CORPORATE STRATEGIC and OPERATIONAL CONTROLS
TABLE OF CONTENTS
DEDICATIONS
DISCLAIMER
BOOK SYNOPSIS
PREFACE
PART A: BASIC TERMS AND CONCEPTS
CHAPTER 1: INTRODUCTION TO MANAGEMENT, REGULATIONS AND CONTROLS
1.1. Chapter Summary
1.2. Management Roles
1.3. Levels of Management Structure
1.4. Legal and Religious Systems
1.4.1. Civil Law
1.4.2. Common Law
1.4.3. Religious Laws
1.5. International Regulations, Guidelines and Control Frameworks
1.5.1. Introduction
1.5.2. Corporate Governance Guidelines
1.5.2.1. The UN Global Compact Guidelines
1.5.2.2. The ILO Declaration on Fundamental Principles and Rights at Work
1.5.2.3. The OECD Corporate Governance Guidelines
1.5.2.4. The Canadian Coalition for Good Governance Guidelines
1.5.2.5. The U.S. GLB Act
1.5.2.6. The U.S. HIPAA Act
1.5.2.7. The GRI Framework
1.5.3. Internal Control Frameworks
1.5.3.1. The COSO Framework
1.5.3.2. The Sarbanes - Oxley (SOX) Act
1.5.3.3. The BIS Framework
1.5.4. IT related Control Frameworks
1.5.5. IT Security Guidelines and Standards
1.6. Key Concepts of Management Controls
1.6.1. Management Control Systems
1.6.2. Description of the concept of control
1.6.3. Characteristics of Control
1.6.4. Organizational, Strategic and Operational Control
1.6.5. Problems of Control
1.6.6. Measurement of Output
1.6.7. Setting Standards
1.6.8. The Importance of Strategic Control
1.6.9. Differences Between Strategic and Operational Control
1.7. Conclusion
1.8. Review Questions
1.9. End Notes
1.10. Selected References
CHAPTER 2: PROPOSED ORGANIZATIONAL CONTROLS FRAMEWORK
2.1. Chapter Summary
2.2. Description of the Present Socio-Economic Environment
2.3. Socio-economic needs for the Organizational Controls Framework
2.4. Regulatory Control Frameworks
2.4.1. The COSO Framework
2.4.2. The Sarbanes - Oxley (SOX) Act
2.4.3. The BIS Framework
The full framework contains the following:
2.4.4. The COBIT Framework
2.4.5. The ITIL Framework
2.5. Basic Components of the proposed Organizational Controls Framework
2.5.1. Organization Controls Framework Checklist
2.5.2. Proposed Organizational Controls Framework
2.6. Conclusion
2.7. Review Questions
2.8. End Notes
2.9. Selected References
PART B: MAIN ORGANIZATIONAL CONTROLS
CHAPTER 3: CORPORATE PHILOSOPHY CONTROLS
3.1. Chapter Summary
3.2. Purpose of Corporate Philosophy Controls
3.3. Main Corporate Philosophy Controls
3.3.1. Vision, Mission and Values Statements
3.3.2. Corporate Ethics Policy
3.3.3. Corporate Social Responsibility Policy
3.3.4. Corporate Ethics Committee, Office and Program
3.3.5. Other Relevant Corporate Policies
3.4. Corporate Philosophy Performance Measures
3.5. Review and Audit Tools and Techniques
3.5.1. Corporate Vision, Mission, and Values Statements Checklist
3.5.2. Departmental Vision, Mission, and Values Statements Checklist
3.5.3. Corporate Ethics Policy Checklist
3.5.4. Corporate Ethics Program Checklist
3.5.5. Corporate Fraud Management Checklist
3.6. Conclusion
3.7. Review Questions
3.8. End Notes
3.9. Selected References
CHAPTER 4: MAIN CORPORATE GOVERNANCE CONTROLS
4.1. Chapter Summary
4.2. Purpose and Main Types of Corporate Governance Controls
4.3. Board of Directors Charter
4.4. Corporate Committees
4.4.1. Audit Committee
4.4.2. Benefits and Personnel Committee
4.4.3. Information Technology (IT) Committee
4.4.4. Financial Issues Committee
4.4.5. Business Continuity Issues Committee
4.5. Corporate Policies
4.5.1. Financial Accounting Policy
4.5.2. Customer Relations Policy
4.5.3. Fraud and Theft Policy
4.5.4. Human Rights Policy
4.5.5. Community Relations Policy
4.5.6. Information Technology Policy
4.5.7. Health and Safety Policy
4.5.8. Privacy of Information Policy
4.5.9. Information Sensitivity Policy
4.5.10. Environment Management Policy
4.5.11. Fixed Asset Management Policy
4.6. Corporate Processes and Plans
4.6.1. Corporate Strategic Plans
4.6.2. Performance Management Process
4.6.2.1. Performance Management Policy
4.6.3. Risk Management Process
4.6.4. Internal Audit Process
4.5.5. Business Continuity Plan
4.5.6. Employee Management Policies and Procedures Handbook
4.5.7. Transaction Authorization Controls
4.5.8. Corporate Compliance Officer
4.6. Other Corporate Controls
4.7. Corporate Governance Performance Measures
4.8. Review and Audit Tools and Techniques
4.8.1. Internal Controls Framework Checklist
4.8.2. Business Continuity Audit Review Program
4.8.3. Generic Performance Audit Program
4.9. Conclusion
4.10. Review Questions
4.11. End Notes
4.12. Selected References
CHAPTER 5: STRATEGIC MANAGEMENT CONTROLS
5.1. Chapter Summary
5.2. Purpose and Main Types of Strategic Management Controls
5.3. Corporate Strategic Planning Committee
5.4. Strategic Plans
5.4.1. Description of Strategy
5.4.2. Strategy Types
5.4.3. Description of the Strategic Management Process
5.4.4. Objectives of the Strategic Management Control System
5.4.5. How to create a Corporate Strategic Plan
5.4.6. Strategic Process Methodology
5.4.7. Corporate Strategic Plan-Example
5.4.8. Strategic Resource Plans
5.5. Strategic Budgets
5.6. Strategy Implementation Action Plans
5.7. Performance Management Framework
5.8. Strategic Performance Measures
5.9. Review and Audit Tools and Techniques
5.9.1. Strategic Readiness Checklist
5.9.2. Business Idea Development Checklist
5.9.3. Corporate Strategic Plan Checklist
5.10. Conclusion
5.11. Review Questions
5.12. End Notes
5.13. Selected References
CHAPTER 6: FINANCIAL CONTROLS
6.1. Chapter Summary
6.2. Purpose and Main Types of Financial Controls
6.3. Financial Organization Controls
6.3.1. Financial Issues Committee
6.3.2. The Function of the Controller
6.3.3. Accounting Manager – Job Description
6.3.4. Budget Department
6.4. Financial Policies and Procedures
6.4.1. Financial Accounting Controls Policy
6.4.2. Financial Accounting Procedures
6.4.3. Financial Revenue Procedures
6.4.4. Budgeting Procedure
6.5. General Ledger Controls
6.5.1. Chart of Accounts
6.5.2. General Ledger
6.5.3. Trial Balance
6.5.4. Financial Statements
6.6. Computerized Financial Systems
6.6.1. General Ledger Financial Systems
6.6.2. Customer Invoicing (CI) Systems
6.6.3. Accounts Payable (AP) Systems
6.6.4. Customer Orders /Sales Processing (COP) Systems
6.6.5. Payroll Systems
6.7. Financial Performance Measures
6.8. Review and Audit Tools and Techniques
6.8.1. Detail Management Controls Checklist
6.8.2. Financial Management Controls Checklist
6.8.3. Asset Management Controls Checklist
6.9. Conclusion
6.10. Review Questions
6.11. End Notes
6.12. Selected References
CHAPTER 7: ADMINISTRATIVE CONTROLS
7.1. Chapter Summary
7.2. Purpose and Main Types of Administrative Controls
7.3. Administrative Organizational Controls
7.3.1. Corporate Committees
7.3.2. Organizational Structure and Departmental Terms of Reference
7.4. Administrative Procedures
7.4.1. Files, Documents and Records Management Procedures
7.4.2. Confidential Information Release Procedures
7.4.3. Management Reporting Procedures
7.4.4. Asset Protection Procedures
7.4.5. Legal Procedures
7.5. Administrative Office Controls
7.5.1. Physical Security Controls
7.5.2. Mail Controls
7.5.3. EDI Controls
7.5.4. Facsimile Transmission Controls
7.5.5. Personnel Management Controls
7.5.6. Social Engineering Controls
7.5.7. Daily Activities Controls
7.6. Policies, Procedures and Forms Controls
7.7. Administrative Performance Measures
7.8. Review and Audit Tools and Techniques
7.8.1. Internal Controls System: Policies and Procedures Checklist
7.8.2. Departmental Terms of Reference Checklist
7.8.3. Records Management System Checklist
7.8.4. Legal Issues Checklist
7.9. Conclusion
7.10. Review Questions
7.11. End Notes
7.12. Selected References
CHAPTER 8: HUMAN RESOURCE CONTROLS
8.1. Chapter Summary
8.2. Purpose and Main Types of Human Resource Controls
8.3. Human Rights Policy
8.4. Benefits and Personnel Committee
8.5. Human Resource (HR) Systems
8.6. Personnel Administration Procedures
8.7. Employee Management Policies and Procedures Handbook
8.8. Human Resource Performance Measures
8.9. Review and Audit Tools and Techniques
8.9.1. Human Resources Management System Checklist
8.9.2. Personnel Responsibilities and Skills Checklist
8.9.3. Personnel Management Audit Program
8.10. Conclusion
8.11. Review Questions
8.12. End Notes
8.13. Selected References
CHAPTER 9: PRODUCTION CONTROLS
9.1. Chapter Summary
9.2. Purpose and Main Types of Production Controls
9.3. Purpose and Main Types of Production Controls
9.4. Operations Policies and Procedures
9.4.1. Purchasing Process and Procedural Controls
9.4.2. Inventory Control Procedures
9.4.3. Project Management Controls
9.5. Manufacturing Process Controls
9.5.1. New Product Development Controls
9.5.2. Bill of Materials (BOM) File
9.5.3. Master Production Schedule (MPS)
9.5.4. Material Requirements Planning (MRP)
9.5.5. Inventory Master Records (IMR) File
9.5.6. Inventory Transactions File
9.5.7. Preventive Maintenance Controls
9.6. Computerized Production Information Systems
9.6.1. Material Requirements Planning (MRP) System
9.6.2. Cost Accounting (CA) System
9.6.3. Production Planning and Control (PPC) System
9.6.4. Enterprise Resource Planning (ERP) System
9.7. Quality Management Controls
9.8. Standardization Procedures
9.9. Performance Management Controls
9.9.1. Divisional, Departmental and Individual Performance Goals
9.9.2. Production Performance Measures
9.10. Review and Audit Tools and Techniques
9.10.1. Production Process Audit Program
9.10.2. Purchasing Controls Checklist
9.10.3. Inventory Controls Checklist
9.10.4. Quality Management Controls Checklist
9.11. Conclusion
9.12. Review Questions
9.13. End Notes
9.14. Selected References
CHAPTER 10: INFORMATION TECHNOLOGY (IT) CONTROLS
10.1. Chapter Summary
10.2. Purpose and Main Types of IT Controls
10.3. IT Organization Controls
10.4. IT Administration Controls
10.5. IT Strategy Controls
10.5.1. IT Strategic Process Methodology
10.5.2. IT Strategic Plan
10.6. System Development Controls
10.7. IT Security Controls
10.8. IT Operational Controls
10.9. IT Technical Controls
10.10. Computerized Application Controls
10.11. IT Performance Management Controls
10.11.1. IT Balanced Scorecard
10.11.2. IT Management Reporting
10.12. Review and Audit Tools and Techniques
10.12.1. IT Terms of Reference Checklist
10.12.2. IT Vision, Mission, and Values Checklist
10.12.3. IT Strategic Planning Checklist
10.12.4. IT Technology Coverage Checklist
10.12.5. IT Performance Assessment Audit Program
10.13. Conclusion
10.14. Review Questions
10.15. End Notes
10.16. Selected References
PART C: DESIGN, IMPLEMENTATION AND MONITORING OF CONTROLS
CHAPTER 11: DESIGNING STRATEGIC AND OPERATIONAL CONTROLS
11.1. Chapter Summary
11.2. Basic Components of Designing Strategic and Operational Controls
11.3. The Process of Strategic and Operational Controls
11.4. Objectives of a Strategic and Operational Control System
11.5. Selecting a Strategic and Operational Control System
11.6. Designing Strategic Management Controls
11.6.1. Strategic Controls Process
11.7. Corporate Policies and Procedures Management Plan
11.8. Management Duties, Responsibilities and Conflicts of Interest Guidelines
11.8.1. Duties and Responsibilities
11.8.2. Conflicts of Interest Guidelines
11.9. Key Issues in Designing Strategic and Operational Controls
11.10. Frameworks for Implementing Strategic Controls
11.10.1. The BSC Framework
11.10.2. The Total Quality Management (TQM) Framework
11.10.3. The EFQM Framework
11.10.4. Common Assessment Framework (CAF)
11.10.5. Other Frameworks
11.10.6. ComparativeAnalysisof Frameworks
11.11. Performance Measures for Designing Controls
11.12. Review and Audit Tools and Techniques
11.12.1. Strategic Management Controls Checklist
11.12.2. Organizational Controls Readiness Checklist
11.13. Conclusion
11.14. Review Questions
11.15. End Notes
11.16. Selected References
CHAPTER 12: Implementing STRATEGIC and operational CONTROLS WITH THE BSC
12.1. Chapter Summary
12.2. Basic Components of Implementing Strategic Management Controls
12.3. The Rationale for BSC Development and Implementation
12.4. The BSC General Implementation Process
12.5. BSC Detail Implementation Approaches
12.5.1. Full-Scale BSC Implementation Methodology
12.5.2. BSC Quick Implementation Approach
12.5.3. Linking the various BSC components
12.6. Critical Success Factors in Implementing Strategic Controls
12.7. Examples of Strategic Management Controls Implemented via BSC
12.8. Performance Measures for Implementing Controls
12.9. Review and Audit Tools and Techniques
12.9.1. BSC Implementation Checklist
12.9.2. Strategic Controls Implementation Checklist
12.9.3. Strategic and Operational Controls Checklist
12.10. Conclusion
12.11. Review Questions
12.12. End Notes
12.13. Selected References
CHAPTER 13: Monitoring AND REVIEW CONTROLS
13.1. Chapter Summary
13.2. Purpose and Main Types of Monitoring and Review Controls
13.3. Monitoring Controls System
13.4. Monitoring Implementation of the Strategic Plan
13.5. Monitoring Implementation of Policies and Procedures
13.5.1. Continuous Management Monitoring Procedures
18.5.2. Communicating Performance Information Procedure
13.5.3. Management Reports Monitoring Procedures
13.5.4. Data Quality Monitoring Procedures
13.6. Review and Compliance Controls
13.6.1. Internal Audit Process
13.6.2. Corporate Compliance Officer
13.6.3. Daily Activities Review Controls
13.6.4. Computer Security Monitoring and Review Procedures
13.6.5. The Corporate Governance Information System (CGIS)
13.6.6. External Assessment Procedures
13.6.7. Self Assessment Procedures
13.7. Performance Measures for Monitoring Controls
13.8. Review and Audit Tools and Techniques
13.8.1. Organizational Controls Monitoring Audit Program
13.8.2. Communications System Review Checklist
13.8.3. Internal Audit Checklist
13.8.4. Monitoring Strategic Plan Checklist
13.8.5. Monitoring Corporate Controls Checklist
13.8.6. Monitoring IT Controls Checklist
13.9. Conclusion
13.10. Review Questions
13.11. End Notes
13.12. Selected References
APPENDICES
Appendix 1. The Code of Hammurabi
Appendix 2. The Ten Laws of Solon
Appendix 3. The Maxims of the Oracle of Delphi
Appendix 4. Examples of BSC Implementations
Appendix 5. Strategic Analysis and Assessment Methods and Tools
Appendix 6. Chief Information Officer – Job Description
Appendix 7. List of Audit and Review Programs
Appendix 8. List of Audit and Review Checklists
Appendix 9. Review Questions and Answers
GLOSSARY OF BUSINESS TERMS AND CONCEPTS
BIBLIOGRAPHY AND OTHER RESOURCES
SUMMARY BIOGRAPHICAL DATA OF AUTHORS