1 / 20

How JCPenney is Managing Corporate Risk

How JCPenney is Managing Corporate Risk. John Polarinakis, Audit Director Dave Miller, Senior Audit Manager. What is JCPenney doing?. Ethics Program Internal Audit Function Anti-Fraud Programs Enterprise-Wide Hotline. On-line Ethics Statement. A letter from our Chairman

sondra
Download Presentation

How JCPenney is Managing Corporate Risk

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. How JCPenney is Managing Corporate Risk

  2. John Polarinakis, Audit DirectorDave Miller, Senior Audit Manager

  3. What is JCPenney doing? • Ethics Program • Internal Audit Function • Anti-Fraud Programs • Enterprise-Wide Hotline

  4. On-line Ethics Statement • A letter from our Chairman • The purpose of the Statement of Business Ethics • Our responsibility as an employee • A great work environment • Our duty to the Company

  5. An Effective Ethics Program • Communication with Employees • Communications with Suppliers • Employee Training • The Use of Criminal Background Checks • The Role of the Legal and Ethics Compliance Committee • Measuring our Performance – how effective are the programs

  6. How does Internal Audit support the Company’s corporate governance initiatives?

  7. Perform an Annual Risk Assessment • Risk rank each audit area • Discuss with management • Allocate resources • Allow for flexibility

  8. Fashion Triangle for Internal Auditing

  9. Anti-Fraud Programs • Fraud Risk Assessment • Fraud Awareness Program • Continuous Auditing and Monitoring • Enterprise-Wide Hotline

  10. Objectives of Fraud Risk Assessment • Evaluated the adequacy of select controls to mitigate fraud risks • Reviewed the oversight processes to prevent and detect fraudulent activity • Identified additional anti-fraud control enhancements

  11. Benefits of Fraud Risk Assessment • Interaction with management • Increasing management’s fraud awareness

  12. Fraud Risk Matrix

  13. Increasing Fraud Awareness • Established multi-department task force to oversee • Conducting awareness and ethics presentations • Red Flags of Fraud poster • Senior Management presentations to Audit Committee

  14. Continuous Auditing • Continuous Monitoring

  15. Monitoring Retail Store Operations • Short cash expense • Bad check expense • Purchase card expense • POS information

  16. Anti-Fraud Continuous Auditing • Matching vendor and employee name, address and telephone number • Identifying duplicate vendor invoices • Identifying duplicate expenses – travel

  17. Establishing an Enterprise-Wide Hotline • Required as part of SOX 301 and 806 • Means of anonymous communication for employees and vendors • Establishing Awareness programs • No Retaliation Policy communication

  18. Benefits of Outsourced Program • Online database of all call activity • Automatic notification of call activity • Available 24/7 • Multi-lingual service • Experienced operators • Call monitoring

  19. Steps to Take • Communicate what is expected of employees • Provide a safe mechanism to report concerns • Zero Tolerance for fraud

  20. Questions?

More Related