Corporate Compliance Report
Corporate Compliance Report
University of Phoenix
MBA 560 Week 6
WEEK6: Corporate Compliance Report
Bone marrow and cord blood transplants are a life-changing treatment for people with leukemia, lymphoma and many other diseases. For many patients, a transplant may be the best вЂ” and only вЂ” hope for a cure. When patients learn they need a transplant, they turn first to their families to find a donor. But 70% of those patients wonвЂ™t find a suitable match in their family. They depend on bone marrow or cord blood donors like you.
The National Marrow Donor Program (NMDP) makes sure every patient has the best possible chance to receive the transplant he or she needs. A national non-profit organization in the business of matching patients in need of a marrow, stem cell or cord blood transplant with matching donors willing to voluntarily donate to those in need.
The National Marrow Donor Program is headquartered out of Minneapolis, Minnesota with NMDP owned donor centers in every state of the U.S. and nine foreign countries. The NMDP has over 300 employees located in Minneapolis and 900 employees organizational wide.
The National Marrow Donor Program has a Quality Control department operating out of Minneapolis that handles risk management issues for the entire organization. As with all organizations, the COSO recommendations for internal controls should be very important and if I were to implement the recommendations into our organization these are the key issues that would be implemented.
Applying COSO to practice is not as simple as adopting it in theory, however. No defined approach exists for auditing “soft” controls like the integrity and ethical values of staff, the philosophy and operating style of management, and the effectiveness of communication.
The U.S. Sarbanes-Oxley Act of 2002 (SOX) requires management of public companies вЂ“ both large and small вЂ“ to annually assess and report on the effectiveness of internal control over financial reporting.
Issued in 1992 by the Committee of Sponsoring Organizations of the Treadway Commission (COSO), the вЂњInternal Control вЂ“ Integrated Framework has long served as a blueprint for establishing internal controls that promote efficiency, minimize risks, help ensure the reliability of financial statements, and comply with laws and regulations.
COSO is an internal controls framework focusing on fiscal responsibility. COSO-ERM builds on COSO, with a focus on Enterprise Risk Management.
Enterprise risk management (ERM) is the process of identifying and analyzing risk from an integrated, companywide perspective. The ERM framework will focus on the necessity of a consistent вЂњrisk and control consciousnessвЂќ throughout the enterprise; the importance of considering risk during the formulation of strategy; and the interrelationships of risks across business units and at every level of the organization.
ERM enhances the organizationвЂ™s ability to:
Align risk appetite and strategy.
Link growth, risk, and return.
Enhance risk response decisions.
Minimize operational surprises and losses.
Identify and manage cross-enterprise risks.
Provide integrated responses to multiple risks.
Deal effectively with potential future events that create uncertainty.
Respond in a manner that reduces the likelihood of downside outcomes and increase the upside.
Although the ERM framework will help the organization get on track with their risk management process, it is important to acknowledge thereвЂ™s really no substitution for integrity and an organization wide understanding that controls are everybodyвЂ™s business.
COSO recommends 26 fundamental principles associated with the five key components of internal control: 1) control environment, 2) risk assessment, 3) control activities, 4) information and communication and 5) monitoring.
Control environment, because the control environment represents and organizationвЂ™s first line of defense to mitigate the risks of financial reporting errors, a strong tone at the top plays a pivotal