Volunteers

Assess the Integrity of Your ‘Soft’ Controls

Adhering to these subjective guidelines can promote ethical behavior, innovation, and accountability.

July 13, 2011
KEYWORDS audit , ethics , management
/ PRINT / ShareShare / Text Size +

Unlike clearly defined internal controls, “soft” controls are subjective, intangible, and hard to audit, according to a recent issue of Credit Union Directors Newsletter.

“Best Practices: Evaluating the Corporate Culture,” published by the Institute of Internal Auditors Research Foundation, considered organizations’ creative practices meant to ensure soft controls’ success.

Soft controls can include:Directors Newsletter

  • Integrity and ethical values;
  • Commitment to competence;
  • The structure of reporting relationships;
  • Employee motivation; and
  • Information flow throughout the organization.

Also important are the extent of board or audit committees' understanding of the organization, management leadership, and efforts to establish mutual trust in the workplace.

Past results indicate the need for assessing the integrity of soft controls. “It’s essential to provide management and the board assurance that the organization won’t join the ranks of those that have been brought to their knees by lagging ethics and a weak corporate culture,” the auditing group says.

But business units can still create a contradictive subculture even if executive management models good ethics. This magnifies the difficulty of assessing soft controls in determining whether a gap exists between stated and actual corporate values.

Some guidelines on reporting and evaluating soft controls:

  • Require formal reports so long as an adversarial relationship isn’t created with audited managers.
  • Auditors must provide persuasive evidence, express their perception to the responsible manager, and allow individuals to fix the situations without involving upper management.

The report calls Enron the “worst practice” example. Its formal governance structure seemingly was strong, but the information communications and management behavior created a culture almost diametrically opposed to its stated values.

An internal audit department evaluating soft controls likely would have identified the gaps between declared corporate values and values actually practiced.

Post a comment to this story

CU Mag cover July 2014

Credit Union Magazine

July 2014

What's Popular

Popular Stories

Recent Discussion

Your Say: Should CUs Impose Age Limits for Directors?

View Results Poll Archive