Based on the COSO Framework, PROCOMP 262 streamlines internal control activities over the executive reporting process into six steps:
- Entity Level Control
- Identification of the Business Units involved in the Scoping phase
- Process design
- TOD evaluation
- TOE evaluation
- Analysis and constant monitoring of residual risk.
The 6 phases of PROCOMP 262 control activities
- Entity Level Control: definition and updating of each entity, such as budget ratios, procedures and activities.
- Identification of the Business Units involved in the Scoping phase.
- Drawing of the processes to identify all the processes at risk, the controls applied to them and thus build, automatically, the RCA matrix.
- TOD evaluation, through easily customizable web forms and customizable approval workflows.
- TOE evaluation with automatic references to the evaluations entered in the previous phases.
- Analysis and constant monitoring of residual risk thanks to reports updated in real time.