Sei sulla pagina 1di 66

ENRON

Role of the CEO, CFO and Board of Directors (1)

2

CEO

Ultimately a large measure of responsibility

rests with the CEO

He did not take reasonable steps to ensure officersreporting to him performed their duties properly.

He did not direct the Boards attention to

issues relating to irregular investment activities

and accounting treatments.

CFO

Was involved in both sides of related party

transactions

Arrangement intended to benefit the Company became means of personal enrichment and manipulation of financial statements

Role of the CEO, CFO and Board of Directors (2)

3

Board of Directors

Failed in its oversight duties with decisions fundamentally

flawed, abuses could and should have been

prevented/detected if Board had been more aggressive and vigilant

Allowed CFO to serve as partner in SPEs

Having created conflicts of interest and risk of failing to pay close attention to the resulting transactions

Under-estimated risk and over-estimated controls

Failure of Board of Directors (1)

4

Enron's board of directors did little to question the

company's dubious business dealings, let alone stop them. These aspects of the Enron debacle are interrelated because much of American politics nowadays is the politics of letting corporations do what they want.

Enron's board of directors was intimately involved in the

financial transactions that ultimately led to its bankruptcy.

The board even waived the Enron code of ethics to allow the chief financial officer to profit personally from transactions with the company that took debt off of the

company's books.

Failure of Board of Directors (2)

5

The Board was aware of the potential risks of setting up

the partnerships but no proper action was taken. Two of the 3 directors on the committee had no role, allowing the committee to accomplish its tasks more quickly.

Enron directors were highly paid.

Board’s independency was called into questions:

connected interests, insider trading

Deeper Lessons to learn:

6

Enron’s decline and fall exemplify the failures of some of the vital cogs in

the American political and economic systems.

The compensation of executives at Enron, as at many publicly-traded companies, insulated top executives from the reality of the stock market, but left most employees unprotected.

Outside accountants who were responsible for certifying Enron's financial statements were both complacent and incompetent.

Government regulators were never able to identify the problems with

Enron's finances until the stock market did.

The tax system allowed Enron to hide income in offshore shell companies.

Conclusion

7

Enron was accused of financial crimes, including bank fraud, making

false statements to banks and auditors, securities fraud, money

laundering, money laundering conspiracy and insider trading.

Situation appears to have derived from massive breach of trust’ – actions and behavior of Management reveal a pervasive breakdown in the norms of ethical behavior, corporate governance

and corporate responsibility.

Consequences could and should have been avoided individually and collectively if Management would carry out responsibility for ensuring transactions were fair to the Company and for implementing a system of internal controls and audit over the transactions.

CORPORATE GOVERNANCE PROFESSOR DATO’ DR. HASNAH HARON INSTITUTE POSTGRADUATE STUDIES UNIVERSITI MALAYSIA PAHANG
CORPORATE GOVERNANCE PROFESSOR DATO’ DR. HASNAH HARON INSTITUTE POSTGRADUATE STUDIES UNIVERSITI MALAYSIA PAHANG

CORPORATE GOVERNANCE

PROFESSOR DATO’ DR. HASNAH HARON INSTITUTE POSTGRADUATE STUDIES

UNIVERSITI MALAYSIA PAHANG

LESSON 7:

MEASUREMENT OF

GOVERNANCE

GOOD CORPORATE GOVERNANCE FOR COMPANIES

Quality board of

directors

Quality audit

committee

FACTORS WHICH ARE CRITICAL TO ENSURE GOOD CORPORATE GOVERNANCE
FACTORS WHICH ARE
CRITICAL TO ENSURE
GOOD CORPORATE
GOVERNANCE

Effective of internal

audit function

Independent external

audits

Video on corruption

perception index and 25 most corrupted countries

Quality internal

control system

QUALITY BOARD OF DIRECTORS

Board of directors can assume four different roles Board’s of Directors’ Roles Control or monitoring
Board of directors can assume
four different roles
Board’s of Directors’ Roles
Control or monitoring roles: Selection and reward of CEO’s, evaluation of
CEO’s and company performance, and maximization of shareholders’ wealth.
Services roles: providing advice to top management and promoting
reputation of the company externally
Control or monitoring roles: Selection and reward of CEO’s, evaluation of
CEO’s and company performance, and maximization of shareholders’ wealth.
Control or monitoring roles: Selection and reward of CEO’s, evaluation of
CEO’s and company performance, and maximization of shareholders’ wealth.

QUALITY BOARD OF DIRECTORS

The principal responsibilities of board of directors under the MCCG are as the following:

Reviewing and adopting a strategic plan for the company

Overseeing the conduct of the company’s business to evaluate whether the business is being properly managed

Identifying principal risks and ensuring the implementation of appropriate systems to

manage these risks

Succession planning, including appointing, training, fixing the compensation, and replacing senior management (where applicable)

Developing and implementing an investor relations programme or shareholder

communication policy for the company

Reviewing the adequacy and the integrity of the company’s internal control systems and management information systems, including systems for compliance with applicable laws, regulations, rules, directives, and guidelines.

QUALITY BOARD OF DIRECTORS

Theoretical Perspectives on boards of directors and their roles

Dimension Legalistic Resource Class Agency   Dependence Hegemony Theory Board’s 1.
Dimension Legalistic Resource Class Agency   Dependence Hegemony Theory

Dimension

Legalistic

Resource

Class

Agency

 

Dependence

Hegemony

Theory

Dimension Legalistic Resource Class Agency   Dependence Hegemony Theory

Board’s

1. Representing and

1. Boards are co -

Board

The primary

role

protecting

optative

perpetuate the

role of boards

shareholders’

mechanism to

power and

is to monitor

interest

extract

control of the

actions of

2. Managing the

resources vital

ruling

agents

corporation without

to company

capitalist elite

(executives) to

interference in day -

performance

over social and

ensure their

to - day operation

2. Boards serve a

economic

efficiency and

 

boundary

institutions

to protect

spanning role

principals

 

3. Boards

 

(owners)

 

enhance

interests

organizational

legitimacy

Operational

1. Selecting CEO

1. Scanning the

1. Selective

1.

Maximizing

definition

2. Monitoring CEO

environment

recruitment

shareholders

of board’s

performance

2. Representing

of directors

wealth

roles

3. Representing

the firm in the

2. Reducing

2.

Reducing

shareholders’

community

transaction

agenc y cost

interests

3.

Securing

cost for

3.

Selecting

4. Evaluating

valuable

member

CEO and

company

resources

firms

company

performance

performance

CEO

 

4.

Evaluating

 

CEO and

company

performance

 

5.

Strategic

 

decision

making and

control

Theoretical

Corporate law

Organizational

Marxist

Economics and

origins

theory and

sociology

finance

sociology

 

Source: Zahra and Pearce (1989); Hung (1998); Stiles (2001); Kamardin and Haron (2008).

QUALITY AUDIT COMMITTEE

ESTABLISHMENT OF AUDIT COMMITTEE

The audit committee for listed companies started in 1991, after Malaysian Institute of Certified Public Accountants (MICPA), MIA and the IIAM submitted a memorandum to the CCM and Bursa Malaysia to recommend that audit committees be made mandatory for all listed companies.

Section 15A of Bursa Malaysia Listing Requirements was introduced which

required all listed companies to have an audit committee by August 1, 1994 (Eow, Haron, &Jantan, 2005).

A PLC is required to have an audit committee that comprise of at least three members, and majority of whom must be independent directors.

QUALITY AUDIT COMMITTEE

QUALITY AUDIT COMMITTEE DEFINITION OF AUDIT COMMITTEE A committee of the full board formally appointed by
DEFINITION OF AUDIT COMMITTEE A committee of the full board formally appointed by it to
DEFINITION OF AUDIT COMMITTEE
A committee of the full board formally
appointed by it to consider and report
on matters relating to the financial
reporting and governance process, and
audit of the organization, and to such
other matters as are referred to it by the
board. (Kulasingham, 2002)

QUALITY AUDIT COMMITTEE

FUNCTION OF AUDIT COMMITTEE

Audit committee is established by the board of directors to assist them to carry out

their responsibilities in:

monitoring quality

professionalism and accounting integrity

Auditing

risk management

internal control

compliance issue

conduct of employees and financial reporting practices

the whole structure of corporate governance.

practices • the whole structure of corporate governance. Video about the importance of the measurement of

Video about the importance of the measurement of governance

QUALITY AUDIT COMMITTEE

The roles of audit committee outlined To assist the board of To serve as an
The roles of audit committee outlined
To assist the board of
To serve as an
To communicate with the
directors to fulfil its
independent and objective
board of directors and
responsibilities for the
company's financial
reporting, for management
of financial and control
party to review financial
information prepared by
management prior to its
release to shareholders
deal directly with the
external auditors, internal
auditors and financial
management on specific
risks and for monitoring of
and the general public.
issues where appropriate.
the internal control systems.

Source: Kala (2001)

QUALITY AUDIT COMMITTEE

CHARACTERISTIC OF EFFECTIVE AUDIT COMMITTEE

The effectiveness of audit committee as compliance

of audit committee to the ten listing requirements of

KLSE to measure effectiveness of audit committee. The ten listing requirements were actually based on five core requirements needed to be disclosed in the annual reports.

The ten listing requirements were actually based on five core requirements needed to be disclosed in

QUALITY INTERNAL CONTROL/ RISK MANAGEMENT SYSTEM

The internal control processes were expected to ensure, among other things, the existence of the following conditions:

Financial and operational information is reliable and possesses integrity

Operations are performed efficiently and achieve effective results

Assets are safeguarded

Actions and decisions of the organization are in compliance with the laws, regulations and

contracts

are in compliance with the laws, regulations and contracts Source: IPPF (2009) The internal auditors provide

Source: IPPF (2009)

The internal auditors provide assurance about the effectiveness of risk management and control processes but it is the senior management’s role to oversee the establishment, administration and assessment of the system of risk management and control processes.

EFFECTIVENESS OF INTERNAL AUDIT

TRADITIONAL

Internal auditing's main concern is mainly with the system of verification, internal control system and concept of division of duties.

MODERN

Internal auditing began to evolve in 1941 in New York, with the formation of IIA Inc., US.

EFFECTIVENESS OF INTERNAL AUDIT…

Definition of internal auditing from statement of

responsibilities of internal auditing

 
 

1947

Internal

auditing

deal

primarily

with

accounting

and

financial matters but it may also deal with matters of an

operating nature.

 

1957

Internal auditing is an independent appraisal activity withi n

an organization for the review of accounting financial and

other operations.

 

1971

Internal auditing is an independent appraisal activity within

an organization for the review of operations as a service

to management.

 

1990

Internal

auditing

is

an

inde pendent

appraisal

function

established

within

an

organization

to

examine

and

evaluate its activities as a service to the organization.

1999

Internal auditing is an independent objective assurance

and consulting activity designed to add value and improve

a n

organization's

operations. It

helps

an

organization

accomplish

its

objectives

by

bringing

a

systematic

disciplined

approach

to

evaluate

and

improve

the

effectiveness of risk management control and governance

process.

Source:

Adapted from Gupta and Ray (1992); IIA (2009)

EFFECTIVENESS OF INTERNAL AUDIT

Roles of Internal Auditing

Internal auditor is required to evaluate the adequacy, effectiveness and to contribute improvements to the governance process, risk management and control

processes in ensuring the realization of the company’s

objectives through a systematic and disciplined approach.

Governance Process

Governance process refers to the way in which an

organization conducts its business by ascertaining that

business processes satisfy generally accepted business norms, are reported ethically and meet social expectations, regulators and other stakeholders.

generally accepted business norms, are reported ethically and meet social expectations, regulators and other stakeholders.

EFFECTIVENESS OF INTERNAL AUDIT…

Internal audit function is required to: • Provide an objective assessment on governance structure and
Internal audit function is required to:
Provide
an
objective
assessment
on
governance
structure
and
effectiveness of specific governance activities
Deliver advisory and advocate improvements in enhancing governance
structure and practices i.e.:
* Board related matters
* Ethics-related programs and activities
* Culture
* Values and interaction plus coordination among the governance
constituencies such as top management
* External auditor
* Audit committee and board of directors

EFFECTIVENESS OF INTERNAL AUDIT…

RISK MANAGEMENT PROCESS

Risk management is an on-going process of identifying, assessing and responding to the opportunities and threats in achieving the company’s objectives.

Internal auditors should identify and assess that significant risks are aligned to the risk

appetite and appropriate risk responses are selected.

Significant and relevant risk information must be communicated in timely manner to the board or senior management for speedy intervention.

to the board or senior management for speedy intervention. The evaluation of risk management process is

The evaluation of risk management process is to ensure the following four

objectives are achieved:

reliability and integrity of financial and operational information

effectiveness and efficiency of operations

safeguarding assets

compliance with laws, regulations and contracts.

GOOD CORPORATE GOVERNANCE FOR COMPANIES

Audit committee will monitor the work of both the internal and the external auditors

The committee will assess the competency of the internal audit function and the

internal audit program prepared by the internal auditors.

The audit committee will raise the concerns of both the internal and external auditors to the board of directors so that they are properly addressed.

The board of directors who is responsible to set strategic directions, implement,

manage and control the business to ensure that interest of all stakeholders are safeguarded at all times.

To achieve good corporate governance, all the four factors, namely board of

directors, audit committee, internal and external auditors must perform their level

best and a good internal control or risk management system in the company will

greatly assist them in doing so.

Transparency International 27 (Source: http://www.transparency.org ) 27
Transparency International
Transparency International
Transparency International 27 (Source: http://www.transparency.org ) 27

27

27

Corruption Perception Index (CPI)

28

What is CPI?
What is CPI?

An aggregate indicator that measures the degree to which corruption is perceived to

exist among public sector officials in countries

world.

Looks at factors such as enforcement of anti-

corruption laws, access to information and

conflicts of interest.

around

the

Corruption Perception Index (CPI)

Draws on 17 different surveys and country

assessments from 13 independent institutions

carried out among experienced observers such as business people and country analysts, including local experts and local business and

multinational firms.

Ranks 177 countries in terms of perceived levels of public sector corruption, as determined by
Ranks 177 countries in terms of perceived levels
of public sector corruption, as determined by
expert assessments and opinion surveys.

29

29

Transparency International

CORRUPTION PERCEPTIONS INDEX 2013

30

177 Countries
177 Countries
177 Scores
177 Scores
Where are we?
Where are we?
CORRUPTION PERCEPTIONS INDEX 2013 30 177 Countries 177 Scores Where are we? 30 (Source: http://www.transparency.org )

30

CPI Where is Malaysia?

CPI – Malaysia’s Score
CPI – Malaysia’s Score

31

Year

Country

Countries

CPI Score

Ranking

Surveyed

 

0 ( highly corrupt) - 10 (very clean)

2007

43

180

5.1

2008

47

180

5.1

2009

56

180

4.5

2010

56

178

4.4

2011

60

182

4.3

 

0 (highly corrupt) 100 (very clean)

2012

54

176

49

2013

53

177

50

(Source: Transparency International Malaysia, transparency.org.my)

Higher

index/

score,

the better

177 50 (Source: Transparency International Malaysia, transparency.org.my ) Higher index/ score, the better 31

31

2013-SCORES OF ASEAN COUNTRIES
2013-SCORES OF ASEAN COUNTRIES

Ranking in

 

Country Ranking

CPI Scores

ASEAN

Country

2013

(177 countries)

1

Singapore

5

86

 

Brunei

   

2

Darussalam

38

60

3

Malaysia

53

50

4

Philippines

94

36

5

Thailand

102

35

6

Indonesia

114

32

7

Vietnam

116

31

8

Laos

140

26

9

Myanmar

157

21

10

Cambodia

160

20

32

(Source: Transparency International Malaysia, transparency.org.my)

Transparency International’s Bribe

33

Payers Index 2011

Companies from emerging giants China and Russia most likely to bribe abroad

It shows some governments failing to protect citizens from corruption, be it abuse of public
It shows some governments failing to
protect citizens from corruption, be it
abuse of public resources, bribery or
secretive decision making.

Transparency International

MAIN FINDINGS

• 2/3 of ranked countries score below 50
• 2/3 of ranked countries score below 50

The Corruption Perceptions Index 2013 demonstrates that all countries still face the threat of corruption at all levels of government, from the issuing of local permits to enforcement .

34

Huguette Labelle, Chair of Transparency International

34

35

TRANSPARENCY INTERNATIONAL

35 TRANSPARENCY INTERNATIONAL • Countries that are ranked highest in the Corruption Perceptions Index “ HIGH

Countries that are ranked highest in the Corruption

“ HIGH INCOME COUNTRIES typically have a long tradition of government openness, civic activism and
“ HIGH INCOME COUNTRIES typically have a long tradition of
government openness, civic activism and social trust, with strong
transparency and accountability mechanism in place allowing
citizens to monitor their politicians and hold them accountable
for their actions and decisions. “
~ Marie Chêne from Measurement and Research “What makes New Zealand,
Denmark, Finland, Sweden and others “cleaner” than most countries?~
(CIAQ) Begins in January 2010
(CIAQ)
Begins in January 2010
Initiatives under Corporate Integrity System Malaysia (CISM)
Initiatives under Corporate Integrity System Malaysia (CISM)

Corporate Integrity Assessment Questionnaire

in January 2010 Initiatives under Corporate Integrity System Malaysia (CISM) Corporate Integrity Assessment Questionnaire
in January 2010 Initiatives under Corporate Integrity System Malaysia (CISM) Corporate Integrity Assessment Questionnaire

41

CORPORATE INTEGRITY ASSESSMENT

“ 41 CORPORATE INTEGRITY ASSESSMENT QUESTIONNAIRE (CIAQ) 12 Dimensions 214 Descriptors 1 12. .Vision and Goals

QUESTIONNAIRE (CIAQ)

“ 41 CORPORATE INTEGRITY ASSESSMENT QUESTIONNAIRE (CIAQ) 12 Dimensions 214 Descriptors 1 12. .Vision and Goals

12

Dimensions

214

Descriptors

1

12. .Vision and

Goals (19)

Corporate

Social

Responsibility

(16)

2.

Leadership

(21)

11.

Whistleblowing

(18)

10.

Ethics

Communication

(18)

9.

Ethics Training

and Education

(18)

Corporate

Integrity

System

(CIS)

3.

Infractructure

(17)

4.

Legal

Compliance,

Policies and

Rules (17)

5.

Organisational

Culture (20)

8.

Confidential

Advice and

Support (16)

6.

7. Disciplinary

Measurement,

Research and

Assessment

(17)

and Reward

Measures (17)

41

42

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 42 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 1. Vision and Goals  Covers the organization’s
“ 42 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 1. Vision and Goals  Covers the organization’s

1. Vision and Goals

Covers the organization’s overall concept of and approach to ethics and integrity, including its formal articulation of the organization’s underlying philosophy about ethical and moral conduct, and how these expectations are embedded in the

fabric of the organization. This benchmark includes how

organizations identify and define their core ethical values or principles, as well as how organizations integrate those values into every day business conduct

- There are no explicit ethics and integrity vision, goals,

policies, statement or program in my organization. A legalistic code of conduct and/or compliance-related policy exists.

42

43

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 43 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 2.Leadership  This dimension covers the responsibilities
“ 43 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 2.Leadership  This dimension covers the responsibilities

2.Leadership

This dimension covers the responsibilities of the organization’s leadership in shaping, guiding, and supporting the organization’s ethics and integrity initiatives. It examines how leaders and managers are held accountable for promoting

ethics and integrity. This category includes an assessment of the

organization’s “Tone from the Top” at both the senior executive and governance levels.

Our leaders assume that their private moral codes are a

adequate to lead the organization.

Our leaders view ethics and integrity as mainly a HR or legal function

43

44

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 44 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 3. Infrastructure  Explores the way the organization
“ 44 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 3. Infrastructure  Explores the way the organization

3. Infrastructure

Explores the way the organization structures or organizes its ethics and integrity function so that it can carry out its goals effectively. This category covers how the ethics function is structured, staffed, and resourced, as well as its formal and

informal reporting relationships. This category also includes the

roles and responsibilities of those individuals who are assigned to implement the ethics and integrity function. The ethics function is subject to regular audit oversight. There is a senior-level manager and supporting ethics staff with organization-wide responsibility for ethics and integrity activities

44

45

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 45 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 4. Legal Compliance, Policies, and Rules  Includes
“ 45 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 4. Legal Compliance, Policies, and Rules  Includes

4. Legal Compliance, Policies, and Rules

Includes the core laws, policies, rules, and guidance that comprise the legal

framework for the organization’s ethics and integrity systems. This category assesses the internal framework that provides the floor for ethical behavior. It also includes compliance with the external legal framework, established by the multiple jurisdictions and legal frameworks within which the organization operates. This category includes the systems and controls used

to ensure and demonstrate that staffs and the organization are legally

compliant. What is essential is that the organization has translated its legal

commitments into concrete actionable guidance that is enforceable.

- My organization has not adopted any ethics, integrity, or compliance policies or rules.

-The policies and rules, and/or a code of ethics and business

conduct, are available in written and electronic format, and are freely available to all employees.

45

46

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 46 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 5. Organizational Culture  Addresses the overall
“ 46 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 5. Organizational Culture  Addresses the overall

5. Organizational Culture

Addresses the overall organizational culture and how it promotes ethical conduct in the context of the organization’s mission, vision, structure, and strategy. This category explores the degree to which an organization focuses on shaping its organizational culture (both the written and unwritten rules that dictate how work is performed

and goals reached) and whether that culture actively promotes

ethical conduct. This category addresses how culture is defined (the history and traditions of the organization), who “owns” and shapes culture, how culture is measured, and the degree to which staffs find the culture supportive of ethics and integrity.

-It is not considered safe to speak out about wrongdoings at my

organization.

-Our employees perceive a significant gap between my organization’s ethical communications and its actions.

46

47

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 47 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 6. Disciplinary and Reward Measures  Describes how
“ 47 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 6. Disciplinary and Reward Measures  Describes how

6. Disciplinary and Reward Measures

Describes how the organization sets and enforces its standards for ethical conduct and behaving with integrity. This category addresses rewards and punishments, incentives that promote ethical behavior, and disciplinary

action taken to limit or punish unethical work conduct. This

category includes how the organization promotes ethical conduct through its performance appraisal process, and whether ethical conduct is linked to compensation and/or other types of non-monetary benefits.

-My organization has no policy addressing breaches of ethics or lapses in integrity. -My organization has no explicit system to reward ethical action.

47

48

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 48 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 7. M EASUREMENT , RESEARCH , AND ASSESSMENT
“ 48 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 7. M EASUREMENT , RESEARCH , AND ASSESSMENT

7. MEASUREMENT, RESEARCH, AND ASSESSMENT

This category evaluates how ethics and integrity are measured, whether the organization undertakes research to support ethics strategies that create a culture of ethics and integrity, and the organization’s assessment processes around ethics, integrity and organizational culture. This category includes the organization’s commitment to continuous improvement, based on benchmarking and other evaluation methodologies There are no systems or practices to gather information about employee or stakeholder perceptions of the organization’s reputation. The organization disseminates its evaluation results on an annual

basis

48

49

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 49 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 8. Confidential Advice and Support  This category
“ 49 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 8. Confidential Advice and Support  This category

8. Confidential Advice and Support

This category describes how the organization provides confidential, neutral, professional, and independent ethics advice to staffs, supervisors, managers, executives, members of governing bodies, and other stakeholders.

-There is no special resource available for those who seek

confidential ethics advice.

-Our employees are encouraged to speak directly to their managers or supervisors if they have questions about ethics,

integrity, or compliance.

- A confidential office exists to provide ethics advice and counseling.

49

50

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 50 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 9. Training and Education  This category explores
“ 50 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 9. Training and Education  This category explores

9. Training and Education

This category explores ethics and integrity awareness, skill- building training and education, and the integration of such training into the overall development of all staffs. It includes the provision of ethics-related training and skill building throughout the life cycle of staff members, and the degree to which these

initiatives are integrated into other organization-wide training

commitments. -Persons designing and delivering training do not have specific expertise in ethics. -My organization exposes employees at all levels with

challenging ethical dilemmas drawn from real life that prepare

them to recognize, appreciate, and resolve ethical issues that they will encounter in everyday business.

50

51

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 51 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 10. Ethics Communication  Describes how the ethics
“ 51 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 10. Ethics Communication  Describes how the ethics

10. Ethics Communication

Describes how the ethics and integrity initiative is articulated and promoted, both internally and externally. This category covers how the organization defines its stakeholders and how it gears its key messages to distinct audiences.

-There are no formal communications or discussions about

ethics and integrity. -Examples of best practices are valued and shared. Through a

variety of waysa website, newsletter, e-mails, events, and so

forthemployees learn about the organization’s ethical values.

51

52

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 52 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 11. Whistleblowing  Explores how the organization
“ 52 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 11. Whistleblowing  Explores how the organization

11. Whistleblowing

Explores how the organization encourages individuals (both internal and external to the entity) to speak up and make reports of questionable conduct. This category explores the methods and protections offered to individuals who wish to make the organization aware of possible unethical behavior, misconduct,

or illegal actions. It includes the making of both confidential and

anonymous reports, and the systems used by the organization to protect whistleblowers from retaliation or retribution. -Employees are not encouraged to speak up or bring concerns or complaints to the attention of management or supervision. -Our organization offers a channel where employees can bring up concerns or complaints about unethical behavior or misconduct.

52

53

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 53 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 12. Corporate Social Responsibility  This category
“ 53 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT 12. Corporate Social Responsibility  This category

12. Corporate Social Responsibility

This category covers the organization’s efforts to establish links with and invest in the communities and stakeholders with which it interacts. This category also covers government relations, environmental consciousness, sustainability, and community impact. There is no or very limited involvement, engagement, or support for the communities with which the organization is

associated.

My organization makes an effort to involve itself social and environmental concerns.

with

53

54

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 54 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT  For each descriptor, participants were asked to
“ 54 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT  For each descriptor, participants were asked to

For each descriptor, participants were asked to rate

using a 5-point scale

0 = Not sure

1 = Strongly disagree

2 = Disagree

3 = Agree

4 = Strong agree

Approach to data analysis

Descriptive analysis to understand current state and easy identification of strengths and weaknesses

54

) INSTRUMENT

     

Agree

Disagree

Strongly

Disagree

Not

 

Dimension 1: Vision and Goals

 

Strongly

 

Agree

(3)

(2)

sure

(4)

(1)

(0)

1.

There are no explicit ethics and

 

integrity vision, goals, policies,

 

statement or program in my organization.

2.

Ethics and integrity are neither recognized nor discussed in any business-related fashion.

 

3.

“Ethics” is narrowly defined,

 

referring

primarily

to

legal

 

compliance and/or

the

organization’s formal internal

rules structure.

 

4.

A legalistic code of conduct and/or compliance-related policy exists.

 

55

56

0% Level

No ethics

and

integrity

work has

begun

25% Level

 

50% Level

75% Level

Compliance

Beginning of a

Seeing ethics

mindset,

programmatic

and integrity

symbolic actions only

thrust, moving in a healthy

systematically; a robust approach

direction

100% Level

Current best

practices in

ethics and integrity around the

world

57

CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT

“ 57 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT For each of the dimension or category, there
“ 57 CORPORATE INTEGRITY SYSTEM MALAYSIA (CISM) INSTRUMENT For each of the dimension or category, there

For each of the dimension or category, there will be assessment

of the 5 benchmark levels (0%, 25%, 50%, 75% and 100%).

Benchmarks

Vision and

Leadership

Goals

0%

2

descriptors

3

descriptors

25%

4

descriptors

4

descriptors

50%

4

descriptors

4

descriptors

75%

4

descriptors

5

descriptors

100%

5

descriptors

5

descriptors

Total

19

21

12 Dimensions 214 Descriptors 57
12
Dimensions
214
Descriptors
57

EMPIRICAL STUDY TO DETERMINE

THE MATURITY LEVEL OF INTERNAL

AUDIT UNIT IN MALAYSIAN PUBLIC

SECTOR ORGANIZATIONS

HASNAH BINTI HARON Faculty of Industrial Management University Malaysia Pahang

4.0 WHAT IS THE PURPOSE OF INTERNAL AUDIT

CAPABILITY MODEL

( IACM)?

59

A

common

understanding

of

internal

auditing in the public sector

A

basis

for

implementing

and

Malaysia’s sustainability journey

institutionalizing effective internal auditing

A

Framework

auditing

for

assessing

internal

59

5.0 IA-CM LEVELS

Malaysia’s sustainability journey
Malaysia’s sustainability journey

60

Source: Research Foundation, The IIA, 2009

KPAs

KPAs 5.0 IACM MATRIX IA-CM MATRIX Malaysia’s sustainability journey 61

5.0 IACM MATRIX

IA-CM MATRIX

Malaysia’s sustainability journey

5.0

Dimensions of Internal Audit Capability Model

(IA-CM)

1. Services and Role of Internal Auditing- Provides independent and objective assessments to assist the organization in accomplishing its objectives and improve

62

operations

2. People Management- The process of creating a work environment that enables people to perform to the best of their abilities.

3. Professional Practices- Reflects the full backdrop of policies, processes, and

Malaysia’s sustainability journey

practices that enables the IA activity to be performed effectively and with

proficiency and due professional care.

4. Performance Management and Accountability- Refers to the information needed to manage, conduct, and control the operations of the IA activity and account for its performance and results.

5. Organizational Relationships and Culture- Refers to the organizational structure and the internal management and relationships within the IA activity itself, CAE’s relationship with senior management, IA relationship with other units in the organization.

6. Governance Structures- Refers to the reporting relationship (administrative and

functional) of the CAE, and how the IA activity fits within the organizational and

62

governance structure of the entity.

7.0 IACM PROPOSED MEASUREMENTS

7.0 IACM PROPOSED MEASUREMENTS 63 1.Services and Role of IA (6 Questions) 2.People Management (11 Questions)

63

1.Services and Role of IA (6 Questions) 2.People Management (11 Questions) 3.Professional Practices (8 Questions)
1.Services and
Role of IA
(6 Questions)
2.People
Management
(11 Questions)
3.Professional
Practices
(8 Questions)
63

IA activity with internal organisation that it supports and external environement

6.Governance

Structure (8 Questions)

Management and

Practices of IA

activity

Malaysia’s sustainability journey

5.Organisatio-

nal Relationship and Culture

(6 Questions)

6 Dimensions

4.Performance

Management and

Accountability

(8 Questions)

47

Questions

ELEMENT 6:

GOVERNANCE

STRUCTURES

5

ELEMENT 5:

ORGANIZATIONAL RELATIONSHIPS AND CULTURE

3

ELEMENT 1: SERVICES AND ROLE OF IA

5

4

3

2

1

0

3

3

ELEMENT 4:

PERFORMANCE MANAGEMENT AND ACCOUNTABILITY

IACM LEVEL OF CAPABILITY AND

ELEMENT 2: PEOPLE MANAGEMENT

3

ELEMENT 3:

4 PROFESSIONAL

PRACTICES

Level 3 Capability and Maturity

Internal Audit Capability Maturity Model

(IACM)- Percentage Score

6 Elements
6 Elements

Evaluation Summary in Score

ELEMENT 1: SERVICES AND ROLE OF IA

50%

ELEMENT 2: PEOPLE MANAGEMENT

53%

ELEMENT 3: PROFESSIONAL PRACTICES

80%

ELEMENT 4: PERFORMANCE MANAGEMENT AND ACCOUNTABILITY

83%

ELEMENT 5: ORGANIZATIONAL RELATIONSHIPS AND CULTURE

50%

ELEMENT 6: GOVERNANCE STRUCTURES

100%

416/6 = 69.33%
416/6 = 69.33%
Total Score = 416
Total Score =
416
RELATIONSHIPS AND CULTURE 50% ELEMENT 6: GOVERNANCE STRUCTURES 100% 416/6 = 69.33% Total Score = 416

ELEMENT 1: SERVICES AND ROLE OF IA

90% 80% 70% 60% 50% 50% 40% 53% 30% 100% 20% 10% 0% 50% 80%
90%
80%
70%
60%
50%
50%
40%
53%
30%
100%
20%
10%
0%
50%
80%
83%

100%

ELEMENT 6:

GOVERNANCE

STRUCTURES

ELEMENT 5:

ORGANIZATIONAL RELATIONSHIPS AND CULTURE

ELEMENT 4:

PERFORMANCE MANAGEMENT AND ACCOUNTABILITY

IACM LEVEL OF

CAPABILITY AND

MATURITY-

PERCENTAGE SCORE

ELEMENT 2: PEOPLE MANAGEMENT

ELEMENT 3:

PROFESSIONAL PRACTICES

Perecentage Score Capability and

Maturity - 69%