Internal Auditing Program, Risk Based Business Process Audit Seminar & Consulting - Osterio.com

Privacy Statement

Preferred Customers

Referral Program

Sample Ethics Statement

Sample RBIA Test

BUSINESS MANAGEMENT

Practical Gov/Risk Management

Internal Controls

Four STAR Certification

INTERNAL AUDIT

Risk Based Integrated Auditing

Audit Fundamentals

Audit Executive Development

Governance Auditing

Integrating IT Audit

Continuous Monitoring

Self-Directed Work Teams

IN-HOUSE TRAINING

PROF. ORGANIZATIONS

CANCELLATION POLICY

TRAVEL INFORMATION

BUSINESS MANAGEMENT

BOOKS

Practical Gov/Risk Management

Exec Overview Gov/Mgt/Perf

Quick Reference Cards

SOFTWARE

Business Case Manager

Risk Control Manager

CDs

Forms/Documentation

INTERNAL AUDIT

BOOKS

Is RBIA Right for Us?

Implementing RBIA

Welcome to SDWT

Integrating IT Audit

Quick Reference Cards

SOFTWARE

Audit Team Mgt System

CDs

Forms/Documentation

Audit Fundamentals

BUSINESS MANAGEMENT

INTERNAL AUDIT


		The Way We Think About Controls The primary focus of control should be to help people be *successful in accomplishing their business objectives. Compliance with external control requirements should be a natural byproduct of the way we do business. Business is the art of taking risk. No amount of control can eliminate* all risks! Because of the constantly changing business environment, things will go wrong. Controls simply manage risk to within the risk tolerance (limits) that Governance is prepared to accept. Statements about “control adequacy” in isolation of the business risk, in isolation of how much risk we are prepared to take (limits), in isolation of our business objectives are theoretically invalid and lead to distorted thinking and excessive cost. Auditors do NOT determine how much risk a company can take. This is a function of Governance (executives and board). Most companies are over controlled. There are tremendous cost saving opportunities by applying just the right amount of control to manage the risk that Governance is prepared to take on in order to deliver on business objectives. Traditional control thinking (“something went wrong – we need more control”) will never identify costly over control. Controls protect people! People are your greatest asset. Controls must be addressed at the GOVERNANCE, MANAGEMENT and PERFORMANCE levels. GOVERNANCE approves how much risk (limits) the operation, process or project should take on in order to accomplish business objectives. MANAGEMENT allocates the minimum resources to accomplish those objectives within the risk limits. MANAGEMENT tracks and monitors the ongoing level of risk. Minimal cost controls are implemented at the PERFORMANCE level to keep the risk within the GOVERNANCE approved levels. ASSURANCE provides comfort that the cycle is working effectively and efficiently.			The Best of the Best for 2006 RBIA Gold Medal Ms. Martha Mimica, Florida Power & Light RBIA Silver Medal Mr. Bill Egan, Scotts Company RBIA Bronze Medal Mr. Dan Ashley, Qwest Communications *Congratulations!* prior year winners SOX 404 RISK CONTROL MANAGER 2.1 SOFTWARE a cost effective way to document controls AUDIT TEAM MANAGEMENT SYSTEM (ATMS) SOFTWARE best value available for small audit groups

SITE MAP		RBIA™ and PGRM™ Osterio, Inc. All rights reserved worldwide.			Updated: February 20, 2007