Please enable JavaScript.

Coggle requires JavaScript to display documents.

8.2 (the auditor should consider the following when auditing regulatory…

- - - - which employees and other entities should follow to reduce the risk of criminal activity.
  - - - should be assigned to specific INDIVIDUAL(S) WITHIN SENIOR MANAGEMENT of the organization.
  - - - to ensure that such power is NOT DELEGATED to individuals who have CONDUCTED ILLEGAL ACTIVITY
- - - - protection of privacy and confidentiality of personal data,
      - intellectual property rights
      - and reliability of financial information.
  - - - whether the IT organization is protecting IT assets
      - and effectively managing associated risk.
- - - - internal audit,
      - compliance programs such as the US Sarbanes-Oxley Act,
      - ERM,
      - operational risk,
      - incident management and other activities
  - - - financial,
        
        Financial GRC is used to ensure proper operation of financial processes and compliance with regulatory requirements
      - IT
        
        IT GRC seeks to ensure proper operation and policy compliance of IT processes.
      - and legal areas.
        
        Legal GRC may focus on OVERALL REGULATORY COMPLAINCE