404 Readiness Project Overview

1. 404 Readiness Project Overview Define Internal Control Framework Develop Pilot Plan and Approach Remediation and Monitoring Roll-out Strategy and Assessments Project Organization • Develop pilot approach • Select pilot location • Perform pilot • Develop roll-out strategy • Review pilot results to roll-out strategy • Execute strategy across the entire organization • Document and test control activities • Identify control gaps • Develop monitoring program for control gaps • Develop remediation action plan, responsibility assignments, and due dates • Define internal control remediation requirements • Communicate and document as required • Define Scope • Develop project plan, milestones, and budget • Organize project team • Establish communications plan • Evaluate and select monitoring tools • Identify existing control documentation • Gather best practices and external audit requirements • Select internal controls framework (e.g., COSO), map to existing controls, and identify gaps • Define documentation standards

2. The process to determine whether internal control is adequately designed, executed effective and adaptive COSO Control Framework • Management Analysis • Disclosure Committee • Internal Audits The process which ensures that relevant information is identified and communicated in a timely manner The policies and procedures that help ensure that actions are identified to manage risk are executed and timely • Messages from Senior Management • Policies and Procedures • Delegation of Authority • Approvals • Training • Code of Ethics • Common Processes and Systems • Segregation of Duties • Account Reconciliations The evaluation of internal and external factors that impact an organization’s performance • Information Technology Controls The control conscience ofan organization. The “tone at the top” • Business Risk Management • Process Risk Management • Code of Ethics • Internal Audit Risk Assessment • Documented Policies and Procedures • Cultural Assessment