Internal Control Process
Internal control consists of checking that controls carried out during enterprise processes have been correctly executed and are efficient.
HOPEX IRM covers the different phases of internal control:
• Control Library Definition
• Control Execution
• Control Assessment
• Control Testing
• Issue and Action Plan Management
Defining the internal control library is a prerequisite for control execution and assessment activities.
Execution and assessment of controls can be carried out independently.
Reporting functions are available at all times, either globally or for each internal control step.Control register definition
HOPEX IRM allows internal control managers to:
• identify controls
• contextualize controls in the company repository, that is to connect them to the appropriate processes and entities
See Managing Controls.
Control Execution
Controls are regularly executed by managers to check that first level controls are correctly executed. HOPEX IRM allows:
• creation of questionnaires called check-lists
• definition at regular intervals of control execution campaigns
• follow-up and consolidation of control execution results from reports
The HOPEX IRM solution does not concern first level controls executed by operational management during execution of enterprise processes.See Executing controls.
Control Assessment
Assessment of relevance of controls in terms of design and efficiency can be carried out by means of:
• assessment campaigns via questionnaires
• direct assessment
See Assessing controls.
• control tests organized by the internal control department
See Control Testing.
Issue and Action Plan Management
Issues can be identified from control assessment questionnaires or specified directly in the solution.
Resolution of issues is formalized by implementation of action plans. Reports assure efficient follow-up of internal control activities.