Detalhes bibliográficos
| Ano de defesa: |
2010 |
| Autor(a) principal: |
Alves, Gilberto Cabeleira
 |
| Orientador(a): |
Santos, Neusa Maria Bastos Fernandes |
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Pontifícia Universidade Católica de São Paulo
|
| Programa de Pós-Graduação: |
Programa de Estudos Pós-Graduados em Ciências Contábeis e Atuariais
|
| Departamento: |
Ciências Cont. Atuariais
|
| País: |
BR
|
| Palavras-chave em Português: |
|
| Palavras-chave em Inglês: |
|
| Área do conhecimento CNPq: |
|
| Link de acesso: |
https://tede2.pucsp.br/handle/handle/1426
|
Resumo: |
This dissertation, a case study, has the purpose of examining the control functions in a large financial institution in Brazil and answer the central question: how and why to integrate the control functions in financial institutions? The study comprised the analysis of concepts, mission and approaches in use by Internal Control, Operational Risk Management and SOX Compliance functions. The internal control concept was identified as being the foundation of the three control functions under analysis. The framework of best practices in internal controls, COSO Internal Control Integrated Framework, is used to compare the way in which those functions operate. Interviews and questionnaires are used to collect primary data and documental analysis and observation for secondary data. Answers from the participating areas indicate that the departments reviewed by the control functions consider integration as necessary. By analyzing the purpose of those functions it is identified that Operational Risk Management and SOX Compliance functions have different purposes and focuses, the first aims at reducing the historic of losses and the later focuses on the quality of financial reporting, both functions report to different directors, have different performance measures and require different skill from their professionals. Comparison of the practices in use indicates that those functions adopt similar approaches; however, not integrated. It is identified a number of examples of opportunities for integration, such as: implementing a shared process for identifying and ranking risks, monitoring controls and reporting. The full integration within a single department revealed to be not adequate, but it is accepted that those functions need to be reviewed to take advantage of the integration opportunities |
