Time
8 hours 35 minutes
Difficulty
Intermediate
CEU/CPE
9

Video Description

This lesson focuses on understanding the corporate structure and discusses the various roles in a corporate structure:

  • The Board of Directors
  • Audit and Oversight Committee
  • Chief Executive Officer (CEO)
  • Chief Operating Officer (COO)

This lesson also discusses consulting firm roles and how they relate to organizations. [toggle_content title="Transcript"] Alright, so let's look a little bit at the corporate structure. This is an important concept for the auditor to understand. Each organization has its own structure that may vary from division to division, or maybe the organizational structure looks different to the auditor from other places they've worked in the past. So having a good ORG chart that's clearly labelled and shows everyone's roles is a really good foundation to have to begin with. This also helps the auditor decide who needs to be contacted or worked with in order to get the appropriate level of authority for certain decisions and for certain information to be revealed. So, thinking about some of these members of your typical organization, we have a board of directors. Typically it's composed of investors and advisors. The board typically also advises the CEO and the CFO, the Chief Financial Officer of the organization, so they discuss among themselves what they think the priorities are for any given issue and make their recommendations to the top level leadership in the organization. Then you have an oversight committee in a lot of organizations. This is not always required but it typically does exist. So this could be people that are on aboard as well but are not part of the normal business operation. This gives them a different perspective somewhat from what the people on the board of directors might have. The oversight committee will also perform a function to keep an eye on the different initiatives the organization is undergoing and decide what kinds of resources might be allocated to achieving those goals. Then we have the CEO. As we see here, the CEO is primarily concerned with generating revenue. That's their ultimate responsibility for the organization. They have some expectation for setting appropriate levels of risk and making some risk-based decisions for the different considerations for the organization, as far as steering it through some of its challenges and handling things like acquisitions and mergers, and so on. Chief Operating Officer, or COO, they're also concerned with revenue, but in the sense that they are always looking for ways to improve upon the current revenue generation methods. Trying to find ways to generate more money for the business by looking at as many metric and other performance indicators as they can get their hands on to understand where the efficiencies are, where the inefficiencies are, in order to improve those things over time. Then we have our Chief Financial Officer, the CFO. So, there is some interaction, of course, with the CFO and other executives at the C-level suite. Since the CFO is concerned with capital allocation, they've got some responsibility for oversight and understanding how the organization is spending its money, whether that's being done efficiently or inefficiently and also trying to uncover ways to improve that process over time. Then we have the CIO, your Chief Information Officer. Subordinate to the CFO. The CIO is gathering information about the organization's operations, how it spends money, and funneling that up to the CFO so that the CFO has enough information to make his decisions. So there is some inter-relationship there. Then we get down to the president or general manager. Presidents of corporations or organizations have a lot of responsibilities, but they're not as high-up in the organization as the C-level suite. They still make important decisions, but they don't have as much authority to make certain choices, as far as allocation of funds, or other types of resources. Then we have an important point here that the president or the general manager is usually liable. If a fraud is committed, or a crime is committed, and the manager or president of the corporation is not aware of that, they might have some issues, or if they knowingly commit fraud, or knowingly allow certain things to happen, then they're going to be liable for that as well. Then we have the vice-president, the VP. This is the second level of officer underneath the c-level suite. Again, the VP, just like the president, is liable to investigators or prosecutors, if the organization is undergoing some type of investigation. Then we have directors, or sometimes called line management positions. Directors are responsible for some sub-division of the company, or the organization. A business unit, like marketing or sales or research and development, typically that's headed up by a director. Then, lastly, we have the lower level managers and the actual workers. Managers at this level are obviously directing staff in their day-to-day duties and then their long-term and medium-term goals as far as development, handling projects, seeing that certain initiatives are continued until their completion, and so on. At this level, though, managers and staff members may not be necessarily liable to prosecutors unless they are involved in some illegal activity, and then, of course, they can't absolve themselves. Alright, so moving on to a consulting firm as compared to a typical corporation, we've got slightly different considerations here. First we have the managing partner. So, again, it's a C-level executive equivalent type of role. Perhaps equivalent to something like a president of an organization. The managing partner as a result, has responsibility for the different divisions within that consulting firm. You might have a consultancy that does financial contracting or IT or research and development, software development. So the managing partner would deal with those different divisions, the same way a president of an organization would do if it wasn't a consulting firm. Then we have partners. So these are similar to a director in the regular corporation, since they are responsible for different divisions within the organization to manage that as a business unit. So, again, you might have a partner that manages just the financial side of the house. Another partner manages the consultants that do IT work, and so on. Then we have engagement managers - another director level type of position. But they are more concerned with the relationship between clients and the consulting firm - Trying to keep everybody happy. Making sure they understand the clients' needs, and, of course, making sure that the organization is providing those solutions that the client requires. Then we have senior consultants. Obviously this is someone who has risen up through the ranks and is in some level of authority to manage lower-level consultants or act as a mentor to them. Senior level consultants are expected to be very autonomous and should not require a lot of hand-holding. Then we have consultants doing the actual work for the clients on behalf of the consulting firm. Usually the consultants are acting in the same capacity as an employee would be within the corporation or the organization that they're performing their duties. As you probably are aware, there are sometimes cultural and political differences between employees and consultants or contractors. Sometimes they're not treated exactly the same way, but most organizations, in my experience, usually treat the contractors and the employees on a pretty fairly level playing field. Then we have systems analysts. As it says here, where this is considered an entry-level position, this is someone who is perhaps relatively new to the consulting world and is still trying to build up their skills and their abilities in order to rise up to higher levels within the organization. [/toggle_content]

Video Transcription

00:04
all right, so let's look a little bit
00:06
at the corporate structure.
00:08
This is an important concept for the auditor to understand.
00:12
Each organization has its own structure that may vary from division to division. Or maybe the organizational structure looks different to the auditor from other places they've worked in the past.
00:23
So having a good or a chart that's clearly labeled and shows everyone's roles
00:29
is a really good foundation to have to begin with.
00:32
This also helps the auditor decide
00:35
who needs to be contacted or were
00:39
or worked with in order to get the appropriate level of authority for certain decisions and for certain information to be revealed.
00:46
So thinking about some of these members of your typical organization, we have AH board of directors,
00:53
typically composed of investors advisers.
00:58
The board typically also in, advises the CEO
01:03
in the CFO, the fund chief financial officer of the organization, so they discuss among themselves
01:08
what they think the priorities are for any given issue and make their recommendations
01:14
to the top level leadership in the organization.
01:18
And you have an audit and oversight committee In a lot of organizations. This is not always
01:23
required, but it's typically does exist does exist,
01:29
So this could be people that are on a aboard as well but are not part of the normal business operation.
01:34
This gives them some a different perspective, somewhat for
01:38
from what the people on the board of directors might have.
01:44
God.
01:45
The oversight committee will also perform a function to keep an eye on the different initiatives the organization is undergoing
01:53
and decide what kinds of resource is might be
01:57
allocated to achieving those goals.
02:01
And we have the CEO.
02:05
And as we see here, the CEO is primarily concerned with generating revenue.
02:09
That's their ultimate responsibility
02:13
for the organization.
02:15
And they have some expectation for setting,
02:19
uh,
02:20
appropriate levels of risk and making some risk based decisions
02:23
for the different considerations for the organization's fires, steering it through some of its challenges
02:30
and handling things like quizzes, acquisitions and mergers. And so on.
02:37
Chief Operating officer,
02:38
our c 00
02:40
They're also concerned with revenue,
02:44
but
02:45
in the sense that they are always looking for ways to
02:47
improve upon the current revenue generation methods,
02:52
trying to find ways to generate more money for the business
02:54
by looking at
02:57
a CZ many metrics and other performance indicators as they can get their hands on to understand where the efficiencies are, where the inefficiencies are
03:06
in order to improve those things over time.
03:08
And we have our chief financial officer of the chief, the CFO.
03:14
So
03:15
there are some interaction, of course, with the CFO and other executives at the sea level suite.
03:22
Since the CFO is concerned with capital allocation,
03:25
they've got some responsibility for
03:28
oversight and understanding how the organization is spending its money, whether that's being done efficiently or inefficiently, and also trying thio uncover ways to improve that process. Over time,
03:43
we have the C. I. O.
03:44
Your chief information officer, subordinate to the CFO
03:50
and the C I O. Is is ah,
03:53
gathering information about the organization's operations. How it spends money
03:58
and funneling that up to the CFO
04:00
is that the CFO has enough information to make his decisions.
04:05
So there is in a relationship there
04:09
that we get down to the president or general manager.
04:13
Presidents of corporations organizations have a lot of responsibilities,
04:19
but God,
04:20
they're not as high up in the organization as the sea level suite.
04:25
They still make important decisions,
04:28
but they don't have as much authority. Thio make certain choices as faras allocation of funds or other types of resource is,
04:38
then we have an important point here that the president of general manager
04:41
is usually liable if a
04:44
fraud is committed or crime is committed
04:46
and the manager or
04:49
president of corporation is not aware of that. They might have some issues or if they knowingly commit fraud or knowingly allow certain things to happen
05:00
that they're going to be liable for that as well.
05:02
Then we have the vice president, the VP.
05:05
It's the second level
05:08
of officer underneath the
05:12
the sea level suite.
05:15
Again. Divide the VP just like the
05:18
the president is liable to investigators or prosecutors
05:23
if the organization is undergoing some uncut type of investigation.
05:28
We have directors
05:30
sometimes called line management positions.
05:32
Directors are responsible for some subdivision of the company or the organization, a business unit or ah,
05:42
you know, like marketing or sales
05:45
or ah, research and development. Typically, that's headed up by a director.
05:50
And then lastly, we have,
05:53
uh, lower level managers and the actual workers.
06:00
Managers at this level are obviously directing staff in their day to day duties and
06:06
and then their long term and medium term goals fires, development, handling projects. Seeing that certain initiatives are are
06:17
our continued until their completion and so on.
06:21
At this level, though, managers and staff members may not be necessarily
06:27
liable to prosecutors unless they are involved in some illegal activity. And then, of course, they can't absolve themselves.
06:34
All right, so let's moving. Moving on to consulting firm as compared to a typical corporation
06:42
got slightly different considerations here.
06:45
First we have the managing partner.
06:47
So again it's a sea level executive equivalent type of role,
06:53
perhaps equivalent to something like a president of the organization.
06:59
And
06:59
the managing partner is, as a result, has responsibility for the different divisions within that consulting firm.
07:05
You might have a consultancy that does off
07:09
financial contracting or I T.
07:13
Or research and development software development.
07:16
So the managing partner would deal with those different divisions the same way that a president of an organization would do.
07:23
It wasn't a consulting firm,
07:26
and we have partners.
07:28
So these are much like directors in the in the corporate, similar to a director in the regular corporation,
07:35
since they are responsible for different divisions within the organization
07:41
to manage that as a business unit.
07:43
So again, if you might have a partner that manages just the financial side of the House and other partner manages the consultants that do I t work and so on
07:54
that we have engaged in managers
07:56
another director level
07:58
type of position.
08:00
But they are Mork concerned with the relationship between clients and the consulting firm,
08:05
trying to keep everybody happy, making sure they understand the client's needs
08:09
and, of course, making sure that the organizations providing those solutions that the client requires and we have senior consultants.
08:18
Obviously, this is someone who has risen up through the ranks
08:20
and is in some level
08:22
of authority to manage
08:26
lower level consultants or act as a mentor to them.
08:30
Seeing level consultants are expected to be very autonomous and should not require a lot of hand holding.
08:39
We have consultants
08:41
doing the actual work for the clients on behalf of the consulting firm,
08:48
and usually the consultants are acting in the same capacity as an employee would be
08:54
within the the corporation or the organization that they're performing their duties.
09:00
Azaz. You probably are aware there are sometimes cultural and political differences between employees and consultants or contractors. Sometimes they're not treated exactly the same way. But
09:13
but most organizations, in my experience, are usually treat of the contractors and the employees on a pretty, fairly level playing field. Then we have systems analysts
09:24
as it says here, where this is considered a entry level position.
09:28
This is someone who is perhaps relatively new to, uh, consulting world,
09:35
and it's still trying to build up their skills
09:37
and their abilities in order to rise up to higher levels within the organization.

Up Next

Certified Information System Auditor (CISA)

In order to face the dynamic requirements of meeting enterprise vulnerability management challenges, CISA course covers the auditing process to ensure that you have the ability to analyze the state of your organization and make changes where needed.

Instructed By

Instructor Profile Image
Dean Pompilio
CEO of SteppingStone Solutions
Instructor