CONTROL Self-ASSESSMENT Order ID: Control Self-Assessment

Control Self-Assessment (CSA), also known as internal audit risk assessment is one of the management tools used to facilitate workers to be more effective in realizing their goals and managing associated risks which occurs, as a result. In risk management, organizations can "systematically identify potential exposures, take corrective actions early, and learn from those actions to achieve objectives" (David, 2004, p.6).

CSA in a company takes place to control and maybe to develop more controls if required within the company or a department. Within an organizational department, the employees are to determine the hindrances to be overcome or the strength to be leveraged and they are to agree on the most appropriate action to do to improve on the situation. One of the strengths of this management tool is that, it brings employees together, so that they can be able to identify and focus on issues which are of considerable influence among them.

There are two types of CSAs, which are Management Risk Assessment and Process Risk Assessment. The Management Risk Assessment deals with overall management of business risk. This method goes beyond the normal control only method, because, it addresses the risk, evaluates the resultant impact and engages the workers in finding the right solution for it. While, on the other hand, Process Risk Assessment specializes on an activity for a single business unit or a department and which may be applied to other business units or department.

CSA can be beneficial to both managers and internal auditors in that, managers can use it to define the business objectives, to identify and deal with the risks which arise in the path of a business attaining its objectives....

On the other hand, internal auditors use this program to gain useful information concerning risks and controls for the aid of focusing the auditing on a high risk also to have better collaboration with the employees and the management staff. El-Dine concurs by saying that "internal audit and risk management are evolving to address risk management as a corporate governance issue" (1998, p.1).
CSA is typically performed by the management of the business or organization in case an independent consultant cannot be provided. In some businesses, they may use the top-down or bottom up approach to deploy the CSA strategy which will allow a business the opportunity to fully integrate the control and risk awareness culture among its employees. CSA is usually done on a particular work group within the business/organization. The people in these work groups are those who regularly participate in some of the operations within the business.

Hightower states that, a dynamic risk management strategy requires "there are systems that have been put in place to make a company more resilient and adaptable to these changes" (2008, p.24). For that reason, the management team usually conducts surveys and facilitated workshops to enable employees to brainstorm and end up with some of the risk that the see to their opinion might be a setback to the business achieving its objectives. An outside consultant is the best candidate to conduct the CSA because, he/she will be dedicated towards the completion of the commenced program, he/she will have the skills to capture all the issue brought forward by the employees and ensure that all concepts and controls are considered.

Controls are identified by the use of surveys and facilitated workshops on individuals within working in…