* I can understand internal control frameworks and the type of risks to mitigate.

* I can identify, interpret and apply control guidelines and requirements on specific governance issues.

* I actively promote the application of risk management and a risk-based approach to internal control.

* I can operate financial controls, specific user access or data integrity controls, and perform regular reviews of segregation of duties conflicts.