In this post – why I am restarting this blog – and some risk management (ERM) and audit committee materials

I last used this blog in mid-2013. For my recent posts to other blogs on these topics, please also click on the following:

http://auditcommitteeupdate.com – 103 posts from January 2, 2016 to the present (and ongoing – this blog is continuing).

http://directorofficernews.com – 310 posts from September 21, 2013 to January 2, 2016.

And, of course, I am also continuing with my longtime blog about trust and estate litigation and contentious administrations, conservatorships, powers of attorney, elder abuse and elder protection, real property, etc., http://californiaestatetrust.com.

You might ask, or wonder, why restart this blog? Because as I view the current business and people environment, the more broad scope of this blog title accurately reflects the status of the community and business environments and what is needed. As indicated above, I am also continuing with my longtime trust, estate and elder litigation blog, and with my audit committee and D&O blog. Thank you.

Best to you, David Tate, Esq.

 

 

The California State Leadership Accountability Act (Cal. Government Code §§13400-13407)

Section 13401

The California State Leadership Accountability Act in relevant part provides as follows:

(a) The Legislature finds all of the following:

* * * * *

(3) Effective systems of internal control provide the basic foundation upon which a structure of public accountability must be built.

(4) Effective systems of internal control are necessary to ensure that state resources are adequately safeguarded, monitored, and administered.

(5) Systems of internal control are necessarily dynamic and must be routinely monitored, continuously evaluated, and, where necessary, improved.

(6) Reports regarding the continuing adequacy of the systems of internal control of each state agency are necessary to enable the executive branch, the Legislature, and the public to evaluate each state agency’s performance of its public responsibilities and accountability.

(b) The Legislature declares all of the following to be the policies of the state:

(1) Each state agency must maintain effective systems of internal control as an integral part of its management practices.

(2) The systems of internal control of each state agency shall be evaluated on an ongoing basis through regular and ongoing monitoring processes and, when detected, weaknesses must be promptly corrected.

(3) All levels of management of state agencies must be involved in assessing and strengthening the systems of internal control to minimize fraud, errors, abuse, and waste of government funds. Monitoring processes should be designed to ensure objectivity of persons tasked with monitoring. Objectivity means allowing those tasked with monitoring to maintain integrity, impartiality, a questioning state of mind, and the ability to accurately and fairly assess circumstances and draw sound conclusions.

(4) It shall be the responsibility of the Department of Finance, in consultation with the Controller and the California State Auditor, to establish guidelines for how the objectivity of the persons tasked with monitoring processes are to be maintained. Those guidelines should include establishing monitor training programs, identification of appropriate chain-of-command reporting relationships, and recommended best practices for professional development and the conduct of objective monitoring, including, but not limited to, practices for the regular dissemination of strategies and lessons learned from successful efforts to strengthen state administration via interagency cooperation.

Section 13402

Agency heads are responsible for the establishment and maintenance of a system or systems of internal control, and effective and objective ongoing monitoring of the internal controls within their state agencies. This responsibility includes documenting the system, communicating system requirements to employees, and ensuring that the system is functioning as prescribed and is modified, as appropriate, for changes in conditions.

Section 13403

(a) As used in this chapter, “internal control” means a process, including a continuous built-in component of operations, effected by a state agency’s oversight body, management, and other personnel that provide reasonable assurance that the state agency’s objectives will be achieved. The following five components of internal control, if effectively designed, implemented, and operated in an integrated manner, constitute an effective internal control system:

(1) “Control environment” means the foundation for an internal control system that provides the discipline and structure to help a state agency achieve its objectives.

(2) “Risk assessment” means an assessment of the risks facing the state agency as it seeks to achieve its objectives and provides the basis for developing appropriate risk responses.

(3) “Control activities” means the actions management establishes through policies and procedures to achieve objectives and respond to risks in the internal control system.

(4) “Information and communication” means the quality of vital information used and communicated to achieve the state agency’s objectives.

(5) “Monitoring” means the activities management establishes and operates to assess the quality of performance over time and promptly resolve the findings of audits and other reviews.

(b) The elements of a satisfactory system of internal control, shall include, but are not limited to, the following:

(1) A plan of organization that provides segregation of duties appropriate for proper safeguarding of state agency assets.

(2) A plan that limits access to state agency assets to authorized personnel who require these assets in the performance of their assigned duties.

(3) A system of policies and procedures adequate to provide compliance with applicable laws, criteria, standards, and other requirements.

(4) An established system of practices to be followed in performance of duties and functions in each of the state agencies.

(5) Personnel of a quality commensurate with their responsibilities.

(6) An effective system of internal review.

(7) A technology infrastructure to support the completeness, accuracy, and validity of information processed.

(c) Agency heads shall follow the standards established by this section of internal control in carrying out the requirements of Section 13402.

(d) Monitoring systems and processes are vital to the following:

(1) Ensuring that routine application of internal controls do not diminish their efficacy over time.

(2) Providing timely notice and opportunity for correction of emerging weaknesses with established internal controls.

(3) Facilitating public resources and other decisions by ensuring availability of accurate and reliable information.

(4) Facilitating production of timely and accurate financial reports, and the submittal, when appropriate, of recommendations for how greater efficiencies in support of the state agency’s mission may be attainable via the consolidation or restructuring of potentially duplicative or inefficient processes, programs, or practices where it appears such changes may be achieved without undermining program effectiveness, quality, or customer satisfaction.

(e) It shall be the responsibility of the Department of Finance, in consultation with the Controller and the California State Auditor, to establish guidelines for the management of state agencies on how the role of monitoring should be staffed, structured, and its reporting function standardized so it fits within an efficient and normalized state agency administrative framework.

(f) Agency heads shall implement systems and processes to ensure the objectivity of the monitoring of internal control as an ongoing activity in carrying out the requirements of Section 13402.

* * * * *

Link for U.S. federal government ERM – OMB Circular A-123 – Management’s Responsibility for Enterprise Risk Management and Internal Control  https://www.whitehouse.gov/sites/whitehouse.gov/files/omb/memoranda/2016/m-16-17.pdf

Society of Professional Journalists, Code of Ethics https://www.spj.org/ethicscode.asp

Audit Committee Survey Discussion – Corporate Board Member – Video

The following is another worthwhile video from Corporate Board Member, discussing their audit committee survey results, Click Here For Video.

Enjoy, Dave Tate, Esq. (San Francisco)

How to make your third-party provider a true partner – article from Inside Counsel

An article worthwhile reading, from Inside Counsel, How to make your third-party provider a true partner (and the importance of that relationship), for article link Click Here.

Dave Tate, Esq. (San Francisco)

Witnesses, Don’t Get Too Comfortable – post from the Persuasive Litigator

Another good discussion from the Persuasive Litigator (good for witnesses and public speakers in general about dealing with the stress of testifying), Witnesses, Don’t Get Too Comfortable, Click Here For Article.

Enjoy, Dave Tate, Esq. (San Francisco)

Introducing risk management to the board (and executives)

Two blog post links, discussing introducing risk management to the board, and I added “and executives.”  The initial link is to a discussion by John Fraser; the second link is to a discussion by Norman Marks commenting about Mr. Fraser’s discussion.

Discussion by John Fraser, Click Here.

Discussion by Norman Marks, Click Here.

And a follow-up blog post by Norman, Why it makes sense to consider GRC, Click Here.

Also interesting, but not discussed in detail here, new guideline requirements enacted for offshore drilling operations: train/instruct employees and contractors about safety, injury and environmental risk/uncertainty management, risk/uncertainty management is ongoing all the time 24/7, all employees and contractors can/should report any situation that presents safety, injury or environmental risk or danger, evaluate risks (e.g., likelihood of occurrence and possible resulting injury or damage) and design and implement risk/uncertainty plans and processes, have those plans and processes audited to determine sufficiency and need to modify and improve, appoint people who are unilaterally authorized to stop operations at anytime when they deem appropriate, etc.  Sounds good to me.  I support drilling; I have also previously written about the need for improved risk/uncertainty management, and safety and risk/uncertainty management cooperation and collaboration between operators and operations.  Also good stuff for boards to oversee.

Dave Tate, Esq. (San Francisco)

Focus on internal audit – the path to excellence – from a Norman Marks post

If you’re an executive officer, or a director, or involved in internal audit, governance, risk/uncertainty management or audit committee activities, click on the following link for another interesting and worthwhile post by Norman Marks about the path to excellence in internal audit, and please also read the informed comments below the article, Click Here For Article.

In some respects internal audit continues to search for respect and appreciation.  It is internal audit that must sell itself and its value to executive management, the board, audit and risk committees and professionals, shareholders, governance professionals, and other stakeholders.

Thanks for listening, Dave Tate, Esq. (San Francisco).

GCs using social media to select law firms, video from Bloomberg Law . . . .

The following video from Bloomberg Law discusses general counsel using social media to select law firms.  My thoughts on the topic.  Social/business media are here to stay.  Each firm needs to determine its approach based on its practice mix and resources that it will commit to the effort.  As with any marketing, there are no guarantees of success.  Some efforts will be viewed successful.  Others won’t.  Strategy should be reviewed and changed as prudent.  Consider the efforts from a ROI viewpoint – but you still need to determine how you will calculate ROI.  New social/business media opportunities are developing regularly.  Overall, any firm that does not evaluate and implement a program that works for that firm is missing an opportunity, and eventually sooner or later will fall behind the competition.  And, lawyers also must be involved in both the design/strategy and the effort – this isn’t something that you can simply assign.

Dave Tate, Esq., (San Francisco)

Click Here To View Video.