Home > Programme > Designing Cost Effective Business Control
Designing Cost Effective Business Control Discount

Programme Code 10006915-16 Recommended Programme
Start Date09-04-2019
Reservation Reservation
Favorite Favorite Enrollment Form Enrollment Form
Fannie Kwok, Tel: 27886271

Programme Info

DownloadDownload Full Course Description

Course Background

Good internal control is good business. An effective internal control system will safeguard assets; ensure accurate and reliable financial reporting, promote compliance with laws and regulations; provide reasonable assurance for the achievement of business objectives; ensure efficient and reliable business processing and minimize the risk of fraud, mismanagement or errors. Internal control, to be effective, should be able to ensure the reliability and completeness of information captured thereby support the execution of a profitable growth strategy.

Internal control goes hand-in-hand with risk management. It reduces an organisation’s exposure to risk, minimizing the chance of unexpected events to give reasonable assurance for the achievement of business objectives.

Everyone knows that internal control is necessary. However, there is a common fear that too much controls would lead to inefficiency and increase the cost of operations. On the other hand, inadequate controls would reduce quality and expose the company to risk. It is therefore crucial to learn the technique and approach to establish the right level of control based on the degree of risk to the organisations and by balancing the costs and benefits of control.

This course will explain the concept and show how companies can optimize the level of controls to reduce cost, enable growth and keep the business safe. Demonstrate how to balance organization’s strategic objectives, level of control, related costs and risk exposure, and at the same time eliminate layers of redundant and ineffective controls.


This Course will Show You

  • The key components of internal control and COSO internal control framework
  • How you should allocate control resources based on the level of risk to be controlled or mitigated. For internal control over financial reporting (ICFR), how you should identify and focus on the key controls for the significant accounts of your organisation and the associated business processes that produce the information for these significant accounts.
  • How to design and implement an effective internal control system for an organisation at the entity and business process levels as well as controls over information technology.
  • How to determine your organisation’s stage of internal control maturity so that a roadmap to finetune your internal control system can be developed.

Target Participant

Business owners, C-Level or business management, Independent company directors, Audit Committee members, Finance and audit professionals, and people who are responsible for or involved in internal control activities are all welcome to join.


Learning Objectives / Course Outline

This course aims to explain the key components of internal control system, and show you how to design and implement a cost-effective internal control system for your organization.

A. Internal Control Concept

  • Objectives and benefits of a cost-effective internal control system
  • Corporate Governance and HK Stock Exchange listing requirements
  • COSO internal control framework
  • Key components of internal control
  • Limitations of internal control
B. Control Solutions
  1. Internal control over financial reporting (ICFR)
Explain how to identify significant accounts for an organisation, the key business processes that produce the information for these significant accounts and their associated key controls.
  • What is ICFR and why it is important?
  • Key requirements for ICFR
  • 3 key components: (a) entity level controls, (b) process level controls and (c) Information Technology general controls (ITGC)
  • Significant accounts, key business processes and associated key controls
  1. Entity Level Controls
           Explain the following fundamental controls at the entity’s level:
  • Corporate Governance
  • Board and committees
  • Three lines of defense
  • Policies and Procedures
  • Segregation of duties, management supervision and approval authority
  • Fraud prevention and anti-fraud program
  • Independent function of internal audit
  1. Process Level Controls
           Discuss the key controls for the following major business processes:
  • Procurement to pay (P2P)
  • Customer ordering to cash received (Order to Cash)
  • Cash and banking control
  • Inventory control
  • Payroll control
  • Company’s expenditure controls
  1. Information Technology general controls (ITGC)
Information technology and processing is an integral part of an organisation’s business process. IT control therefore is a key component of an organisation’s internal control system. The following IT controls will be discussed:
  • Logical access controls over infrastructure, networks, applications and data
  • System development life cycle controls
  • Program change management controls
  • Physical security control over the data center
  • System and data backup, recovery controls, BCP and DRP
  • Computer operation controls
  • Controls over cloud computing
  1. Implementation
           Explain how to implement an effective internal control system for your organization:
  • Key steps and approach
  • Policies and procedures
  • Management oversight
  • Process mapping and control analysis
  • Role of internal audit
  1. Internal control maturity assessment
  • Discuss different stages of internal control system maturity. Explain how to determine your organisation’s stage of internal control system maturity so that a roadmap to finetune your internal control system can be developed.


Founder of Top Wise Management Limited that provides consulting services and business solutions in financial management, risk management, internal control, process improvement and training, Mr. Anthony Lam has over 30 years of experience in enterprise risk management, corporate governance, auditing, financial management, ERP system implementation and IT control and security.
Prior to running his consulting business, Mr. Lam had worked in Big Four Accounting Firm in Hong Kong and held various management positions in global US multinational corporations, HK listed companies and government statutory organization across a wide range of industries. He has conducted many training on corporate governance, risk management and control for various organizations.



6 lecturing hours


1/F, HKPC Building, 78 Tat Chee Avenue, Kowloon Tong

Medium of Instruction

Cantonese with English Terminology (Handouts in English)

Award of Certificate

Participants who have completed individual workshop will be awarded a certificate of attendance issued by the Hong Kong Productivity Council.

 Award of Course Fee

HK$2,400 / HK$2,280 (Friends of SME One) / HK$2,160 (2 or more from the same organization)
DiscountDiscount Recommended ProgrammeRecommended Programme CEFCEF Subsidised by RTTPSubsidised by RTTP FreeFree ConfirmedConfirmed QF LevelQF Level

Contact Us:

Facebook Twitter Weibo