Chapter 7. Managing Your Testing Phase: Management Testing and Certifying Controls
In the previous chapter, we learned the techniques used to develop and maintain the controls documentation that is essential to test and certify controls. After completing the controls documentation as described in the previous chapter, you can begin testing the design and operating effectiveness of internal controls. There are two major methods for testing internal controls: Management testing and Independent testing. In this chapter, we will describe the Management testing uses, approach, and techniques that are a critical phase of a governance, and risk and compliance-program. Management testing is often included in the audit plan for control self-assessment. Management testing is also required by compliance regulations, such as Sarbanes-Oxley for asserting controls over financial statements, and it is an important part of the Enterprise Risk Management program.
