R&R - comp-man Flashcards
(9 cards)
Board
B*
Ultimately
Depend
Ultimately responsibility for ensuring compliance
Depend on variety of assurance mechanisms for this oversight, including internal audit reports and reviews, compliance monitoring reports, etc.
Audit committee
A*
Possibly
Ensure
Possibly have additional compliance responsibilities as delegated by the board, such as in initially receiving audit reports and compliance reviews
Ensure compliance with fin. reporting laws and regs
CoSec
C*
Assume
Governance
Assume role of compliance function / manager in a smaller org (possibly)
Governance compliance responsibilities
Compliance function
C*
Primarily
Providing
Reviews
Identification
Controls
Keeping
Primarily responsible for day-to-day comp-man activities of an org:
- Providing compliance advice to other functions
- Reviews of processes, procedures, etc.
- Identification, assessment and monitoring of comp risks
- Controls - designing and implementing
- Keeping up to date with new or changes to laws and regs
Risk-man function
R*
Assist
May
Assist other functions by providing advice on managing comp-risks
May have responsibility for overseeing management of comp-risks relating to risk-man
Internal audit function
I*
Support
Assess
Support compliance function in completion of compliance reviews
Assess comp-man-related controls and monitoring tools
Other functions (H&S, information security)
O*
Have
May
Have central role in control of relevant compliance risks
May provide technical advice to compliance function, CoSec, etc. on management of specific risks
Line managers
L*
Ensure
Ensure
Ensure their direct reports comply with applicable laws and regs, including ensuring they have necessary skills and training to be compliant
Ensure decisions within their line do not expose org to compliance risks
Staff members
S*
Ensure
Act
Ensure they conduct duties in a way that is compliant, or not-knowingly non-compliant
Act in accordance with instructions of compliance function and other specialists
