Continuous Monitoring and Gaining External Audit Reliance

Continuous Monitoring and Gaining External Audit Reliance

The Opportunity Post SOX organizations are inclined to establish key groups to govern risk and measure compliance across the company, who with the external auditor form an interdependent compliance community: Assess risk Assure internal controls Committed to operational excellence, solid metrics for measuring the process and continuous improvement. We believe that with some additional focus and prioritization, that these organizations can move to a continuous monitoring approach and create a better control environment with much less investment and expense than today’s environment. Continuous Monitoring will allow for far fewer audits and more risk coverage.

The Approach Build toward a common compliance strategy Model and measure in aligned segments Link monitoring activity to assertions and objectives Use audit engagements to determine specifications Collect persuasive detail through the monitoring applications Establish a solid methodology to accompany the metrics to reach a conclusion

Model and Measure in Aligned Segments Compliance Community Continuous Control Monitoring Tools and Methodology IT Operations Risks Application Risks Financial Process Risks GAIT Principles ITIL Processes Transaction Processing • Change Management • Security • Availability • Release & Config Mgt • Identity Management • Incident Management • Configurable Controls • Exception Data Accepted Assurance Frameworks

Link Monitoring Activity to Assertions and Management Objectives Assertion: Completeness Assertion: Existence / Occurrence Assertion: Valuation / Measurement Financial Processes Applications & Databases Operating Systems GAIT Principles Control Objectives ITIL Processes • Accuracy • Authorization • Completeness • Change Management • Security • Operations • Release & Config • Identity • Incident Handling

SAP_ALL Comparison Across Similar Applications (June 2008 – Sept 2008) Investigate

SAP_ALL Details for APL – September 2008

Continuous Monitoring and Gaining External Audit Reliance

Continuous Monitoring and Gaining External Audit Reliance

Presentation Transcript

Continuous Glucose Monitoring

Continuous Monitoring Continuous Auditing

Continuous Auditing Continuous Monitoring

Continuous Glucose Monitoring

REVENUE MONITORING AND REPORTING Audit procedures and internal and external reporting of revenues

Continuous Audit Briefing

SUB-RECIPIENT MONITORING: External Audit Perspective

Audit Compliance and Monitoring

External fetal monitoring

Continuous Transaction Monitoring

Continuous Monitoring Continuous Auditing

Continuous Glucose Monitoring

Gaining the Grail External Research Funding

External Audit Progress Report

Relations between External Audit, Internal Audit and Financial Inspection

EXTERNAL AUDIT

External Audit

Continuous audit: today and tomorrow

UNIT 4. EXTERNAL AUDIT

CONTINUOUS MONITORING

External audit

Relations between External Audit, Internal Audit and Financial Inspection