1 / 30

Mark B. Mitchell, MBA, CIA, CGFM Director of Internal Audit NYSERDA November 12, 2008

AGA Audio Conference. Understanding the Importance of Soft Controls in Improving Operations. Mark B. Mitchell, MBA, CIA, CGFM Director of Internal Audit NYSERDA November 12, 2008. Contents . Understanding The Importance of Soft Controls What Are Soft Controls? Why Do Soft Controls Matter?

rhys
Download Presentation

Mark B. Mitchell, MBA, CIA, CGFM Director of Internal Audit NYSERDA November 12, 2008

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. AGA Audio Conference Understanding the Importance of Soft Controls in Improving Operations Mark B. Mitchell, MBA, CIA, CGFMDirector of Internal AuditNYSERDA November 12, 2008

  2. Contents Understanding The Importance of Soft Controls • What Are Soft Controls? • Why Do Soft Controls Matter? • Evaluating Soft Controls: Key Elements of Improving Operations • What Makes Soft Controls So Difficult? • Soft Controls: A New View • GAO’s Model of Strategic Human Capital Management

  3. What are Soft Controls?

  4. What Are Soft Controls? COSO Model: The Organizational Culture • Organizational Structure • Assignment of Authority and Responsibility • HR Policies and Practices • Integrity & Ethical Values • Commitment to Competence • Board or A/C Oversight • Management’s Philosophy & Operating Style

  5. Understanding Soft Controls Where Are Soft Controls Written About? • Internal Control – Integrated Framework, by COSO • Enterprise Risk Management – Integrated Framework, by COSO • Internal Control over Financial Reporting – Guidance for Smaller Public Companies, by COSO • Foundation Guidelines “Red Book,” by OCEG

  6. Why Do Soft Controls Matter?

  7. “Selling” Soft Controls Why Do Soft Controls Matter?1 • They can help manager understand why people behave as they do; • They can increase managers’ effectiveness in predicting future behavior; and • They enable managers to understand how they can direct, change and control behavior. 1 Paul Hersey and Kenneth H. Blanchard, Management of Organizational Behavior: Utilizing Human Resources, Third Edition (Englewood Cliffs: Prentice-Hall, Inc., 1977) p. xiv

  8. “Selling” Soft Controls How can I “Sell” Soft Controls to Management? Management: Working with and through individuals and groups to accomplish organizational goals.2 Potential Influence of Motivation on Performance Employee Potential 80 to 90 percent Percentage of Ability Area Affected by Motivation 20 to 30 percent 2 Ibid. p. 5

  9. Evaluating Soft Controls: Key Elements of Antifraud Controls

  10. Evaluating Soft Controls Evaluation Techniques: • Whistleblower Hotlines • Staff Focus Groups • Employee Surveys • “Customer” Surveys • Internal Control Evaluations • Audits (Internal, External) • Studies

  11. Evaluating Soft Controls COSO Model: The Organizational Culture • Organizational Structure • Assignment of Authority and Responsibility • HR Policies and Practices • Integrity & Ethical Values • Commitment to Competence • Board or A/C Oversight • Management’s Philosophy & Operating Style

  12. Evaluating Integrity & Ethical Values • Has a Code of Conduct/Ethics been adopted that promotes: • Honest/ethical conduct, including internal and external dealings, and the handling of conflicts of interest? • Accurate accounting records and reporting? • Compliance with applicable laws, rules, and regulations? • Prompt reporting of violations of the code?

  13. Evaluating Integrity & Ethical Values • Is the Code of Conduct Operating Effectively? • Communicated effectively (know to staffs)? • Annual certification by everyone covered? • New hire and periodic reinforcement training? • Management involvement and oversight?

  14. Evaluating Commitment to Competence • Are employees properly trained to carry out their work? Evaluation Techniques: • Employee Surveys • Internal Control Evaluations • Audits • Staff Focus Groups

  15. Evaluating Commitment to Competence • Is employee morale good? • Employee Surveys • Staff Focus Groups • Studies (e.g., sick leave patterns, turnover) • Audits • Investigations

  16. Evaluating Management Oversight3 • Are there established procedures for an Ethics Hotline/Whistleblower Program? Evaluation Techniques: • Is there a procedure for receiving and retaining information? • Do procedures provide whistleblower protection and provide for anonymous tips? • Are any calls coming in? 3 Adapted from COSO, the Sarbanes-Oxley Act of 2002 and PricewaterhouseCoopers white papers.

  17. Evaluating Management Oversight • Is Top Management providing oversight? Evaluation Techniques: • Are they periodically evaluating internal controls and antifraud programs? • Assessing whether control activities over fraud risks are adequate and effective? • Are fraud audits and are investigations conducted fairly and objectively?

  18. Evaluating Management’s Philosophy and Operating Style • Does management evaluate and test the design and operating effectiveness of antifraud controls on an annual basis? • The potential for fraud should be considered as part of the agency-wide risk assessment. • Antifraud programs and controls should be in place that are appropriate to the likelihood and impact of potential fraud

  19. Evaluating Management Philosophy and Operating Style • What is the way in which management responds to any significant deficiencies and material weaknesses that are identified by the agency, internal audit or OIGs? • Are matters thoroughly investigated? Disclosed? • Are internal controls assessed and improved? • Is there communication and training to reinforce values, policies, etc. • Are violators treated in a consistent and appropriate manner?

  20. Evaluating Assignment of Authority and Responsibility • Are unit and individual performance linked to organizational goals? Evaluation Techniques: • At the most senior level are executive performance agreements used? • Are executives held accountable for results? • Are expectations set so that staff understand how their daily activities contribute to results-oriented programmatic goals?

  21. Evaluating HR Policies and Practices • Are targeted investments in professional development being made? • Is a results-orientated culture encouraged? • For sensitive positions, are background checks being performed?

  22. What Makes Soft Controls So Difficult?

  23. Understanding Soft Controls What Makes Soft Controls So Difficult?4 • With hard controls both theory and practice are provided (technical skills) • Early contributions to behavioral sciences seemed to provide knowledge without effecting changes in behavior. (Elton Mayo) • The challenge is to identify social skills that are usable in ordinary human situations. 4Paul Hersey and Kenneth H. Blanchard, Management of Organizational Behavior: Utilizing Human Resources, Third Edition (Englewood Cliffs: Prentice-Hall, Inc., 1977) p. 1

  24. Understanding Soft Controls What Makes Soft Controls So Difficult?5 The Nature of Change: Time and Difficulty involved in Making Various Changes Group Behavior High Individual Behavior Difficulty Involved Attitudes Knowledge Low Long Time Involved Short 5 Ibid. p. 3

  25. Understanding Soft Controls A Behavioral Approach to Management6 “Our greatest failure as human beings has been the inability to secure cooperation and understand with others.” 6Ibid. p.1

  26. Soft Controls: A New View

  27. Understanding Soft Controls How can I better understand employee motivation? Are the things that make people satisfied and motivated on the job either the same as or different from the kind of things that make them dissatisfied? Answer: They’redifferent

  28. Understanding Soft Controls How can I better understand employee motivation? “The . . . factors involved in producing job satisfaction (and motivation) are separate and distinct from the factors that lead to job dissatisfaction.” 7 7Frederick Herzberg, “One More Time: How Do You Motivate Employees?”, Harvard Business Review 81, no. 1 (January 2003), p. 91

  29. Understanding Soft Controls How can I better understand employee motivation? 8 Job Satisfaction (Motivation) • Achievement • Recognition • Work itself • Responsibility • Advancement • Growth • Job Dissatisfaction • (Environment) • Company Policy and Admin. • Supervision • Interpersonal Relationships • Working Conditions • Salary • Status, and Security 8 Ibid. pp. 87 – 96.

  30. Contact Information: Mark B. Mitchell Director of Internal Audit NYSERDA (518) 862-1090 mbm@nyserda.org

More Related