Risks and Controls in Core Business Processes
Risk management procedures are in place for business processes in the form of defined control points:
- relevant process risks are identified;
- common control points / Company´s minimum requirement control points are identified;
- common control points are implemented in business processes; and
- additional control points can be determined as needed at business or functional levels.
Control activities are the policies and procedures that help ensure that management directives are carried out. They help ensure that necessary actions are taken to address risks to the achievement of the Company´s objectives. Control activities are set throughout the organization, at all levels, and in all functions. They include various range of activities including but not limited to approvals, authorizations, verifications, reviews of operating performance, securing of assets, and segregation of duties.