How To Design Strong Controls
Vložit
- čas přidán 6. 09. 2024
- Welcome to the seventh instalment of the "How To" series, and today I'll be talking to about "How To Design Strong Controls."
A good control environment is critical for effective compliance risk management. Controls are how we minimise or mitigate the risk of a non-compliance event and it is therefore important to be thoughtful about designing and putting in place the right controls.
If you have any additional insights or helpful thoughts on designing strong compliance controls I look forward to you sharing them in the comments.
If you would like to learn more about controls, testing and monitoring please sign up for my fully virtual Compliance Practices Workshop. Visit our website for more information and upcoming dates.
learning.kccom....
For more compliance related learning opportunities including online courses, compliance training and other compliance workshops please visit the KC Compliance website.
www.learning.k...
Follow KC Compliance on social media for regular updates and more information on what we have coming up.
KC Compliance Instagram - / kccompliance
KC Compliance Facebook - / compliancekc
KC Compliance LinkedIn - / 3496
Kudzai Chaka LinkedIn - / kudzaichaka
It is getting better with every next video! Way to go! Have a day ahead!
Thank you. Same to you!
Well articulated...
Thank you!
Your videos are so helpful. THANK YOU
Happy to share!
Thank you for helping me get the role as a Compliance Assurance Manager. Your videos have been of great help!
Thank you @Kudzai
I love this...congratulations 🥳
I am new to Compliance as a student ( and learnt some things by default) but I am finding your videos extremely helpful THANK YOUUU
You're very welcome! Looking froward to giving you a lot more helpful video.
So informative❤Thank you so much
My pleasure. Thanks for watching!
Thanks for the vid.
Question. Is training a control? Or is the monitoring of training completion a control or both? Keen to hear you’re thoughts.
Moreover ‘reactive’ controls as a type is interesting. I usually think of preventative, detective and corrective controls. All of which could be implemented in reaction (and therefore reactive?) to an issue or risk.
Training is a control because employee awareness limits the likelihood of a risk materialising. People can't manage risks they don't know about. Monitoring is training completion is part of oversight, it's how you check to see if the control is being implemented and works effectively.
With respect to reactive think damage control or damage limitation. In the event of a risk event materialising we still have an obligation to limit the damage. Preventative and Detective are about trying to stop the risk from happening in the first place. Corrective for me is part of reactive.
Not directly related to the topic but Please also clarify who is responsible for managing compliance risk. Does the compliance officer design the controls for business or advice?
Compliance risk is owned by the business, they are responsible for implementing controls and effectively managing the risks. Compliance doesn't own the risk, we advise management about the risks and how to effectively manage them e.g. the best controls to have in place.