Much before effective risk management and internal controls became universal buzzwords, Internal Control: Guidance for Directors on the Combined Code, popularly called Turnbull Guidance, published in 1999 by the UK Financial Reporting Council (FRC), defined the best practices in internal controls for UK listed companies. Turnbull Guidance stressed upon the need to leverage internal controls to manage and exploit the opportunities risks represent. The spotlight was being shifted from just eliminating risk. The code also made it clear that the boards are responsible for determining the nature and extent of significant risks they are willing to take to realize strategic objectives.
MetricStream's Turnbull Guidance Software Solution
In 2004, the Turnbull Review Group pointed out that post 1999, most companies had made considerable strides in meeting the objectives of the internal control code, by establishing strong risk management and internal control. Fast forward to 2013, and the updated version of the UK governance code, now known as ‘Guidance on Internal Control’ is set to be released. The revised code will elucidate the role of boards, and include identified lessons highlighted in Sharman Inquiry’s final report for companies and auditors, related to liquidity risks. Five recommendations have been provided to improve the management of these risks in today’s market landscape.
Companies though quick to adapt to Turnbull Guidance, still opt for traditional, spreadsheet-based internal audit to test the effectiveness of their internal controls. In this scenario, there is considerable potential for silos, redundant efforts, and high level of adjustment costs. Companies must make a systematic effort to regularly evaluate the effectiveness of risk management and internal controls within their business processes.
MetricStream’s Turnbull Guidance solution helps strengthen a company’s internal controls, and provides dependable automation and strong protection against risk. By incorporating reliable testing of internal controls into all business processes, the solution enables companies to undertake detailed analysis of their Turnbull Guidance compliance at various levels. It allows the internal audit team to configure and schedule tests related to completeness, accuracy, validity, and segregation of duties, as well facilitates the definition of process-level manual and application controls within a single test.
The solution also helps record, track, and monitor audit findings across different groups and geographies. Further, with a centralized repository providing access to data anytime, the audit team can work simultaneously across the globe. This increases the efficiency of the audit process and shortens cycle times, as tasks can be automatically assigned and tracked from one stage to the next.
Advanced capabilities helps automate the testing of internal controls, enables companies to identify and mitigate glitches, and streamline change control, and helps ensure that processes and their documentation are well aligned. Extensive dashboards and reports further help maintain visibility and tight control over compliance processes. Easy access is also provided to a comprehensive library of over 1500 tests for the automation of applications testing. This helps simplify the processes of verification and control of business data. Companies can further ensure cost savings, increase profitability, and improve operational efficiencies, and above all gain a transparent view of their internal controls.
Key benefits of the solution include:
- Detailed scoring of each test, automatic reports and integrated data, which give comprehensive and accurate results
- Reduced risk exposure through accurate identification of KRIs, and automated tests based on previously created checklists, ensuring effective compliance with Turnbull Guidance
- Extensive repository of quickly accessible reports, enabling auditors to track events at the click of a button
- Optimized and automated evaluation and testing of internal controls
- Customized compliance processes and programs to suit specific requirements and evolving Turnbull Guidance regulations
- Real-time visibility into the true status of compliance activities, risks, and controls across the enterprise
- Enterprise-wide visibility into the audit process and metrics for better risk management, assured compliance and improved financial reporting
"As we position our company for the future, we recognize the need for an integrated view of risks and controls. We conducted in-depth assessments of various vendors and products, and are delighted to name MetricStream as our partner. We think they offer a product that represents a best in class offering and is consistent with our objective to be one of America's great community banks."