KnowledgeLeader Blog

A Guide to Self-Assessment Value Proposition

Posted by Protiviti KnowledgeLeader on Mon, Oct 02, 2017 @ 06:40 AM

Man and Woman With Laptop-1.jpgSelf-assessment is a process through which an organization utilizes its internal knowledge to identify and assess uncertainties and the extent to which current practices are sufficient and appropriate to manage and achieve strategic objectives. Self-assessment drives the "tone at the top" down to process owners.

How does self-assessment contribute to Sarbanes-Oxley compliance?

  • Self-assessment reinforces process owner accountability for critical controls
  • Self-assessment can be an integral component of management’s compliance with Sections 302 and 404
  • Self-assessment is a cost-effective tool for collecting insights and evidence during management’s assessment process
  • It is low cost in application
  • It facilitates roll-forward of preliminary testing
  • It reduces scope of detailed controls testing which would otherwise be required

How does self-assessment affect internal audit?

  • Self-assessment enables internal audit to gather input from across an organization during annual planning
  • Self-assessment can be integrated into the internal audit process, allowing audit teams to focus on the areas that matter
  • Self-assessment is an efficient means for collecting information regarding risk within the organization

Not sure if your organization is in need of assistance related to self-assessment? Ask yourself these questions:

  • Is self-assessment seen as a component of “Year 2” service-oriented architecture (SOA) compliance?
  • Is there an initiative to look into implementing a new self-assessment program or improving upon an existing one?
  • Are paper-based surveys and assessments manually distributed to process owners? Is valuable time and money spent on compiling survey data results?
  • Is there a desire to involve process owners more pervasively in the assessment of key controls?
  • Is there interest in lowering the cost of compliance by enabling technology solutions?
  • Does timely follow-up of deficiencies and exceptions present a challenge?
  • Is there a desire to promote continuous improvement and enhance business performance?

Here are some of the points of value a self-assessment can bring to your organization:

  1. More efficient and effective business processes: People involved in the process can help define how to do their jobs better.
  2. More efficient use of audit resources : Internal audit can use self-assessment results to focus audits on areas with significant control weaknesses or high residual risks, thereby reducing time spent on conducting each audit.
  3. Better risk assessment and management: Enhanced communication between employees and managers can result in the identification of specific risks and ways to improve the controls necessary to mitigate those exposures.
  4. Improved ability to test informal or soft controls: Self-assessment is an effective way for internal audit to test soft controls by gaining knowledge from group members.
  5. Improved internal controls: The self-assessment process helps all employees have responsibility to ensure that the controls are applied.
  6. Improved employee morale: Employees are generally more highly motivated when they believe that their opinions and suggestions are valued.

Here are some examples of self-assessment projects:

  1. Built a sustainable process to help identify the risk of fraud and misconduct at the entity level of a 2500-employee organization supplying construction equipment. The Self-AssesstorTM enabled the organization to consistently and continuously identify fraud indicators.
  2. Developed an efficient, consistent and repeatable self-assessment method to collect and analyze information pertaining to financial statement assertions, accounting issues, business risks and legal issues in over three dozen worldwide locations for one of the world's largest drilling contractors.
  3. Developed trend reports that enabled a global pharmaceutical corporation to identify control gaps and recognize potential areas of improvement within the business. Statistics from these reports can be used to improve internal controls and to follow up on any outstanding action plans in the future.
  4. Built the framework for an ongoing self-assessment program, allowing the largest public organization of its kind to significantly cut independent testing for 404 compliance in 20XX.

There are many reason why a business might consider implementing a self-assessment including opportunities for improvement, regulatory requirements, quality management linked with strategic planning, customer demands, director and officer liability, cost reduction, or benchmarking against competitors. See the Self-Assessment Value Proposition Guide on KnowledgeLeader to download the presentation on this content.

For more information on self-assessments, see these related resources:

Guide to Implementing a Self-Assessment Program

Control Self-Assessment Policy

Self-Assessment Process Flow – High-Level Overview

Audit Committee Self-Assessment Checklist

Control Self-Assessment Questionnaire: Sarbanes-Oxley Section 302

Self-Assessment topic on KnowledgeLeader

 

 

Topics: internal audit, internal controls, entity-level control, self assessment

Add a Comment:

Subscribe to Our Blog

About KnowledgeLeader

KnowledgeLeader, provided by Protiviti, is the premier resource for internal audit and risk management professionals.

With over 1,400 customizable tools and 1,300 articles by industry experts, we offer the most comprehensive service on the market.

For more information:

 Start 30-day Free Trial

Posts by Topic

see all