CASA Handy Hints

An 'Identified Need' which has been agreed with management...

1. Following an internal audit or investigation
2. An area of management concern e.g. Stock Loss, Cash Loss
3. To provide assurance of the effectiveness of the Control Environment to the Audit Committee
4. To make a change programme stick e.g. restructure of a department, or merger of companies etc.

Identify and gain the support of Managers and Colleagues who are directly involved in the Areas to be Self Assessed

1. Deliver a presentation and system demo. of CASA to all levels of managers/colleagues
2. Identify potential Sponsored Authors who will assist in providing initial 'Best Practices' and accept responsibility for notifying any future updates.
3. Gain support and 'buy in' at senior management levels to help embed Self Assessment into the business.
4. Ensure management understand they must provide positive feedback to negative assessment results.
5. Produce a Project Plan and agree with managers.
6. Set up a small project team and agree responsibilities and deadlines, team could include representatives from Audit, IT and training dept. etc.

Define the 'Pyramid Structure' for the first module

7. Don't try to build an all encompassing self assessment system in the first module - attempt 'bite sized chunks'.

Outline the framework of Controls and Risks using a combination of the following approaches

8. 'walkthrough audit' to facilitate process mapping and identify any control gaps
9. Communicate with specialists and colleagues responsible for completing tasks
10. Refer to previous audit reports
11. Collate 'Best Practices'
12. Prepare training questionnaires to test understanding of functions

Hold a workshop to complete the detail and test the control framework

13. Invite a mix of management/colleagues/specialists
14. Agree the key controls and business risks which will provide the Control Environment
15. Produce action plans incorporating Audit recommendations and 'Handy Hints' on how to best achieve the control environment from people actually doing the job

Conduct System Tests and UAT

16. Independent tests on functionality and to ensure CASA interfaces with existing systems
17. Independent User Acceptance Testing by the client
18. Maintain an Issues Log to document system/operational issues and their resolution

Pilot selected modules and training materials at chosen locations

19. Agree the pilot modules and locations with management
20. Appoint a 'champion' at the pilot location/s to log feedback and identify any operational or system issues
21. Identify training requirements and prepare training material/validation exercises
22. Test training material and methodology during the pilot
23. Conduct a 'listening group' on completion of the pilot to discuss all aspects of the pilot including training and implementation

Decide on training and implementation methodology and train the trainers

24. Finalise training requirements and prepare training materials/validation exercises
25. Select trainers - these could include Auditors and champions from the pilot locations
26. Decide on training venues e.g. individual sites or regional training centres
27. Train the trainers

Full Implementation

28. Roll out to client locations as per agreed Project Plan
29. Establish a 'helpline' to respond to issues

Ensure CASA is maintained to reflect current controls and procedures

1. Ensure a process is built in to identify and communicate Best Practices e.g. bulletin board or intranet.
2. Update the content on a regular basis e.g. monthly or quarterly.

Build Support with Management and users

3. Promote open communication to encourage honest self assessment without fear of reprisal.
4. Ensure everyone understands the benefit of self-assessment i.e. continuous improvement via honest self assessment and action plans.
5. Encourage use as a training aid
6. Establish an assessment schedule or diary but be flexible