Corporate Governance
Governance, Risk and Compliance
Leadership and Audit Committees always need an assurance on whether they have the right structures and processes in place to assess and manage their weaknesses and explore suitable business opportunities. We help clients to understand and articulate the level of risk they are willing to take (or their risk appetite) in order to meet their strategic aims, and determine how well organizations identify, mitigate and report the management of their risks. We use this understanding to benchmark them against competitors and to suggest actions that could improve their risk processes (including how to use technology), risk culture and the use of risk information to support decision making. We also examine governance structures including the board and its committees to ensure they meet the needs of management and the business, We also evaluate the effectiveness of critical governance functions of compliance management and internal audit.
Organizations today are facing a constant need to change to stay viable. But just as change drives new opportunities, it also brings new business, digital and regulatory risks. We help mitigate these risks by transforming organization’s controls to be more efficient and effective. This helps ensure organizations’ internal controls are fit for purpose and sustainable with the right blend of people and technology for the often-unpredictable future. The leadership also needs assurance that controls are working across the organization to prevent and detect risks, improve internal controls and meet the ongoing compliance requirements.
Corporate Governance
Corporate Governance
Sound corporate governance enables companies to be more efficient and accountable. With good corporate governance structures and practices in place, businesses mitigate risk, safeguard against mismanagement and are able to attract investment and capital—giving them the fuel for growth. A corporate management approach is crucial for the sustainability of the institutional entity and prestige of a company.
We at CH provide a wide range of specialized advisory services designed to help strengthen companies by improving corporate governance with our experienced team to deliver advice in the key areas of Board Effectiveness, Business Governance and overall Control Environment.
We offer the following comprehensive services:
- Governance framework – review and design
- Evaluation of governance structure for the Board and Board committees'
- Composition of the Board and Committee structure with roles and responsibilities
- Review / enhance / develop Board and Committee charters / terms of reference
- Review / enhance / develop Governance charter / manual
- Review / enhance / develop – Governance policies (regulatory)
- ESG governance assessment
- Governance code diagnostic assessment – for listed companies
- Corporate governance audit / gap assessment and improvement plan
- Governance maturity assessment
Enterprise Risk Management
Enterprise Risk Management
As business risks continue to increase, organizations are finding it necessary to implement a robust risk management process that proactively identifies risk, and assesses how it can effectively be addressed, before it occurs. An effective enterprise risk management (“ERM”) program supports organizations to manage their risks and maximize opportunities. ERM has also gained substantial momentum because of the growing importance of solutions for compliance and regulatory norms for which ERM lays down the foundations.
Our specialized team of ERM experts provide customized solutions within risk management to enable and strengthen the Company’s ability to identify and mitigate risks in a proactive manner.
We offer the following comprehensive services:
- ERM framework - design and implementation
- ERM monitoring and reporting
- ERM framework – audit/gap assessment and improvement plan
- Review/enhance/develop - ERM strategy, policies and procedures
- Review/enhance/develop – Risk Registers (corporate and operational)
- Risk identification, controls assessment and action plan development
- ESG risk management
- Regulatory compliance for ERM
- ERM secondment/co-sourcing
Compliance Management
Compliance Management
Compliance is a necessary component of good corporate governance. Compliance management is a collective term for all the tools and processes a company implements to ensure compliance with the rules, comprising of both, the regulatory and legal requirements as well as internal policies and bylaws. Compliance management tools and processes aim to detect compliance violations and protect a company from these violations which can cost a company considerable reputational damage and high financial penalties.
Our team specializes in compliance management to provide customized solutions to ensure effective compliance with the required aspects.
We offer the following comprehensive services:
- Compliance framework - design and implementation
- Compliance management - monitoring and reporting
- Compliance framework – audit/gap assessment and improvement plan
- Review/enhance/develop – Compliance policy
- Review/enhance/develop – AML policy and procedures
- Compliance secondment/co-sourcing
For rules laid out by:
- KSA – CMA, Saudi Exchange Rules and Companies Law
- Qatar – QFMA, QFCRA, QCB, QSE, and Commercial Companies Law
Internal audit services
Internal Audit Services
In order to achieve entity-wide goals while reducing the potential for risk and implementing measures to grow more sustainably, internal audit serves as a critical function for ongoing support to the Board and senior management.
Internal audits involve the review and analysis of the effectiveness of a company’s internal controls environment, which are integrated to safeguard your business against threats — such as fraud, non-compliance to laws and regulations and operational concerns. Our team of experts provide specialized internal audit solutions to enhance the adequacy and effectiveness of internal controls.
We offer the following comprehensive services:
- Internal audit department framework design (strategy, charter, policies and procedures)
- Review/enhance – IA strategy, charter, policies and procedures
- Internal audit department quality assessment and improvement plan
- Risk assessment and internal audit plan development
- Review/enhance internal audit plan
- Diagnostic reviews (high-level) – operational and support functions
- Board/Audit committee reporting
- Internal audit secondment/co-sourcing
Information technology advisory services
Information Technology Advisory Services
Amid an evolving regulatory environment and increased oversight pressures, organizations face ongoing challenges to manage and comply with ever-mounting regulations that are coming their way. At the same time, organizations are focused on managing new and persistent risks to their business, while balancing revenue growth and expense saving business priorities.
Managing IT risks and compliance have become even more critical considering these challenges. Failing IT can result in reputational harm, customer and market valuation decline, increased privacy concerns, and high-profile legal exposure. Therefore, enhancing IT controls is essential in this setting to make sure organizations are managed and controlled effectively and operate consistently.
Our team of experts provide specialized IT solutions to enhance your IT infrastructure and mitigate the IT risks in an effective manner. We offer the following comprehensive services:
- IT governance and strategy
- IT policies and procedures
- ITGC audit/gap assessment and improvement plan
- IT risk assessment/risk management
- Service organization compliance audit
- Privacy and data protection assessment and Qatar Law-13 enablement
- IT change and configuration management
- IT process optimization/transformation
- Business continuity management/disaster recovery framework design
- Business continuity management/disaster recovery – implementation and testing
- Qatar NIAP framework – design and implementation
- Information security ISO 27001 Certification
- Business continuity management – BCMS ISO 22301 Certification
- IT Service Management System ISO 20000-1 Certification
Other Consulting/Advisory services
Other Consulting/Advisory Services
Successful organizations are often built through the optimal management of people, technology and assets. Market leaders across sectors, whether public or private, are engaged in a continuous evaluation of their investment in people, technology and assets to help ensure the best outcomes aligned to their objectives. Our management consulting services focus on our clients' most critical issues and opportunities comprising of their business strategy, organization structure, operations, internal controls and sustainability across all industries and geographies. We bring deep, functional expertise, but we also incorporate our holistic perspective, whereby we capture value across boundaries and between the silos of any organization.
We provide tailor made solutions to enhance and optimize internal processes and controls aligning to leading practices and frameworks. We offer the following comprehensive services:
- Review/enhance/develop – Organization structure (entity-wide and departmental)
- Review/enhance/develop – Delegation of authority policy and matrix (entity-wide and departmental)
- Business process optimization – support and operational functions
- Job descriptions – key management personnel
- Internal Controls Over Financial Reporting (ICOFR)
- Entity level controls assessment (ELC) and improvement plan
- Policies and procedures for support functions (HR, Finance, Procurement, IT and BCM – base versions)
- Anti fraud framework – design and implementation
- QFCRA license application - preparation and submission
- QFCRA governance framework design – as part of licensing process
- Board performance evaluation
- ESG policies/charters
Workshops/Training Programs
Workshops / Training Programs
Employee training is a critical aspect for any organization which enables upskilling and improve their performance at work, for new recruits as well as for
existing workforce. Our training programs are aimed at improving employees’ competencies across various business lines and are designed based on the
attendees’ level of knowledge, skills and competencies. These customized training programs allow for continuous professional development and enhanced
performance.
We offer the following workshops / training programs:
- Corporate governance workshop – Board and senior management role, key frameworks etc.
- ERM training – benefits, process and methodology
- Internal audit department training –IPPF standards, report writing, IA plan development etc.
- Information security management system training
- Business continuity management workshop
- Privacy and data protection training
- IPO / Listing process awareness
- Sustainability / ESG – basics and advanced concept and process
- Soft skills and communication workshop