- Who We Are
- What We Do
- Strategic Partners
Internal Audit is a key component of a sound corporate governance structure. Its role is to provide objective assurance that the internal control framework is operating effectively.
Traditionally this role has been interpreted as verifying conformance or compliance with legislative requirements and internal policies and procedures.
At Sustineo we take the view that any internal audit activity must evaluate and contribute to the continuous improvement of an organisation’s governance, risk management, and control processes through a systematic, disciplined, and collaborative approach. The only way to deliver this is not via a text book approach, but rather through a ‘leveraged approach’ that blends established methodology with experience and knowledge, established industry best practice and practicality. What’s critical is that the audit team understands that it’s not about ‘the process’ it’s about understanding the objectives, sectors, people and culture within an organisation. We believe that the role of internal audit is to address four critical areas:
Sustineo’s Organisation & Program Assurance consultants bring intelligence, talent, and extensive experience to our clients. Our experience includes compliance audit, IT audit, financial statement audit, and performance audits for many public and private sector clients. Our methodologies and approaches are proven and consistent with material published by the Institute of Internal Auditors and the Institute of Chartered Accountants. What this means for our clients is:
Risk management is a powerful tool that can drive operational and strategic improvement throughout an organisation, but too often its potential is never realised. Sustineo can help you get the most out of risk.
Sustineo understands that risk management is an integral part of business assurance. It is also a powerful enabler of business improvement and organisational change. Successful risk management is not just a “tick the box” exercise. Done properly, risk management provides a fundamental level of protection for your business and improves the chances of achieving your business goals and objectives.
Effective risk management identifies:
If executed properly, risk management frameworks will improve decision making through the organisation. In particular, risk information needs to inform the:
Sustineo can help you achieve these benefits through our extensive experience in:
Sustineo’s fraud and risk management capability extends from designing and implementing a complete fraud and risk management solution through to providing tailored services against specific requirements.
Sustineo’s Fraud Control Model is fully consistent with the Commonwealth Fraud Control Guidelines and employs a risk-based approach to managing fraud and related issues. A fundamental principle to this approach is the recognition that prevention through a rigorous and sound control system is better than to rely too heavily on the resource intensive and high cost consequences of an investigation and subsequent effects on reputation and staff morale.
Minimising fraud means being proactive. Our approach to fraud prevention involves fraud control planning, risk assessment and management, provision of fraud awareness training to staff and good corporate governance. The Model uses a range of resources to manage fraud risks including internal controls and data mining analysis.
Unfortunately, some incidences of fraud will always occur in any organisation no matter how good the preventative mechanisms. If a suspected fraud or related incident occurs Sustineo can undertake administrative and misconduct investigations or provide advice and support as appropriate.
Any investigation or the identification of vulnerability to fraud should be immediately followed with a review of the organisation’s prevention and detection mechanisms. The final phase of Sustineo’s Fraud Control Model involves designing solutions to prevent reoccurrence and implementing these solutions into your standard business processes.
Sustineo’s Internal Audit and Assurance, Risk Management, and Fraud Control services are fully informed and guided by:
Although these are essential sources of methods and standards for risk management and fraud control, the design and implementation of plans and frameworks must take into account the organisation’s particular objectives, context, structure and operations. Risk management should continue to develop organically if it is to be truly effective and aligned with the organisation’s operating context.