Inside This Issue:

• Message from the Chairman

• New Member's Only Portal Coming in December

FEATURED MEMBER

Dr. Cevdet Kizil

Member Profile

Dr.Cevdet Kızıl graduated from the Business Administration Department of Istanbul University in 2002. Then, he earned his Master of Business Administration (MBA) and M.S. Organizational Leadership degrees from Southern New Hampshire University in 2005 and 2008 respectively. Dr.Kızıl was invited to Delta Mu Delta (DMD) International Honor Society in Business Administration for recognition of high scholastic attainment after earning his M.S. degree in 2008. He was also awarded full (100%) scholarship for the Finance and Banking Ph.D. Program of Kadir Has University in 2006 and earned his doctorate in 2009. Kızıl is also a Certified Public Accountant (CPA), Certified Internal Controls Auditor (CICA), Certified Controls Specialist (CCS), ISO27001 Lead Auditor and ISO9001 Lead Auditor. He currently serves as the President of Institute for Internal Controls (IIC) Turkey. 

Dr.Cevdet Kızıl has several published books and articles in Turkey and internationally. His articles had also been published by popular businessd and management journals such as Harvard Business Review, Marketing Turkiye and PERYÖN. Several articles of Kızıl were also published by Habertürk Newspaper through 2009-2011. He currently serves as the reviewer and editorial board member of several scientific journals. One of the international projects he participated titled "Coming Home: Reverse Migration of Entrepreneurs and Academics in India and Turkey in Light of the Chinese Experience" is funded by Research Grant Council (RGC) of Hong Kong.

Dr. Kızıl earned Best Publication Performance award at the prestigious Yalova University in the years 2013 and 2014,  Excellence in Teaching Award in Yalova University (2013 and 2014), Appreciation Plaque and Certificate for Outstanding Performance as the Vice Department Chairman in Yalova University (2014), Erasmus Teaching Mobility Scholarship Award (2013 and 2012), World Academy of Social Sciences Best Paper Award (2012), Republic of Turkey, The Land Forces Commandership Superior Service Appreciation Award (2006), chess championship medals and plaques in Southern New Hampshire University, İstanbul University Faculty of Economics Business Administration Department and Yalova University.

Contact:

chairman-turkey@theiic.org
cevdetkizil@theiic.org

 

ABOUT TheIIC

The Institute for Internal Controls, commonly referred to as TheIIC or IIC, is a global organization dedicated to promoting an effective internal controls environment in all organizations by providing high quality research and education in all areas of internal controls. As an indicator of expertise in internal controls, The Institute for Internal Controls grants the designation of Certified Internal Controls Auditor (CICA) and Certified Controls Specialist (CCS). 

CONTACT INFORMATION 

 Institute for Internal Controls

109 Mullen Drive 
Sicklerville, NJ 08081
856.982.2410

TheIIC e-Newsletter is published by TheIIC Press Division of the
 Institute for Internal Controls, Inc.

Copyright 2019
All rights reserved.

COMPLETE YOUR MBA 
PART-TIME 18-MONTH 
ACCELERATED PROGRAM

Link for Additional Information 
on the MBA Program

 

IS YOUR INFO CURRENT?

Has your information changed lately? Click the button below in order to complete TheIIC Member Change Information Form to update your records!

MASTERS DEGREE ONLINE or ON-CAMPUS 

CLICK HERE FOR PROGRAM INFORMATION 

Application fee ($50) will be refunded for members who are in good standing. Insert "TheIIC" under "how you learned about us?' question for a credit of the $50 application fee!

 

Partnerships and Alliances

These are just some of the major institutions worldwide that have partnered with TheIIC

 Professional Societies

PBA Canada (Professional Business Accountants Society of Canada

 

Colleges and Universities

Arcadia University MBA 

NovaSoutheastern University College of Engineering and Computing

 

 

 

University of Macedonia

 

 Master of Science in Applied Accounting & Auditing Program

TheIIC e-Newsletter

email: 

e-newsletter@theiic.org

phone: (856) 982-2410

Web Url:

http://www.theiic.org

 

Message from the Chairman

Lastly, I wanted to address the Quiz that is accessible via TheIIC e-Newsletter for CPE award. For those that completed the Quiz for the last edition of the e-newsletter, you noticed that we added a new functionality that allows for immediate grading of the quiz and issuance of the Certificate of Completion for members scoring the minimum passing grade. In addition, we allow retesting if a passing grade is not attained. We will also use this process for the Quiz for TheIIC e-Magazine to be released in mid 2019.

MEMBERS ONLY PORTAL to be Activated in 2019

Although access to TheIIC website will be open to anyone, valuable resources and benefits will be accessible only to Members-in-Good-Standing via the MEMBERS ONLY PORTAL. During the year we will add to this section to include not only TheIIC e-Newsletter, but also TheIIC e-Magazine (which will be released in mid 2019), a library of Internal Control Questionnaires (ICQs) that will be stocked from ICQs developed by TheIIC or via contributions from members, White-Papers on Internal Controls written by TheIIC Staff and Members and Guest Authors, as well as discounted offers by vendors for items of interest to Members, downloads for TheIIC artwork, including TheIIC logo and seal, templates for personal or business use of TheIIC logo or seal, screen savers, screen backgrounds, and much more.

Access to the MEMBERS ONLY PORTAL of our website will be via your preferred email address on record. This is the email used in the receipt of the announcement for this newsletter. Note that receipt of this email does not confirm your standing as a Member-in-Good-Standing. If in doubt, check your membership card as noted above or contact the Membership Department at membership@theiic.org for confirmation of your status. Any changes should be reported via the Member Change Request form located on the Contact Us page of our website (www.theiic.org). Note that the new website and MMS will allow members to access their profile and make changes as needed. Additional instructions will be emailed to the Membership once the MMS implementation is completed.

Members have inquired about the proper name of the Institute. In starting what was originally referred to as “The Institute” in 2005, we were limited in several areas in selecting the name for the association, as well as the acronym and internet domain. For those who have been associated with the IIA for a long time, you may remember that they experienced some of the same problems in selection of a domain for their website. First, in naming the organization and selecting a domain for our website it was revealed that the domain @iic.com was taken. Noting the importance of having dual domains, one for dot com and for dot org, we needed an alternative available choice. As a former member of the IIA, I remembered that their solution was to add the prefix “the” and therefore chose the domain @theiia.org for their website. We followed this by selecting the domain @theiic.org as our domain and a similar domain name for dot com with automatic forwarding to the dot org website. Simultaneously, we chose to incorporate the institute as “The Institute for Internal Controls, Inc.” a New Jersey Corporation. However, protocol in incorporating in New Jersey as well as IRS caused the elimination of the prefix “The” and we were officially incorporated as the “Institute for Internal Controls, Inc.” In the more than 14 years of operation we have found ourselves switching our acronym between “TheIIC” and the “IIC”. This year, in attempting to trademark some of our acronyms and symbols we have found that some have been denied due to conflict with existing trademarks. For example, the trademark “IIC” was taken but the trademark “TheIIC” was open. Therefore, we choice TheIIC trademark as well as our logo and seal. To be consistent, the Board has agreed that we would use the acronym “TheIIC” going forward. In line with this, we will be seeking designs for TheIIC trademark, with the only limitation being that its primary color would be blue. The initial version is show in the title of this article. We have also eliminated the word “The” from our name which was originally included on our initial seal but removed several years ago. Note that we have applied for aliases so both versions of our corporate name and acronym can be accepted, if needed.

MAY I OFFICIALLY WELCOME EVERYONE TO TheIIC ™ (Trademark pending)

 

 Board's Role in Promoting an Ethical Culture 

Extract (Modified with comments from Chairman)

PART II (continuation from Fall 2018 e-Newsletter

Source: Journal of Accountancy - July 1, 2018

An excellent article that was published in a recent edition of the Journal of Accountancy discusses the role of the Board of Directors in promoting a heightened level of ethics throughout the organization. The author astutely notes therein that  “Boards that prioritize corporate culture, watch for red flags, and set clear expectations, will encourage ethical behavior throughout the company.” However, we continue to see large scale fraud or inappropriate actions, especially in companies like Wells Fargo, Theranos, and most recently Facebook, where it appears that profits override concerns for good business practices and privacy of individuals. As internal controls professionals we need to ask is policy or action reality. I suggest you use your professional skepticism in reading the article to determine what they want you to believe and what is reality.

Professional Ethics research over the past 20 years has continued to underscore that integrity drives performance. Corporate culture and tone at the top are considered key drivers of ethical behavior, but Boards of Directors (and Audit Committees) often devote little time to the topic. Although Board members generally recognize their responsibility to oversee ethics and compliance, they struggle with what questions to ask and what information to look for; that is, they are not well-versed in recognizing red flags. Most have had little or no training in ethics or the required in depth sensitivity to the risks in the industry itself. Serving on a board is a big job.  Business strategy and expansion, risks, and enforcement frequently take priority. Board members are aware of the importance of an ethical corporate culture and that it is driven from the top down, but 87% considered culture and engagement a top challenge, according to a Deloitte survey published in 2015. A 2016 Deloitte study found that just 28% of executives said they understand their organizational culture and 12% thought their company was driving the "right culture." This is evident in the Facebook incident(s) that continue with new revelations every day.

The problem often starts right in the boardroom. Research from a 2016 survey by the Rock Center for Corporate Governance at Stanford University and The Miles Group suggested that only 46% of board members strongly believe their board tolerates dissent. The same percentage believes that a few directors have an outsize influence on board decisions. A 2017 Blue Ribbon Commission of the ­National Association of Corporate Directors (NACD) suggested that boards can tackle the challenges. This is similar to what we heard from the AICPA in addressing the Lincoln/Keating scandal that wiped out the FSLIC and the Savings and Loan industry. Implementing new statements on auditing standards without training and compliance will not wipe out fraud and unethical practices. What they need to do is become as disciplined in overseeing corporate culture, an active on-going internal control environment, and implement a process for recognizing RED FLAGS.

The author noted that many businesses have codes of ethics that employees are supposed to follow and mission statements that promote values such as ethical behavior. But the real problem is integrating this ethical culture throughout management (especially at the executive level) where it must be integrated as best practices and a way of doing business. It is important that these statements and codes exist, but what really counts is having the board and senior management know and buy into them, and practice them themselves.  Tone at the top means that the board truly believes in the corporate culture and assures that the entire team adheres to the cultural values, starting with the directors and executive officers of the company.

It's important that during the executive sessions, audit committee members ask broad questions. In developing the AICPA Audit Committee Toolkit for Public Companies, it was stressed that during annual executive sessions, audit committee members ask broad questions to uncover any questionable activities. TheIIC opinion is that these be converted into an ICQ format, with all responses documented and that the Board, Audit Committee and Auditors, all exhibit professional skepticism in evaluating the responses. At a minimum the following questions should be asked:

• Are you aware of any issues that could cause embarrassment to the company?
• Have you ever been told anything in confidence or otherwise that would embarrass the company if it were known publicly?
• Are there any items that you have discussed with the CEO, CFO, other officers, or outside counsel of which the audit committee is not already aware?
• Is there any activity in the organization with which you are uncomfortable, consider unusual, or that you believe warrants further investigation?
• Are you aware of any current or past fraud occurrence or any kind of fraud in the organization?
• Do you know of any situations in which fraud could occur?
• Do you feel comfortable raising issues without fear of retribution?
• Are there any questions we have not asked that we should have asked? If so, what are those questions?

Note that the above covers just the basics and the ICQ should be specifically designed to address risks to the company. For example, in the Facebook situation, a deeper level of questioning was needed for obvious issues such as privacy concerns, what data do their customers/vendors have access to, what is everyone doing with this data, is what we are doing ethical, et. As you can see, this just touches the concerns and a system of internal controls need to be implemented to prevent or provide early detection of ALL risks that need to be identified ad addressed.

To establish clarity on the fundamental elements of a strong organizational culture, as well as promote and enforce it, the NACD’s Blue Ribbon Commission recommends that Boards follow these 10 recommendations:

1. The board, the CEO, and senior management need to establish clarity on the behavior they expect across the organization regardless of geography or operating unit, and they should develop concrete incentives, policies, and controls to support the desired culture.
2. Directors and company leaders should take a forward-looking, proactive approach to culture oversight to achieve a level of discipline that is comparable to leading practices in the management and oversight of risk.
3. The board's nominating and governance committee should ensure that board policy documents and committee charters clearly delineate the allocation of culture oversight responsibilities and explain how culture oversight is embedded into the board's ongoing work.
4. Directors should regularly review the culture of the whole board and its key committees, both formally in the evaluation process and informally by allowing conversation in executive sessions. Results of these reviews should inform board composition, succession planning, and continuous improvement efforts.
5. Directors should assess whether the chief legal officer/general counsel and other officers in key risk management, compliance, and internal control roles are well-positioned within management and in relationship to the board to support an appropriate culture.
6. Integrate culture into the board's ongoing discussions with management about strategy, risk, and performance, emphasizing that the way results are achieved is as important as whether a given goal is met.
7. Boards should set the expectation with management that regular assessments of culture will include qualitative and quantitative information and incorporate data from sources outside the organization.
8. Directors should make culture an explicit criterion in the selection and evaluation of the CEO and set the expectation that the CEO and senior leaders do the same in their own leadership development and succession-planning activities.
9. Boards and compensation committees should review the company's recognition and reward system to ensure that they reinforce the desired culture and avoid unintended outcomes that could undermine it.
10. Shareholder communication should include a description of how the board carries out its responsibility for overseeing and actively monitoring the company's culture.

1. Divide and conquer.
   
2. Trust the system, not people. "Don't trust the person, trust the system," Brown said.
   
3. Be proactive.
   
4. Bridge the expectation gap. 

Click for source article 

 

Ethical Implications of Artificial Intelligence

Artificial Intelligence (AI) is constantly surfacing in articles in general business, management,  and accounting/auditing. Most authors have note that AI presents a new set of ethical challenges for business leaders whose active deployment of mechanization may have profound effects on the workforce and society. The article extract belowrecently published in a recent edition of Financial Management points out several concerns that should be noted by the authors. As part of our introduction of TheIIC e-Magazine in 2019 as well as White Papers from staff, members and colleagues of TheIIC, we will introduce concepts and concerns to the Internal Controls professionals.

With regulatory and legal frameworks struggling to keep pace with the rapid pace of technological change, public demand is growing for greater transparency as to how these tools and technologies are being used. However, as we know, in our attempts to fix things quickly, we sometimes do a poor job, or make things worse. The UK's Institute of Business Ethics (IBE) recently issued a briefing urging organizations to examine the risks, impacts, and side effects that AI might have for their business and their stakeholders, as well as wider society. Tackling the issues requires these diverse groups to work together. Research identifies several challenges facing business leaders, auditors and IC professionals. These include:

The report notes that all stakeholders need to be empowered to take personal responsibility for the consequences of the use of AI, and they need to be provided with the skills and tools to do so. The report proposes a framework outlining ten core values and principles for the use of AI in business which are intended to "minimize the risk of ethical lapses due to an improper use of AI technologies". The values are:

1. Accuracy
2. Respect of privacy
3. Transparency
4. Interpretability
5. Fairness
6. Integrity
7. Control
8. Impact
9. Accountability
10. Learning.

The authors noted that companies applying AI to the finance function face the challenge of designing algorithms that produce unbiased results and are not too complex for users to understand how they work and make decisions. This transparency is essential to avoid the "black box" problem, in which a computer or other system produces results but provides little to no explanation for how those results were produced. In the case of machine learning, the greater the complexity of an algorithm, the more difficult it is for users to understand why the machine has made a certain decision. Another challenge is to avoid bias in the algorithm and in the dataset the algorithm uses for learning. One way of mitigating bias is to use combinations of learning types, including unsupervised learning. Assumptions noted include:

1. Supervised learning is based on label data, and often the labels themselves create bias.
2. Humans essentially bring their own biases to machine learning scenarios.

By contrast, unsupervised learning has no labels and essentially will find what is in the data without any bias.

AI provides a difficult set of ethical questions for society as well. One question centers on the preservation of the workforce. In the accounting profession, for example, AI can extract data from thousands of lease contracts to enable faster implementation of new lease accounting standards. This can enable the people who would have handled data extraction to perform more complicated accounting tasks and perhaps even contribute to strategy. This can be a positive development as those people perform more meaningful work. But if the people whose tasks are replaced by AI lose their jobs rather than being promoted to higher-level work, the implications for society can be ominous. If people who perform repetitive tasks across multiple professions and industries all lose their jobs instead of being promoted, implementation of AI could leave many people without options for work and damage their lives and the economy.

The technology may be here now, but the ethical rules for managing, controlling and auditing AI will take time to develop.

 

Click here to read the original article

 

10 questions to ask about adopting or using AI

In the FM article published above a reference to 10 questions to ask about adopting or using AI was referenced. We will discuss this article in the next issue of TheIIC e-Newsletter (note that the link to the article briefing has been included at the bottom of this article. They include:

1. What is the purpose of our job, and what AI do we need to                achieve it?

2. Do we understand how these systems work? Are we in                      control of this technology?

3. What are the risks of its usage? Who benefits and who                   carries the risks related to the adoption of the new technology?

4. Who bears the costs for it? Would it be considered fair if it                became widely known?

5. What are the ethical dimensions, and what values are at                    stake?

6. What might be the unexpected consequences?

7. Do we have other options that are less risky?

8. What is the governance process for introducing AI?

9. Who is responsible for AI? Because machines are not moral                agents, who is responsible for the outcome of the decision-                making process of an artificial agent?

10. How is the impact of AI to be monitored?

 

Source: IBE Business Ethics Briefing,“Business Ethics & Artificial Intelligence”  

TheIIC is Developing ICQ Library for Members

As part of the design of the new website, which will contain a Members' Only Portal, TheIIC is soliciting members to donate Internal Control Questionnaires for use by members. It should be noted that all ICQs should be non-copyrighted or if copyrighted, contain a release to allow use by TheIIC and its members.

An email alert will be sent to the membership providing more details on this project. As an incentive, all members who donate an acceptable ICQ will be awarded one raffle ticket for a drawing for the award of a $100 gift card.

 

TheIIC Releases Certification via Curriculum Program

Commencing in 2018/2019, candidates can earn the CICA or CCS certification by completing a curriculum of courses in the areas of internal controls. The program will entail corporate ethics and governance courses, how to courses, and tools and technique courses. The curriculum syllabus will be outlined in the new website which will be released this year. The courses will initially be held in live group sessions, and then converted to a high-quality DVD/CD-ROM format, with examinations held online at the end of each course. Once all course requirements are met, the candidate can apply for the CICA or CCS and candidates who meet all the requirements for certification will be awarded the professional designation. The program will be phased in over a one year period as courses become available.

Scholarship Fund Established

As previously announced  by the Chairman, a Scholarship Fund has been established for award to undergraduate students who are majoring in accounting or auditing, IT/MIS, finance, or Security. The scholarships will be funded by donations from members at renewal time, as well as direct contributions from TheIIC, and shared profits from the sale of TheIIC Internal Controls Case Study book to be released in 2019. Scholarships will be awarded based on set amounts collected. Plans are to award at least one scholarship each year. Scholarships will be awarded based on financial need. Student Members of Student Chapters of TheIIC or school Accounting Clubs will be given priority for the award of all scholarships.

FREE Job Posting Service