GOLDENHORN Internal Control Management


The ‘Internal Control Management’ module in the GOLDENHORN ONEGRC  Software Suite is crafted to provide a robust framework for managing and enhancing internal control systems within organisations. Although specific sub-modules are not listed, the key features of this module function as integral components, each addressing different facets of internal control. These features are designed to ensure that organisations can maintain high standards of compliance, risk management, and operational efficiency.


The ‘Internal Control Management’ module of the GOLDENHORN ONEGRC Software Suite is a comprehensive solution designed to reinforce the internal control systems of an organisation. This module integrates a series of key features to ensure that internal controls are not only effective but also adaptable to the evolving business landscape. The suite includes Master Data Management, Risk and Impact Analysis, Control Project Management, and several other building blocks, each contributing to the robust management of internal controls. This integration ensures that every aspect of internal control, from planning and execution to monitoring and reporting, is covered with precision and efficiency.

Each key feature within this module is crafted to address specific aspects of internal control management. For instance, the Master Data Management Building Block centralises and maintains the integrity of all control-related data, while the Risk Evaluation Project Building Block assesses potential risks in control systems. The module’s holistic approach ensures that internal controls are not only compliant with regulatory standards but also aligned with the organisation’s strategic objectives, providing a comprehensive solution for effective internal control management.

Value Delivery

In terms of value delivery, the ‘Internal Control Management’ module stands out for its ability to offer a seamless and efficient approach to managing internal controls. The module’s diverse range of features work in harmony to deliver a comprehensive control management experience. For example, the Business Service Asset Catalogue Management Building Block helps organisations in cataloguing and managing their assets, which is vital for risk assessment and control. Similarly, the Control Testing (VVMi) Building Block provides tools for the verification and validation of internal controls, ensuring their effectiveness and compliance with set standards.

Furthermore, the module’s adaptability and scalability are central to its value proposition. It is designed to accommodate the varying needs of different organisations, regardless of size or sector. This flexibility ensures that as an organisation grows or its needs evolve, the ‘Internal Control Management’ module continues to be a vital tool for managing its internal control requirements.


The implementation of the ‘Internal Control Management’ module brings numerous benefits to an organisation. Primarily, it enhances the efficiency and effectiveness of the internal control process. Automation of various components of the control lifecycle reduces manual effort and minimises the potential for errors, leading to time and cost savings. The comprehensive nature of the module ensures that all aspects of internal control are covered, from planning to execution and follow-up, enhancing the quality of control processes and providing valuable insights for decision-making.

Additionally, the module fosters a culture of compliance and risk awareness within the organisation. By providing tools for continuous monitoring and evaluation, it enables organisations to identify and address risks proactively, enhancing their overall resilience and governance standards.

Target Users

The target users of the ‘Internal Control Management’ module are diverse, catering to a wide range of professionals within an organisation. Primarily, the module is designed for internal control managers and professionals who need a comprehensive tool to manage and enhance internal control systems efficiently. Its features are tailored to meet the needs of these professionals, enabling them to conduct thorough control processes with greater ease and precision.

Moreover, the module is also beneficial for risk managers, compliance officers, and audit professionals. These users will find the Risk and Impact Analysis Management and Incident Management Building Blocks particularly useful in managing controls specific to their domains. The module’s versatility makes it an invaluable tool for any organisation looking to strengthen its internal control and risk management processes.

Key Features (Aspects)

Master Data Management Building Block: Acts as the central hub for all control-related data, ensuring consistency, accuracy, and accessibility. This feature is vital for maintaining a strong foundation for all internal control activities.

Business Service Asset Catalogue Management Building Block: Focuses on the comprehensive cataloguing and management of business assets. It’s crucial for identifying and assessing risks associated with various assets.

Programme Management Building Block: Enables efficient planning, execution, and monitoring of internal control programmes. It helps ensure that control activities are aligned with organisational objectives and are executed effectively.

Management Planning Building Block: Facilitates strategic planning for internal control activities, ensuring that they are in sync with the broader business strategies and regulatory requirements.

Risk and Impact Analysis Management Building Block: Aids in identifying, analysing, and mitigating potential risks, thereby playing a key role in proactive risk management.

Control Project Management Building Block: Focuses on the management and oversight of control-related projects, ensuring that internal controls are implemented and functioning as intended.

Risk Evaluation Project Building Block: Assists in evaluating the risks associated with different organisational projects, prioritising audit activities based on the risk assessment.

Control Testing (VVMi) Building Block: Involves the rigorous testing of internal controls to verify their effectiveness and compliance with established standards and regulations.

Evaluation and Scoring Monitoring (ESMi) Building Block: Enables continuous monitoring and evaluation of the internal control environment, using scoring mechanisms for performance assessment.

Test Finding and Risk Detection Building Block: Specialises in detecting risks and documenting findings from control tests, essential for maintaining control effectiveness.

Non-Conformity Building Block: Addresses issues of non-compliance and deviations, ensuring prompt identification and rectification of such issues.

Test Finding Action Request Building Block: Manages actions required to address findings from control tests, ensuring effective resolution and compliance.

Incident Management Building Block: Manages unforeseen incidents within the control environment, ensuring a quick and appropriate response to maintain control integrity.

Work Activity Hub Management Building Block: Serves as a central point for coordinating and managing various internal control activities, enhancing operational efficiency.

Time Sheet Management Building Block: Enables accurate tracking of time and resources spent on internal control activities, essential for resource management and planning.

Goldenhorn OneBasis Model Building Block: Provides a foundational model for internal control processes, aligning them with best practices and regulatory standards.

Goldenhorn OneBasis Engine Building Block: Powers the entire internal control module, ensuring seamless integration and functioning of all the building blocks.

Sub Modules


The ‘Internal Control Management’ module, part of the GOLDENHORN ONEGRC Software Suite, is designed to offer a versatile and comprehensive approach to managing internal controls within various segments of an organization. This module comprises several sub-modules, each targeting a specific area of internal control. These sub-modules ensure that organizations can effectively address the unique challenges and requirements of different sectors, thereby maintaining robust control systems across all operations.

Sub Modules

Business Internal Control Sub Module: This sub-module focuses on the internal controls within business operations, ensuring that all business processes are compliant with both internal policies and external regulations. It is designed to maintain operational integrity and efficiency in the business sector.

IT/IS Internal Control Sub Module: Tailored for the information technology and information systems sector, this sub-module addresses the specific needs of IT internal controls. It ensures the security and compliance of IT systems, safeguarding digital assets and managing cyber risks.

Interested Party (Subsidiary, Joint venture, 3rd Party) Internal Control Sub Module: This sub-module manages internal controls related to subsidiaries, joint ventures, and third-party entities. It ensures that these external parties adhere to the organization’s control standards and regulatory requirements.

External Service Provider Internal Control Sub Module: Dedicated to managing the internal controls concerning external service providers. It focuses on ensuring that external services are delivered in compliance with contractual agreements and the organization’s internal control standards.

Bank Branch Internal Control Sub Module: Specifically designed for the banking sector, this sub-module addresses the internal control requirements of bank branches. It ensures compliance with financial regulations and internal policies specific to banking operations.


In summary, the ‘Internal Control Management’ module within the GOLDENHORN ONEGRC Software Suite provides a detailed and specialized approach to internal control management across various sectors. Each sub-module is expertly crafted to address the unique control requirements of its respective area, ensuring that organizations can uphold high standards of compliance, risk management, and operational control. The integration of these sub-modules into an organization’s internal control strategy enhances its ability to manage risks efficiently and maintain a strong compliance posture in today’s dynamic business environment..