There are three main factors in COSO: operations, financial reporting and compliance.(4) For each of the factor, there are five points which are control environment, risk assessment, control activities, information and communications and monitoring.(4)
From page 52 is the part of accountability. This part showed how board operating the internal control strategy. They introduced how to manage the risk first and then give us a short introduction which in there is mentioned as “the Board has overall responsibility for maintaining and reviewing the Group’s systems of internal control and ensuring that the controls are robust and effective in enabling risks to be appropriately assessed and managed”. The internal control sector has six parts but it included the three main factors in COSO Framework. “Responsibilities and authority structure ” is a section that talked about operations, they said the operations are associate as the level of company. And the next part is the “Planning and reporting processes” which is the part to talk about short-term plan and the overall reporting. They said they had in place a number of “Compliance policies” which illustrated the model “compliance”. Besides, Computacenter also mentioned some specific factors in those three aspects. “Centralized treasury functions” and “Quality and integrity of staff” are the control activities and also a method to manage risk. …show more content…
They primarily use top-down and bottom-up key risk assessment processes to analyze the risk. The limitation of the risk is following with strategy plan which has explained at “Strategic objectives guiding strategic risk governance to support operational risk management”. (annual 5) in the process of managing risk for their company, “principal risk” is the most important one. The risk committee with other departments estimate it together and analyze the reason that why it become the main risk. Through the principle risk, the company will adjust the strategy and get the suit project to limit the