Internal Control Management by Design, LONDON

Workshop Summary

Internal control management has become a critical foundation for corporate governance, risk management, and compliance (GRC). Operationally effective controls are the linchpin that ensures the organisation can reliably achieve objectives while addressing uncertainty and acting with integrity. Controls are critical throughout business strategies, operations, and processes. Reactive and a stovepipe approach to internal controls management leave the organisation not seeing the big picture of how controls interrelate with each other, risks, and compliance obligations.  In the UK, following the consultation on Restoring Trust in Audit and Corporate Governance, last year, the UK Government invited the Financial Reporting Council (FRC) to strengthen the UK Corporate Governance Code (UKCGC) in specific areas.  One of the updated and strengthened sections of the UKCGC, to be released in January 2024, is that on internal controls.  Boards will be required to provide a declaration, with explanation, on whether it can reasonably conclude that the organisation’s risk management and internal control systems have been effective for the period being reported.   

Organisations need a blueprint for effective, efficient, and agile internal control management as business becomes increasingly complex in a changing business and risk environment – that struggles with growing regulations, globalisation, and distributed operations. This requires organisations to design internal management as an integrated part of strategy and operations supported by an integrated internal control information architecture that gives organisations a 360° situational awareness of internal controls in business strategy and operations.

This workshop gives participants a blueprint for effective internal control management strategies in a dynamic business and risk environment. We’ll delve into integrating internal control management seamlessly into your governance, risk management, and compliance – GRC – processes and operations, ensuring a cohesive approach. You’ll explore diverse internal control management architecture models tailored to your organisation’s unique needs, enabling you to reliably achieve objectives, address uncertainty/risk, and act with integrity. Discover a range of internal control assessment and monitoring techniques to safeguard your business effectively. We’ll guide you in developing a structured internal control management information and technology architecture that aligns seamlessly with your business operations, enhancing efficiency, effectiveness, resilience, and agility. Join us to empower your business with comprehensive, strategic internal control management skills. 

Agenda 

1. Internal Control Drivers & Trends Impacting Organisations 
2. Internal Control Management Strategy 
3. Internal Control Management Processes 
4. Internal Control Management Information, Technology & Automation 

Workshop Objectives

The objective of this workshop is to leave attendees with the ability to effectively manage internal controls in the context of governance, risk management, and compliance to enable the organisation to reliably achieve objectives, address uncertainty, and act with integrity. Participants will understand the challenges and pitfalls associated with managing internal controls and achieving success by capitalising on an integrated internal control management strategy and processes. The workshop will detail the ongoing monitoring and automation of internal controls, helping attendees define a structured internal control management lifecycle. 

Ownership and accountability for internal control management will be established, ensuring process consistency and effective communication with control, risk, and business owners. Attendees will also learn to track critical workflows and tasks related to internal control processes and assessments. Furthermore, the workshop will equip participants with the skills to deliver effective internal control governance and assurance to the board of directors, regulators, and stakeholders. Metrics will be monitored to establish the effectiveness of internal controls, and attendees will become adept at identifying and resolving issues related to internal controls. 

The workshop will also cover mapping internal controls to objectives, risks, policies, issues, and other GRC areas. 

Detailed Agenda 

Part 1: Internal Control Drivers & Trends 

• Why internal control management matters 
• Internal control in disarray: how organisations mismanage controls 
• Internal control exposure: how mismanaged controls expose the organisation to risk 
• Current drivers & trends pressuring organisations in internal control management 
• Different ways organisations approach internal control management 
• What effective internal control management achieves: internal control management’s role in governance, risk management, and compliance 

Part 2: Internal Control Strategy & Governance 

• Blueprint for effective internal control management 
• Internal control governance: bringing together the range of internal control management roles and responsibilities in the organisation 
• Developing a collaborative and enterprise view of internal controls and how it relates to performance, risk, and compliance 
• Internal control management strategy: defining a structure to govern internal controls 

Part 3: Internal Control Management Process & Lifecycle 

• Managing internal controls in the lifecycle and capability of GRC 
• Internal Control Identification – Collaborative process to identify internal controls from both the bottom and the top 
• Internal Control Analysis – Defining effective and operational controls to provide assurance while mitigating risk 
• Internal Control Management – Strategies to manage controls in context of performance, risk, and compliance 
• Internal Control Communication – Assign and manage internal control ownership and accountability 
• Internal control metrics & reporting 

Part 4: Internal Control Information & Technology Architecture 

• Enabling information & technology of internal control management 
• Internal control information architecture: blueprint for managing internal control  content and related data 
• Types of internal control automation and how it integrates into broader GRC processes 
• Kinds of internal control technologies and what best serves the organisation 
• Internal control management business case: articulating the value of effective internal control management

GRC 20/20 Analyst will be facilitating this workshop . . .

GRC 20/20 ResearchMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 30+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” – being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

About Event Host . . .

CoreStream provides a next generation GRC platform, covering a broad range of GRC topic areas.  The CoreStream platform is a true no-code platform that is used by organisations to digitally enable their GRC activities.  It also offers a range of ‘off-the-shelf’ solutions to address common customer requirements.  In relation to controls, CoreStream’s intuitive and flexible controls solution includes all the key features to help you implement, embed and manage your internal controls framework.  The solution comes pre-configured but can also be adjusted through no-code configuration to meet your exact requirements based on your operating model and approach to internal controls.