The Governance Assurance unit of Nexia SAB&T provides consulting services which are advisory in nature, and are generally performed at the specific request of their clients.
Governance, regulatory and compliance issues continue to be complex business challenges. Increased accountability and potential exposure to liability means accounting authorities need to ensure that corporate governance standards are adhered to and that robust compliance management systems are in place.
Nexia SAB&T’s governance assurance unit can assist management to identify applicable laws and regulations to gain a better understanding of the regulatory environment. Their approach combines an analysis of the legal framework together with an assessment of the systems and processes which can help to ensure compliance and sound corporate governance.
Some of the Governance, Regulatory & Compliance services Nexia SAB&T provide include:
- Board and audit committee assessments
- Board training
- Development of internal control frameworks, in line with CoSO
- Governance framework design
- Quality assurance reviews
- Sarbanes-Oxley Act compliance / readiness assessments
To assist in ensuring governance excellence, Nexia SAB&T have developed diagnostic compliance tools to measure the degree of compliance and improve the decision making for both management and audit committees. The tools are designed to assist both internal audit as well as the audit committee by providing real-time results and assisting the audit committee in sound decision making.
Code and Report on Corporate Governance Principles (King III)
King III came into effect on 1 March 2010 and promotes high standards for ethical leadership and corporate citizenship. In addition to the economic and social reasons for implementing sound governance principles and practices, organisations have numerous and onerous legal duties (e.g. PFMA compliance) with which to comply.
The types of governance reviews that Nexia SAB&T performs in order to provide comfort to organisations regarding the state of their governance include:
- Assurance on the effectiveness and robustness of the risk management process
- Ethics assurance
- Governance accountability and performance
- Internal financial control assurance
- IT governance assessments
- Regulatory compliance
- Sustainability assurance
IT governance is a fundamental constituent of corporate governance that focuses on the effective management of information technology (IT) risk and optimal utilisation of IT resources. ISACA defines IT governance as the responsibility of executives and the board of directors, and consists of the leadership, organisational structures and processes, that the enterprise’s IT sustains and extends to the organisation’s strategies and objectives.
King III incorporates IT governance principles and places emphasis on the board of directors for implementing an IT governance charter. Furthermore, the IT governance framework should be organisation specific to ensure that the information system environment supports the business goals and objectives.
Nexia SAB&T assists organisations to ensure adequate controls over IT, by developing and implement an IT governance framework to institute IT governance that gives due considerations to the risks, adequate processes and controls which ensure IT value and improve service delivery.
The five elements of IT governance as defined by the IT Governance Institute are used by Nexia SAB&T’s information system team to identify the specific governance practices and goals to be reviewed during the audit. These elements are:
- Strategic alignment
- Risk management
- Resource management
- Performance management
- Value delivery
King III recognises the possibility of “too much” assurance and has recommended a combined assurance approach. In chapter three it states that the audit committee should ensure that a combined assurance model is applied to provide a coordinate approach to all assurance activities.
The governance assurance unit of Nexia SAB&T is integrated with its internal audit and enterprise risk management units and can assist in developing and implementing a combined assurance plan.