How JCPenney is Managing Corporate Risk. John Polarinakis, Audit Director Dave Miller, Senior Audit...
-
Upload
adam-white -
Category
Documents
-
view
222 -
download
1
Transcript of How JCPenney is Managing Corporate Risk. John Polarinakis, Audit Director Dave Miller, Senior Audit...
How JCPenney is Managing Corporate Risk
John Polarinakis, Audit Director
Dave Miller, Senior Audit Manager
What is JCPenney doing?
Ethics Program Internal Audit Function Anti-Fraud Programs Enterprise-Wide Hotline
On-line Ethics Statement
A letter from our Chairman The purpose of the Statement of
Business Ethics Our responsibility as an employee A great work environment Our duty to the Company
An Effective Ethics Program Communication with Employees Communications with Suppliers Employee Training The Use of Criminal Background Checks The Role of the Legal and Ethics
Compliance Committee Measuring our Performance – how
effective are the programs
How does Internal Audit support the Company’s corporate governance initiatives?
Perform an Annual Risk Assessment
Risk rank each audit area Discuss with management Allocate resources Allow for flexibility
Fashion Triangle for Internal Auditing
Anti-Fraud Programs
Fraud Risk Assessment Fraud Awareness Program Continuous Auditing and Monitoring Enterprise-Wide Hotline
Objectives of Fraud Risk Assessment
Evaluated the adequacy of select controls to mitigate fraud risks
Reviewed the oversight processes to prevent and detect fraudulent activity
Identified additional anti-fraud control enhancements
Benefits of Fraud Risk Assessment
Interaction with management Increasing management’s fraud
awareness
Business Process Owner
Fraud Schemes/Scenarios
Controls Monitoring
Stores Theft of merchandise Store access is secured and alarmed when not receiving merchandise or during “off” hours.Hotline established for use by employees to report theft issues.Written procedures related to physical security, shoplifting, and internal employee theft.
The following areas monitor these activities:Store, District and Regional ManagementStore, District, Regional and Home Office Loss PreventionInternal Auditing
Fraud Risk Matrix
Increasing Fraud Awareness
Established multi-department task force to oversee
Conducting awareness and ethics presentations
Red Flags of Fraud poster Senior Management presentations
to Audit Committee
Continuous Auditing
Continuous Monitoring
Monitoring Retail Store Operations
Short cash expense Bad check expense Purchase card expense POS information
Anti-Fraud Continuous Auditing
Matching vendor and employee name, address and telephone number
Identifying duplicate vendor invoices Identifying duplicate expenses –
travel
Establishing an Enterprise-Wide Hotline
Required as part of SOX 301 and 806 Means of anonymous communication
for employees and vendors Establishing Awareness programs No Retaliation Policy communication
Benefits of Outsourced Program
Online database of all call activity Automatic notification of call activity Available 24/7 Multi-lingual service Experienced operators Call monitoring
Steps to Take
Communicate what is expected of employees
Provide a safe mechanism to report concerns
Zero Tolerance for fraud
Questions?