Independent business assurance checks go far further than checking the robustness and compliance of processes, they check and report on organisational entity level controls covering policies, communications and awareness, information technology management and use, corporate structure and interfaces, and ethical values and behaviours.
Corporate governance which holistically covers policies, processes, custom and practice, can often only truly be evaluated or judged through a fully independent in-depth review of the business. These reviews can contribute significantly to satisfying or demonstrating business operations aligned with the expectations set out through such initiatives as the Sarbanes-Oxley Act (US), King III report (South Africa) and emerging EU initiatives and directives.
The approach we take involves a thorough review of the corporate direction and strategies, business goals and plans, operational processes and practices to develop a tailored business assurance review. From this a comprehensive assessment of the practices is undertaken which is complemented by confidential staff interviews from all levels and areas of the business.
The resulting report provides numerous benefits including:
Identification of process weaknesses and deficiencies which provide the triggers for improving the effectiveness and efficiency of the day to day practices.
Highlighting staff concerns, frustrations, perceptions and understanding of the business goals, aims, policies, processes, practices, interfaces and communications to provide management with deeper feedback on the operation of the business.
Feedback on the effectiveness and understanding of new and amended corporate polices, initiatives and communications.
Comparative indications of the changes in the underlying organisational characteristics around processes, employees, behaviours and use of technology.
Demonstration to customers, stakeholders and other interested third parties of the overall integrity of the business operations.
Some of the typical activities include:
Discussions with senior management from all key business units to understand policies, communications, processes, tools, management review and reporting, human resource development and authorities.
Completion of a process assessment covering all, or targeted, business functions.
Development of a sampling plan to ensure that a representative and non-attributable selection of staff are involved in the review.
Confidential interviews with a random selection of staff taken from the sampling plan.
Analysis of findings.
Presentation or report detailing the level of assurance established from the confidential interviews, along with non-attributable comments, feedback and observations.
It is recognised that all organisations are different and therefore there is usually no standard benchmark to compare the results against and consequently, a follow-up set of confidential interviews are held at some later date to provide comparisons.