is in establishing the risk management/internal control priorities for the coming year. Download 3.45 Mb. Do'stlaringiz bilan baham: 
|