Control Self-Assessment (CSA) is a process through which internal control is tested and assessed with the goal of providing a reasonable guarantee that all operational objectives will be attained.
Benefits of CSAs include:
- It is a methodology that gives stakeholders assurance that the internal control systems are reliable
- They create a clear line of responsibility, reducing the risk of fraud and strengthening the overall risk profile
- They fundamentally integrate the strategic objectives of the business with risk and control processes
- Ownership and responsibility are incorporated into the risk and control processes
- Controls are monitored
- They help identify risks and additional opportunities to improve control activities
- They reduce the need for audits
The first CSA was documented in 1987 by a Canadian internal auditing department that was unhappy with the standard audit techniques being used.
The Institute of Internal Auditors (IIA) began to sponsor an annual CSA conference in 1993 in addition to offering Certification in Control Self-Assessment (CCSA) in 1999. Finally, the Sarbanes-Oxley Act (SOX) of 2002 solidified administrative assessment requirements in relation to companies’ internal control systems, including identification of significant processes and key controls at an organization.