Introduction
Within any organisation a high level of trust has traditionally been placed in management and key personnel. This has led to some quite public failures in corporate governance and internal controls Enron, WorldCom, HIH insurance etc A lack of effective personnel controls can lead to a multitude of organisation problems such as fraud, theft, excessive costs and poor management decisions. The solution therefore is not to trust the key personnel but instead to trust the controls. This in turn means that organisations need to develop more sophisticated more water-tight' control …show more content…
Often a large expense to an organisation is the development and training of employees therefore to ensure an organisation receives a benefit from their investment they need to have effective retention plans. Organisations need to ensure that their employees are enjoying their role a lack of job satisfaction has often been cited as a reason an employee has committed fraud. An organisation therefore needs to build into its personnel plans a review stage, where all roles are reviewed and to check that skills and responsibilities required still reflect the person within the role. Varied roles often provide good challenges for employees as well as offering an effective control for organisations. Programmes like job rotations and forced vacations if run effectively benefit both employee and employer. It is also important that employees have access to management opportunities. A major reason given for an employee to leave an organisation is if they feel they have nowhere else to go within the organisation other than …show more content…
With no tangible outputs in effect you are still in the same situation of trusting personnel trusting that they are following the controls, trusting that the controls have not become ineffective or out-of-date. This is where the development of tangibles such as key performance indicators (KPI's), key goal indicators (KGI's) and critical success factors (CSF's) all of which are discussed and described in the COBIT framework. Statistics like staff turn-over, head counts, number of customer complaints are all things that can be reviewed and compared and pattern changes in these numbers can all be indicators that controls need to be reviewed or there is a problem within the organisation these can be (hopefully) be used as preventative controls much more than being used as identification controls, alerting an organisation to a problem when it already exists. Other useful tangible outputs are things like staff reviews or employee surveys sometimes it takes the lure of being anonymous to enable an employee to speak out. If there are some less than desirable activities going on in an organisation it is quite common (in my opinion) that someone else already knows about it and is uncomfortable with it they just need a suitable platform on which to unburden'