USING SPREADSHEETS TO MANAGE GOVERNANCE, RISK AND COMPLIANCE:

Size: px
Start display at page:

Download "USING SPREADSHEETS TO MANAGE GOVERNANCE, RISK AND COMPLIANCE:"

Transcription

1 USING SPREADSHEETS TO MANAGE GOVERNANCE, RISK AND COMPLIANCE: PROS, CONS AND HIDDEN DANGERS MIKE ROST

2 CONTENTS INTRODUCTION... 3 GRC DISCIPLINES REQUIRE PURPOSE-BUILT TECHNOLOGY... 3 USING SPREADSHEETS FOR GRC THE PROS... 4 USING SPREADSHEETS FOR GRC THE CONS... 4 PURPOSE-BUILT GRC SOFTWARE: THE BETTER ALTERNATIVE... 5 CONCLUSION USING SPREADSHEETS TO MANAGE GOVERNANCE, RISK AND COMPLIANCE JULY 2012

3 INTRODUCTION The convergence of factors such as the SEC and PCAOB guideline changes over internal controls for financial reporting, a renewed corporate focus on internal audit, and the never-ending battle to keep up with compliance regulations, has forced organizations to seek more efficient methods to address integrated governance, risk, and compliance business processes. As with all business process automation initiatives, technology plays an important role in streamlining redundant tasks, providing transparency to information, and driving cost out of the process. For many organizations, the de facto technology solution is to try to automate using standard office productivity tools such as word processing programs and spreadsheets. While it is easy to create some light-weight solutions using these personal productivity tools, many leading organizations have found that, in the long run, spreadsheet-based solutions become part of the problem rather than part of the solution. This whitepaper provides an in-depth look at the pros, cons and hidden dangers of using spreadsheets for integrated GRC processes. GRC DISCIPLINES REQUIRE PURPOSE-BUILT TECHNOLOGY Whether implementing integrated governance, risk and compliance or tackling a single compliance initiative such as Sarbanes-Oxley or internal audit, a combination of methodology, skills and technology is required. Similar to managing the financial accounting, planning, budgeting, consolidation or reporting functions in any major corporation, GRC requires more than an ad hoc approach. For example, financial management requires clear, consistent accounting policies to determine what gets in the books, as well as sophisticated financial systems to capture, manage, analyze and report on the financial information transactions and reports. An integrated governance, risk and compliance solution has many of the same requirements. Even small and mid-market companies with less complex processes and organizational structures have invested in purpose-built software to manage their financial function reporting processes. Although spreadsheets are prevalent and add value to all finance functions, they are seldom the single source of record for managing the entire process. The increased focus on GRC disciplines such as internal audit, financial controls management, IT governance, operational and enterprise risk management, and broader compliance, have placed these business process disciplines at an equal level of importance to financial accounting. If spreadsheets are not good enough to be used as a general ledger, why would they suffice as the central system for GRC processes? Requirements For Effective GRC Technology To successfully implement integrated GRC processes, organizations must focus on several key strategic deliverables: transparency, performance improvement, accountability and collaboration, and documentation. An effective GRC technology solution must also support these business requirements. Transparency: GRC implies that the behavior of an enterprise will be driven by rational decisions made in the interest of investors and stakeholders. A GRC technology solution must support the reporting of risk acceptance decisions and the supporting documentation. Performance Improvement: GRC initiatives must produce performance improvement. Whatever the social benefit of GRC, business will demand economic benefit and the promise of improved business performance to ensure that GRC processes are sustained. A GRC technology solution must embrace and support business process performance reporting and business process improvement tools. Accountability And Collaboration: An effective GRC process is collaborative and interactive and includes not just management, but also those now functioning in silos of auditing, compliance and risk manage- 3 USING SPREADSHEETS TO MANAGE GOVERNANCE, RISK AND COMPLIANCE JULY 2012

4 ment. In fact, a GRC initiative will include many, if not most of the organization s key employees regardless of role. Technology for GRC must support work flow and collaboration across the organization and from its highest reaches to its front lines. Documentation: Documentation is the transactional information of GRC business processes. Core to financial accounting is the tracking of debits/credits. USING SPREADSHEETS FOR GRC THE PROS Surveys indicate that the majority of companies impacted by the financial controls reporting requirements of Sarbanes-Oxley initially tried to tackle these requirements using a combination of word processing tools and spreadsheets - the low-tech solution. Spreadsheets are also a favorite tool of auditors and other assurance specialists working in departmental and organizational silos. As organizations roll out a more integrated approach to GRC, the natural tendency is to try to integrate this complex web of spreadsheets. The reasons often cited include: The company s external auditors and/or GRC project advisors like using spreadsheets and often recommend they be used for SOX or other GRC assessment work. Implementing spreadsheets seems inexpensive since most companies already have licenses to use Excel or equivalent software. Most GRC process owners and participants are familiar with spreadsheet packages. GRC requirements are still evolving and the regulatory agencies change the rules frequently. Spreadsheets allow the user to easily modify the system any time. Until December 2006, when the SEC released its interpretive guidance for management s assessment for internal control effectiveness, SOX compliance involved little methodology or analysis. Bottom-up control documentation and testing worked well. Many organizations are unaware of a proven technology alternative that is readily available. USING SPREADSHEETS FOR GRC THE CONS Spreadsheets are user friendly and easy to implement, which are key attributes. However, they fall short in several areas: Spreadsheets Block Performance Measurement Or Performance Improvement: Spreadsheets are not well suited to monitor business performance or to support process improvement. Spreadsheets are capable of documenting and reporting simple relationships, but they are not designed or intended to integrate with other systems, to serve as dashboards or to identify and support process improvements. Performance measurement analysis and improvement requires enterprise consolidation and the ability to identify and track trends and opportunities. Spreadsheets are unable to support consistent methodologies, consistent consolidation of data or intelligent business analysis. Spreadsheets Kill Collaboration, Work Flow And Accountability: A central requirement of integrated GRC is the ability to assign owners to processes, risks, controls, compliance policies and manage the work processes of control testing, verification, audit, and issue and remediation documentation on the GRC data elements. Spreadsheets simply were not designed for and do not succeed in supporting multi-user, process-centric working environments. The lack of multi-user capability leads to a proliferation of spreadsheets for each user group and purpose. Collaboration with spreadsheets is a manual task with multiple iterations. Spreadsheets Are Inherently Unreliable And Lack Security: Most of the processes in the rows-and-columns grid are overly complex, duplicative and fragmented. For auditors, the implication is that spreadsheets act as end-user computing of high risk manual processes. Version control, change control, auditability and integrity are all well documented issues with spreadsheets. While they can sometimes be overcome, the cost and effort of doing so is huge. 4 USING SPREADSHEETS TO MANAGE GOVERNANCE, RISK AND COMPLIANCE JULY 2012

5 Spreadsheets Lack The Ability For Compliance Record Retention: A pervasive standard of compliance programs is strict guidelines over records retention. While the flexible nature of spreadsheets allows users to quickly create and modify data and structure, this flexibility does not lend itself well to compliance records retention. In contrast, purpose-built GRC technology that relies on application functionality built on relational databases by design has the capabilities to satisfy the most strict records retention requirements. Spreadsheet Costs Are Huge But Hidden: Spreadsheets, on the surface at least, appear to be a very inexpensive option for SOX and other GRC assessment work. Most companies and their auditors and advisors already have enterprise level licenses. The savings is more illusory than real. In round one, because of the time urgency, few companies tracked the full range of cost drivers including the time consumed of internal staff, the cost of any external contract staff, and the time charged by the company s external auditor. After companies address ongoing GRC costs - such as the section 302 requirements to report on material changes in the control environment, provide updates on progress resolving significant deficiencies and material weaknesses, and quarterly reports on new significant deficiencies and material weaknesses detected to the audit committee and external auditor - the real costs and deficiencies of using spreadsheets for documentation begin to emerge. PURPOSE-BUILT GRC SOFTWARE: THE BET- TER ALTERNATIVE An alternative to managing GRC processes with spreadsheets is to adopt a comprehensive GRC solution that supports the multiple disciplines of GRC. Leading GRC solutions provide functionality for internal audit, financial controls management, enterprise risk management, operational risk management, IT governance and compliance, purpose-built to address integrated governance, risk and compliance requirements. Compared to spreadsheets, these solutions provide greater efficiency, improved collaboration and reduce the time and resource costs associated with governance, risk and compliance processes. A well integrated solution provides a common set of functionality for each GRC process owner with shared functionality for common activities such as risk assessment, process documentation and issue tracking. Leveraging a shared data model, a well architected GRC solution enables the consistent sharing of definitions and terms, organizational reporting structures, and relationships between controls and the associated audit results. Eliminating the redundant efforts saves money by minimizing data entry, improving accuracy and enhancing collaboration, efficiency and consistency. CONCLUSION Regardless of the business process, the temptation for a quick-fix technology solution using spreadsheets is always there. However, as your business processes mature, requirements become more complex, and the need to scale across multiple users and departments increases, the true cost of spreadsheets become a significant liability. As leading organizations mature their integrated governance, risk and compliance processes, the investment in GRC solutions to support, automate, and drive efficiencies in the process grows. Similar to the evolution of general ledger, accounts payable, and budgeting and planning business processes, GRC has now reached the maturity stage where investment in purpose-built technology is considered to be a best practice. 5 USING SPREADSHEETS TO MANAGE GOVERNANCE, RISK AND COMPLIANCE JULY 2012

6 THOMSON REUTERS ACCELUS Thomson Reuters Governance, Risk & Compliance (GRC) business unit provides comprehensive solutions that connect our customers business to the ever-changing regulatory environment. GRC serves audit, compliance, finance, legal, and risk professionals in financial services, law firms, insurance, and other industries impacted by regulatory change. The Accelus suite of products provides powerful tools and information that enable proactive insights, dynamic connections, and informed choices that drive overall business performance. Accelus is the combination of the market-leading solutions provided by the heritage businesses of Complinet, IntegraScreen, Northland Solutions, Oden, Paisley, West s Capitol Watch, Westlaw Business, Westlaw Compliance Advisor and World-Check. For more information, visit accelus.thomsonreuters.com 2012 Thomson Reuters W /7-12

COMPLIANCE MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS COMPLIANCE MANAGEMENT SOLUTIONS

COMPLIANCE MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS COMPLIANCE MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS COMPLIANCE MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS Our solutions dynamically connect business transactions, strategy, and operations to the ever-changing regulatory environment,

More information

ACCELUS COMPLIANCE MANAGER FOR FINANCIAL SERVICES

ACCELUS COMPLIANCE MANAGER FOR FINANCIAL SERVICES THOMSON REUTERS ACCELUS ACCELUS COMPLIANCE MANAGER FOR FINANCIAL SERVICES PROACTIVE. CONNECTED. INFORMED. THOMSON REUTERS ACCELUS Compliance management Solutions Introduction The advent of new and pending

More information

building a business case for governance, risk and compliance

building a business case for governance, risk and compliance building a business case for governance, risk and compliance contents introduction...3 assurance: THe last major business function To be integrated...3 current state of grc: THe challenges... 4 building

More information

ENTERPRISE RISK MANAGEMENT ASSESSMENT GUIDE

ENTERPRISE RISK MANAGEMENT ASSESSMENT GUIDE ENTERPRISE RISK MANAGEMENT ASSESSMENT GUIDE WHITEPAPER CONTENTS CONTENTS INTRODUCTION 1 IS YOUR RISK MANAGEMENT PROCESS REALLY ASSESSING RISK? 1 IS YOUR RISK ASSESSMENT CONTEXT DRIVEN? 2 DOES YOUR RISK

More information

THOMSON REUTERS ACCELUS

THOMSON REUTERS ACCELUS THOMSON REUTERS ACCELUS ACCELUS Screening Resolution Service Executive Summary Thomson Reuters Accelus offers Screening Resolution Service (SRS): an outsourced screening service for Corporates and Financial

More information

Accelus Audit Manager THOMSON REUTERS ACCELUS

Accelus Audit Manager THOMSON REUTERS ACCELUS THOMSON REUTERS ACCELUS Accelus Audit Manager THOMSON REUTERS ACCELUS Our solutions dynamically connect business transactions, strategy, and operations to the ever-changing regulatory environment, providing

More information

Foreign business partners under the FCPA

Foreign business partners under the FCPA Foreign business partners under the FCPA by Tom Fox 1 TITLE about the writer Thomas Fox has practiced law in Houston for 25 years. He is now assisting companies with FCPA compliance, risk management and

More information

PRACTICAL GUIDANCE: SEVEN STEPS FOR EFFECTIVE ENTERPRISE RISK MANAGEMENT

PRACTICAL GUIDANCE: SEVEN STEPS FOR EFFECTIVE ENTERPRISE RISK MANAGEMENT PRACTICAL GUIDANCE: SEVEN STEPS FOR EFFECTIVE ENTERPRISE RISK MANAGEMENT WHITEPAPER CONTENTS CONTENTS INTRODUCTION 1 DEFINING ENTERPRISE RISK MANAGEMENT 1 IF IT S SO GOOD WHY ISN T EVERYONE DOING IT? 2

More information

COSO 2013: WHAT HAS CHANGED & STEPS TO TAKE TO ENSURE COMPLIANCE

COSO 2013: WHAT HAS CHANGED & STEPS TO TAKE TO ENSURE COMPLIANCE COSO 2013: WHAT HAS CHANGED & STEPS TO TAKE TO ENSURE COMPLIANCE COMMITTEE OF SPONSORING ORGANIZATIONS (COSO) 2013 The Committee of Sponsoring Organizations (COSO) Internal Controls Integrated Framework,

More information

SECURING THE BOARD: THE RISKS AND REWARDS OF CLOUD-BASED COMMUNICATION NATHAN LYNCH

SECURING THE BOARD: THE RISKS AND REWARDS OF CLOUD-BASED COMMUNICATION NATHAN LYNCH SECURING THE BOARD: THE RISKS AND REWARDS OF CLOUD-BASED COMMUNICATION NATHAN LYNCH ABOUT THE AUTHOR Nathan Lynch is the head regulatory analyst for Thomson Reuters Governance, Risk and Compliance operations

More information

ACCELUS ORG ID KYC MANAGED SERVICE

ACCELUS ORG ID KYC MANAGED SERVICE THOMSON REUTERS ACCELUS ACCELUS ORG ID KYC MANAGED SERVICE ACCELERATE ON-BOARDING ELIMINATE BURDEN OF REFRESH CONDUCT REMEDIATION EASILY ACCELUS ORG ID FOR FINANCIAL INSTITUTIONS TRANSFORM YOUR KYC PROCESS

More information

TRANSACTION MONITORING AN ESSENTIAL COMPONENT OF RISK COMPLIANCE

TRANSACTION MONITORING AN ESSENTIAL COMPONENT OF RISK COMPLIANCE TRANSACTION MONITORING AN ESSENTIAL COMPONENT OF RISK COMPLIANCE BY ROWAN BOSWORTH-DAVIES Statement of intent The current accepted wisdom is that businesses need to adapt to a changing environment and

More information

COMPLIANCE MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS COMPLIANCE MANAGEMENT SOLUTIONS

COMPLIANCE MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS COMPLIANCE MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS COMPLIANCE MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS Our solutions dynamically connect business transactions, strategy, and operations to the ever-changing regulatory environment,

More information

Mapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA

Mapping COBIT 5 with IT Governance, Risk and Compliance at Ecopetrol S.A. By Alberto León Lozano, CISA, CGEIT, CIA, CRMA Volume 3, July 2014 Come join the discussion! Alberto León Lozano will respond to questions in the discussion area of the COBIT 5 Use It Effectively topic beginning 21 July 2014. Mapping COBIT 5 with IT

More information

AN INTEGRATED APPROACH TO COMPLIANCE AND RISK MANAGEMENT IS THE BEST WAY FORWARD BY MARTIN WOODS OCTOBER 2011

AN INTEGRATED APPROACH TO COMPLIANCE AND RISK MANAGEMENT IS THE BEST WAY FORWARD BY MARTIN WOODS OCTOBER 2011 AN INTEGRATED APPROACH TO COMPLIANCE AND RISK MANAGEMENT IS THE BEST WAY FORWARD BY MARTIN WOODS OCTOBER 2011 FOREWORD The global financial crisis has led banks, firms, governments and societies to the

More information

1 THE BUSINESS NEEDS

1 THE BUSINESS NEEDS 1 THE BUSINESS NEEDS ECM MAP Figure 1.1: ECM Applications The business needs for ECM and its benefits are identified in this chapter, along with its many departmental applications in a variety of industries.

More information

THE PRACTICE OF PROFILING BY DAVID THOMAS

THE PRACTICE OF PROFILING BY DAVID THOMAS PROFILING PART 3 THE PRACTICE OF PROFILING BY DAVID THOMAS Statement of intent This paper follows the two previous titles The Psychology of Money Launderers and the Psychology of Anti-Money Launderers

More information

www.pwc.com Advisory Services Oracle Alliance Case Study

www.pwc.com Advisory Services Oracle Alliance Case Study www.pwc.com Advisory Services Oracle Alliance Case Study A global software company turns a Sarbanes-Oxley challenge into an opportunity for cost reduction and performance improvement Client s challenge

More information

Getting to strong Leading Practices for value-enhancing internal audit By Richard Reynolds and Abhinav Aggarwal - PricewaterhouseCoopers LLP

Getting to strong Leading Practices for value-enhancing internal audit By Richard Reynolds and Abhinav Aggarwal - PricewaterhouseCoopers LLP Getting to strong Leading Practices for value-enhancing internal audit By Richard Reynolds and Abhinav Aggarwal - PricewaterhouseCoopers LLP Today's unpredictable business climate and challenging regulatory

More information

The Unintended Effects of

The Unintended Effects of The Unintended Effects of Healthcare Reform TOM SUROVY, PRINCIPLE COMPLIANCE ATTORNEY CONTENTS CHILD-ONLY POLICIES... 3 PRESCRIPTIONS FOR NONPRESCRIPTION OVER-THE-COUNTER DRUGS... 4 COMMISSIONS FOR INSURANCE

More information

Module 6 Essentials of Enterprise Architecture Tools

Module 6 Essentials of Enterprise Architecture Tools Process-Centric Service-Oriented Module 6 Essentials of Enterprise Architecture Tools Capability-Driven Understand the need and necessity for a EA Tool IASA Global - India Chapter Webinar by Vinu Jade

More information

Helping Enterprises Succeed: Responsible Corporate Strategy and Intelligent Business Insights

Helping Enterprises Succeed: Responsible Corporate Strategy and Intelligent Business Insights I D C E X E C U T I V E I N S I G H T S Helping Enterprises Succeed: Responsible Corporate Strategy and Intelligent Business Insights May 2009 By Albert Pang, Research Director, Enterprise Applications

More information

Beyond risk identification Evolving provider ERM programs

Beyond risk identification Evolving provider ERM programs Beyond risk identification Evolving provider ERM programs March 2016 At a glance PwC conducted research to assess the state of enterprise risk management (ERM) within healthcare providers and found many

More information

Convercent Predictive Analytics

Convercent Predictive Analytics September 2015 Convercent Predictive Analytics Innovation in User Experience for Issue Reporting & Management SOLUTIONPERSPECTIVE Governance, Risk Management & Compliance Insight 2015 GRC 20/20 Research,

More information

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation

Tying It All Together: Practical ERM Integration. Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation Tying It All Together: Practical ERM Integration Richard Scanlon Vice President Enterprise Risk Management CIGNA Corporation November 16, 2007 1 Agenda Basis for ERM Integration ERM Objectives ERM Focus

More information

engage. empower. evolve. SARBANES-OXLEY COMPLIANCE

engage. empower. evolve. SARBANES-OXLEY COMPLIANCE engage. empower. evolve. SARBANES-OXLEY COMPLIANCE engage. empower. evolve. OVERVIEW OF THE SARBANES-OXLEY ACT The Sarbanes-Oxley Act of 2002 is the single most important piece of legislation affecting

More information

IT Risk Management Life Cycle and enabling it with GRC Technology. 21 March 2013

IT Risk Management Life Cycle and enabling it with GRC Technology. 21 March 2013 IT Risk Management Life Cycle and enabling it with GRC Technology 21 March 2013 Overview IT Risk management lifecycle What does technology enablement mean? Industry perspective Business drivers Trends

More information

THOMSON REUTERS ACCELUS. Know Your Customer (KYC), Kontrol Your Costs (KYC) and Keep Your Customers (KYC) happy

THOMSON REUTERS ACCELUS. Know Your Customer (KYC), Kontrol Your Costs (KYC) and Keep Your Customers (KYC) happy THOMSON REUTERS ACCELUS Know Your Customer (KYC), Kontrol Your Costs (KYC) and Keep Your Customers (KYC) happy Know Your Customer (KYC), Kontrol Your Costs (KYC) and Keep Your Customers (KYC) happy Background

More information

Governance, Risk, and Compliance (GRC) White Paper

Governance, Risk, and Compliance (GRC) White Paper Governance, Risk, and Compliance (GRC) White Paper Table of Contents: Purpose page 2 Introduction _ page 3 What is GRC _ page 3 GRC Concepts _ page 4 Integrated Approach and Methodology page 4 Diagram:

More information

White Paper March 2009. Consolidation automation Advancing compliance and performance management

White Paper March 2009. Consolidation automation Advancing compliance and performance management White Paper March 2009 Consolidation automation Advancing compliance and performance management 2 Contents 3 Business problems 3 Business drivers Consolidation: At the core of compliance and performance

More information

RSA ARCHER OPERATIONAL RISK MANAGEMENT

RSA ARCHER OPERATIONAL RISK MANAGEMENT RSA ARCHER OPERATIONAL RISK MANAGEMENT 87% of organizations surveyed have seen the volume and complexity of risks increase over the past five years. Another 20% of these organizations have seen the volume

More information

Auditing Standard 5- Effective and Efficient SOX Compliance

Auditing Standard 5- Effective and Efficient SOX Compliance Auditing Standard 5- Effective and Efficient SOX Compliance September 6, 2007 Presented to: The Dallas Chapter of the Institute of Internal Auditors These slides are incomplete without the benefit of the

More information

PROFIT OR PROVENANCE OR BOTH?

PROFIT OR PROVENANCE OR BOTH? PROFIT OR PROVENANCE OR BOTH? By Rear Admiral Chris Parry CBE Statement of intent Companies and institutions are familiar with the frailties and risks inherent in supply chains, whether caused by natural

More information

Software Industry KPIs that Matter

Software Industry KPIs that Matter Software Companies Run Better on NetSuite. Software Industry KPIs that Matter Sponsored by Improved Results from Businesses Like Yours Business Visibility 360 o Visibility & Actionable Insight Increased

More information

ACCELUS RISK MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS ACCELUS RISK MANAGEMENT SOLUTIONS

ACCELUS RISK MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS ACCELUS RISK MANAGEMENT SOLUTIONS ACCELUS RISK MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS ACCELUS RISK MANAGEMENT SOLUTIONS THOMSON REUTERS ACCELUS Our solutions dynamically connect business transactions, strategy, and operations to

More information

Simplify And Innovate The Way You Consume Cloud

Simplify And Innovate The Way You Consume Cloud A Forrester Consulting October 2014 Thought Leadership Paper Commissioned By Infosys Simplify And Innovate The Way You Consume Cloud Table Of Contents Executive Summary... 1 Cloud Adoption Is Gaining Maturity

More information

Digital Customer Experience

Digital Customer Experience Digital Customer Experience Digital. Two steps ahead Digital. Two steps ahead Organizations are challenged to deliver a digital promise to their customers. The move to digital is led by customers who are

More information

SAP Overview Brochure. Confidence Powers Success. SAP Solutions for Governance, Risk, and Compliance.

SAP Overview Brochure. Confidence Powers Success. SAP Solutions for Governance, Risk, and Compliance. SAP Overview Brochure Confidence Powers Success. SAP Solutions for Governance, Risk, and Compliance. Table of Contents 3) Build trust to achieve business results Introduction 4-5) Gain clarity from greater

More information

Sharing of Experience Section 404 Sarbanes-Oxley Act

Sharing of Experience Section 404 Sarbanes-Oxley Act Sharing of Experience Section 404 Sarbanes-Oxley Act 13th September 2005 Peter Koo Partner Deloitte Touche Tohmatsu CPA(HK), CA, AICPA, CISA, CISM, CIA,CFE, CRP Tel (HK): +852-2852-6507 Tel (China) : +86

More information

Paisley Enterprise GRC Audit Profile. Linda Bergs

Paisley Enterprise GRC Audit Profile. Linda Bergs Paisley Enterprise GRC Audit Profile Linda Bergs Successful Implementation Champion Buy-in Budget Technology Who We Are Paisley is an independent software vendor providing innovative solutions for governance,

More information

4th Annual ISACA Kettle Moraine Spring Symposium

4th Annual ISACA Kettle Moraine Spring Symposium www.pwc.com 4th Annual ISACA Kettle Moraine Spring Symposium Session 2 Big Data May 14th, 2014 Session Objective Learn about governance, risks, and compliance considerations that become particularly important

More information

Achieving governance outcomes through risk management and process automation. Thomson reuters

Achieving governance outcomes through risk management and process automation. Thomson reuters Achieving governance outcomes through risk management and process automation Thomson reuters CONTENTS INTRODUCTION... 0 Building a framework... 5 The changing investor relationship... 6 A unified approach...

More information

Best Practices for Budgeting, Forecasting and Reporting

Best Practices for Budgeting, Forecasting and Reporting Best Practices for Budgeting, Forecasting and Reporting TABLE OF CONTENTS Budgeting as a Competitive Advantage......................... 1 Broken Processes & Technology............................... 1

More information

The Fast Close: Are We There Yet? An Oracle White Paper Updated July 2008

The Fast Close: Are We There Yet? An Oracle White Paper Updated July 2008 The Fast Close: Are We There Yet? An Oracle White Paper Updated July 2008 The Fast Close: Are We There Yet? Companies that are able to close their books quickly and deliver more-timely information to external

More information

Optimizing government and insurance claims management with IBM Case Manager

Optimizing government and insurance claims management with IBM Case Manager Enterprise Content Management Optimizing government and insurance claims management with IBM Case Manager Apply advanced case management capabilities from IBM to help ensure successful outcomes Highlights

More information

Sarbanes-Oxley (SOX) The Migration from Project to Process. Practical Actions for Getting Started. Jim DeLoach, Managing Director.

Sarbanes-Oxley (SOX) The Migration from Project to Process. Practical Actions for Getting Started. Jim DeLoach, Managing Director. Sarbanes-Oxley (SOX) The Migration from Project to Process Practical Actions for Getting Started Jim DeLoach, Managing Director November 7, 2006 The Results So Far? Source: AuditAnalytics.com May 2006

More information

www.pwc.com Internal Audit Data Analytics

www.pwc.com Internal Audit Data Analytics www.pwc.com Internal Audit Data Analytics What s driving the need for enhanced data analytics in the market Analytics maturity model Capabilities developed and adopted Capabilities used to drive audits

More information

XBRL & GRC Future opportunities?

XBRL & GRC Future opportunities? XBRL & GRC Future opportunities? Suzanne Janse Deloitte NL Paul Hulst Deloitte / Said Tabet EMC Presenters Suzanne Janse Deloitte Netherlands Director ERP (SAP, Oracle) Risk Management GRC software Paul

More information

Fortune 500 Medical Devices Company Addresses Unique Device Identification

Fortune 500 Medical Devices Company Addresses Unique Device Identification Fortune 500 Medical Devices Company Addresses Unique Device Identification New FDA regulation was driver for new data governance and technology strategies that could be leveraged for enterprise-wide benefit

More information

Welcome to Modulo Risk Manager Next Generation. Solutions for GRC

Welcome to Modulo Risk Manager Next Generation. Solutions for GRC Welcome to Modulo Risk Manager Next Generation Solutions for GRC THE COMPLETE SOLUTION FOR GRC MANAGEMENT GRC MANAGEMENT AUTOMATION EASILY IDENTIFY AND ADDRESS RISK AND COMPLIANCE GAPS INTEGRATED GRC SOLUTIONS

More information

KNOW YOUR THIRD PARTY

KNOW YOUR THIRD PARTY Thomson Reuters KNOW YOUR THIRD PARTY EXECUTIVE SUMMARY The drive to improve profitability and streamline operations motivates many organizations to collaborate with other businesses, increase outsourcing

More information

Strategic Meetings Management Program (SMMP) Implementation and Idea Guide

Strategic Meetings Management Program (SMMP) Implementation and Idea Guide Title Page Strategic Meetings Management Program (SMMP) Implementation and Idea Guide By Corbin Ball Associates This report was commissioned by SignUp4 (www.signup4.com). Index Strategic Meetings Management

More information

The effect of dirty data on business

The effect of dirty data on business The effect of dirty data on business The biggest data quality challenges 2013 Experian Information Solutions, Inc. All rights reserved. Experian and the marks used herein are service marks or registered

More information

SAP ERP FINANCIALS ENABLING FINANCIAL EXCELLENCE. SAP Solution Overview SAP Business Suite

SAP ERP FINANCIALS ENABLING FINANCIAL EXCELLENCE. SAP Solution Overview SAP Business Suite SAP Solution Overview SAP Business Suite SAP ERP FINANCIALS ENABLING FINANCIAL EXCELLENCE ESSENTIAL ENTERPRISE BUSINESS STRATEGY PROVIDING A SOLID FOUNDATION FOR ENTERPRISE FINANCIAL MANAGEMENT 2 Even

More information

White Paper The Benefits of Business Intelligence Standardization

White Paper The Benefits of Business Intelligence Standardization White Paper The Benefits of Business Intelligence Standardization Why Should You Standardize Your Business Intelligence Tools? Author: Timo Elliott (timo.elliott@businessobjects.com) Contributors: Audience:

More information

We help companies operate responsibly and sustainably, grow with a clear understanding of strategic risk and

We help companies operate responsibly and sustainably, grow with a clear understanding of strategic risk and SOX Compliance We help companies operate responsibly and sustainably, We help companies operate responsibly and sustainably, grow with a clear understanding of strategic risk and grow with a clear understanding

More information

Embracing CHANGE as a Competitive Advantage

Embracing CHANGE as a Competitive Advantage Web Intelligence Content Management TOGETHER System WE CAN Embracing CHANGE as a Competitive Advantage October 2011 V1 Intelligence TOGETHER WE CAN Agile Business Transformation Embracing CHANGE as a Competitive

More information

SAP Thought Leadership Business Intelligence IMPLEMENTING BUSINESS INTELLIGENCE STANDARDS SAVE MONEY AND IMPROVE BUSINESS INSIGHT

SAP Thought Leadership Business Intelligence IMPLEMENTING BUSINESS INTELLIGENCE STANDARDS SAVE MONEY AND IMPROVE BUSINESS INSIGHT SAP Thought Leadership Business Intelligence IMPLEMENTING BUSINESS INTELLIGENCE STANDARDS SAVE MONEY AND IMPROVE BUSINESS INSIGHT Your business intelligence strategy should take into account all sources

More information

IBM Cognos 8 Controller Financial consolidation, reporting and analytics drive performance and compliance

IBM Cognos 8 Controller Financial consolidation, reporting and analytics drive performance and compliance Data Sheet IBM Cognos 8 Controller Financial consolidation, reporting and analytics drive performance and compliance Overview Highlights: Provides all financial and management consolidation capabilities

More information

Best practices for planning and budgeting. A white paper prepared by Prophix

Best practices for planning and budgeting. A white paper prepared by Prophix A white paper prepared by Prophix Executive summary The continual changes in the business climate constantly challenge companies to find more effective business practices. However, common budgeting limitations

More information

How to achieve more timely, accurate and transparent reporting through a smarter close*

How to achieve more timely, accurate and transparent reporting through a smarter close* Advisory Services How to achieve more timely, accurate and transparent reporting through a smarter close* Smart, efficient closing cycles create a foundation for evaluating performance and supporting business

More information

Assessing the Opportunities Presented by the Modern Enterprise Archive

Assessing the Opportunities Presented by the Modern Enterprise Archive Assessing the Opportunities Presented by the Modern Enterprise Archive Published: November 2015 Analysts: James Haight, Research Analyst; David Houlihan, Principal Analyst Report Number: A0193 Share This

More information

Data Quality for BASEL II

Data Quality for BASEL II Data Quality for BASEL II Meeting the demand for transparent, correct and repeatable data process controls Harte-Hanks Trillium Software www.trilliumsoftware.com Corporate Headquarters + 1 (978) 436-8900

More information

<Insert Picture Here> Financial Audit Scoping Tool Blueprint for Oracle GRC Applications

<Insert Picture Here> Financial Audit Scoping Tool Blueprint for Oracle GRC Applications Financial Audit Scoping Tool Blueprint for Oracle GRC Applications Implement Audit Standard 5 (AS5) scoping to streamline financial reporting compliance Agenda Financial Audit Scoping

More information

Continuous Auditing / Continuous Monitoring

Continuous Auditing / Continuous Monitoring Continuous Auditing / Continuous Monitoring Using Technology to Drive Value by Managing Risk and Improving Performance KPMG LLP Introduction As business risks of all kinds continue to proliferate, management

More information

Enterprise Performance Management for Midsize Companies and Workgroups. An Oracle White Paper Updated July 2008

Enterprise Performance Management for Midsize Companies and Workgroups. An Oracle White Paper Updated July 2008 Enterprise Performance Management for Midsize Companies and Workgroups An Oracle White Paper Updated July 2008 Enterprise Performance Management for Midsize Companies and Workgroups This white paper will

More information

DOUBLECHECK VENDOR MANAGEMENT

DOUBLECHECK VENDOR MANAGEMENT August 2014 DOUBLECHECK VENDOR MANAGEMENT Managing Risk & Compliance Across 3rd Party Relationships SOLUTION VIEWPOINT Governance, Risk Management & Compliance Insight 2014 GRC 20/20 Research, LLC. All

More information

BELL LABS ADVISORY SERVICE FOR SMART GRID NETWORK TRANSFORMATION STRATEGIC PLANNING FOR THE MODERNIZATION OF UTILITY COMMUNICATIONS NETWORKS

BELL LABS ADVISORY SERVICE FOR SMART GRID NETWORK TRANSFORMATION STRATEGIC PLANNING FOR THE MODERNIZATION OF UTILITY COMMUNICATIONS NETWORKS BELL LABS ADVISORY SERVICE FOR SMART GRID NETWORK TRANSFORMATION STRATEGIC PLANNING FOR THE MODERNIZATION OF UTILITY COMMUNICATIONS NETWORKS APPLICATION NOTE SUMMARY Bell Labs Advisory Service for Smart

More information

Outperform Financial Objectives and Enable Regulatory Compliance

Outperform Financial Objectives and Enable Regulatory Compliance SAP Brief Analytics s from SAP SAP s for Enterprise Performance Management Objectives Outperform Financial Objectives and Enable Regulatory Compliance Drive better decisions and streamline the close-to-disclose

More information

EMA Service Catalog Assessment Service

EMA Service Catalog Assessment Service MORE INFORMATION: To learn more about the EMA Service Catalog, please contact the EMA Business Development team at +1.303.543.9500 or enterpriseit@enterprisemanagement.com The IT Service Catalog Aligning

More information

Banking Application Modernization and Portfolio Management

Banking Application Modernization and Portfolio Management Banking Application Modernization and Portfolio Management Key Challenges and Success Factors As part of their long-term strategic plans, banks are seeking to capitalize on their legacy applications. Acquired

More information

Whitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff

Whitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff Whitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff The Challenge IT Executives are challenged with issues around data, compliancy, regulation and making confident decisions on their business

More information

KPMG s Financial Management Practice. kpmg.com

KPMG s Financial Management Practice. kpmg.com KPMG s Financial Management Practice kpmg.com 1 KPMG s Financial Management Practice KPMG s Financial Management (FM) practice, within Advisory Management Consulting, supports the growing agenda and increased

More information

Internal Audit Practice Guide

Internal Audit Practice Guide Internal Audit Practice Guide Continuous Auditing Office of the Comptroller General, Internal Audit Sector May 2010 Table of Contents Purpose...1 Background...1 Definitions...2 Continuous Auditing Professional

More information

CA HalvesThe Cost Of Testing IT Controls For Sarbanes-Oxley Compliance With Unified Processes.

CA HalvesThe Cost Of Testing IT Controls For Sarbanes-Oxley Compliance With Unified Processes. TECHNOLOGY BRIEF: REDUCING COST AND COMPLEXITY WITH GLOBAL GOVERNANCE CONTROLS CA HalvesThe Cost Of Testing IT Controls For Sarbanes-Oxley Compliance With Unified Processes. Table of Contents Executive

More information

Applying Risk Assessment to Your Audit Plan Break-out Session T3, Tuesday, October 26 2:00-2:50pm

Applying Risk Assessment to Your Audit Plan Break-out Session T3, Tuesday, October 26 2:00-2:50pm Applying Risk Assessment to Your Audit Plan Break-out Session T3, Tuesday, October 26 2:00-2:50pm Mike Brown Senior Vice President, Corporate Audit State Street Corporation Rich Reynolds Partner PricewaterhouseCoopers

More information

Data2Diamonds Turning Information into a Competitive Asset

Data2Diamonds Turning Information into a Competitive Asset WHITE PAPER Data2Diamonds Turning Information into a Competitive Asset In today s business world, information management (IM), business intelligence (BI) and have become critical to compete and thrive.

More information

December 2010 Advisory Services

December 2010 Advisory Services December 2010 Advisory Services Achieving more timely, accurate and transparent reporting Smart, efficient close-to-report cycles create a foundation for evaluating performance, supporting business decisions

More information

RSA ARCHER AUDIT MANAGEMENT

RSA ARCHER AUDIT MANAGEMENT RSA ARCHER AUDIT MANAGEMENT Solution Overview INRODUCTION AT A GLANCE Align audit plans with your organization s risk profile and business objectives Manage audit planning, prioritization, staffing, procedures

More information

IT Governance: framework and case study. 22 September 2010

IT Governance: framework and case study. 22 September 2010 IT Governance: framework and case study Presenter Yaowaluk Chadbunchachai Advisory Services Ernst & Young Corporate Services Limited Presentation topics ERM and IT governance IT governance framework IT

More information

Supporting Compliance Management with Technology

Supporting Compliance Management with Technology Supporting Management with Technology May 27, 2009 Agenda Observations and challenges from the marketplace Process Overview of Tools to Support Understanding Your Requirements Closing Thoughts Questions?

More information

Streamlined Planning and Consolidation for Finance Teams in Any Organization

Streamlined Planning and Consolidation for Finance Teams in Any Organization SAP Solution in Detail SAP Solutions for Enterprise Performance Management, Version for the Microsoft Platform Streamlined Planning and Consolidation for Finance Teams in Any Organization Table of Contents

More information

Best Practices for Planning and Budgeting. A white paper prepared by PROPHIX Software October 2006

Best Practices for Planning and Budgeting. A white paper prepared by PROPHIX Software October 2006 A white paper prepared by PROPHIX Software October 2006 Executive Summary The continual changes in the business climate constantly challenge companies to find more effective business practices. However,

More information

Big Data Industry Approaches to Operational Excellence

Big Data Industry Approaches to Operational Excellence Big Data Industry Approaches to Operational Excellence The Value of Big Data in the Power and Utilities Industry Overview Evolving systems and infrastructure to meet the needs of 21 st century demands

More information

Role of Analytics in Infrastructure Management

Role of Analytics in Infrastructure Management Role of Analytics in Infrastructure Management Contents Overview...3 Consolidation versus Rationalization...5 Charting a Course for Gaining an Understanding...6 Visibility into Your Storage Infrastructure...7

More information

White Paper. Trends in Hospital Professional Liability Operations. Macro Trends in Hospital Insurance Operations

White Paper. Trends in Hospital Professional Liability Operations. Macro Trends in Hospital Insurance Operations Trends in Hospital Professional Liability Operations White Paper Hospital systems today are facing an increasingly difficult operating environment. Revenues and reimbursements are decreasing, the capital

More information

Finding insight through data collection and linkage. Develop a better understanding of the consumer through consolidated and accurate data

Finding insight through data collection and linkage. Develop a better understanding of the consumer through consolidated and accurate data Finding insight through data collection and linkage Develop a better understanding of the consumer through consolidated and accurate data An Experian Data Quality White Paper August 2014 Introduction...1

More information

Application Control Effectiveness for SAP. December 2007

Application Control Effectiveness for SAP. December 2007 Application Control Effectiveness for SAP December 2007 Meeting Objectives Application Control Effectiveness Compliance at a glance Trends and challenges Technology issues Application Control Business

More information

Streamlined Planning and Consolidation for Finance Teams Running SAP Software

Streamlined Planning and Consolidation for Finance Teams Running SAP Software SAP Solution in Detail SAP Solutions for Enterprise Performance Management, Version for SAP NetWeaver Streamlined Planning and Consolidation for Finance Teams Running SAP Software 2 SAP Solution in Detail

More information

ORACLE HYPERION DATA RELATIONSHIP MANAGEMENT

ORACLE HYPERION DATA RELATIONSHIP MANAGEMENT Oracle Fusion editions of Oracle's Hyperion performance management products are currently available only on Microsoft Windows server platforms. The following is intended to outline our general product

More information

CONNECT SIMPLIFY PERFORM

CONNECT SIMPLIFY PERFORM REUTERS/Gene Blevins CONNECT SIMPLIFY PERFORM DELIVERING A UNIFIED PLATFORM APPROACH TO GOVERNANCE, RISK AND COMPLIANCE Statement of intent This paper provides insight into our GRC strategy and our future

More information

Risk Considerations for Internal Audit

Risk Considerations for Internal Audit Risk Considerations for Internal Audit Cecile Galvez, Deloitte & Touche LLP Enterprise Risk Services Director Traci Mizoguchi, Deloitte & Touche LLP Enterprise Risk Services Senior Manager February 2013

More information

Portfolio Company Performance Analysis and Reporting Automation

Portfolio Company Performance Analysis and Reporting Automation Portfolio Company Performance Analysis and Reporting Automation Providing transparent and accurate performance data to investors, partners and auditors is becoming increasingly important, if not critical

More information

Agile Technology Controls for Startups a Contradiction in Terms or a Real Opportunity?

Agile Technology Controls for Startups a Contradiction in Terms or a Real Opportunity? Agile Technology Controls for Startups a Contradiction in Terms or a Real Opportunity? Implementing Dynamic, Flexible and Continuously Optimized IT General Controls POWERFUL INSIGHTS Issue It s not a secret

More information

Jabil builds momentum for business analytics

Jabil builds momentum for business analytics Jabil builds momentum for business analytics Transforming financial analysis with help from IBM and AlignAlytics Overview Business challenge As a global electronics manufacturer and supply chain specialist,

More information

Audit Compliance and Internal Audit Analysis for Dynamics

Audit Compliance and Internal Audit Analysis for Dynamics Fastpath Audit Compliance and Internal Audit Analysis for Dynamics: Better Audit Results with a Reliable, Repeatable Process using Fastpath Fastpath 11107 Aurora Ave. Urbandale, IA 50322 (515) 276-1779

More information

IMPROVING AUDIT READINESS BY MANAGING YOUR DYNAMICS ERP

IMPROVING AUDIT READINESS BY MANAGING YOUR DYNAMICS ERP IMPROVING AUDIT READINESS BY MANAGING YOUR DYNAMICS ERP Building Sustainable Control Accountability Contents 1 EXECUTIVE SUMMARY... 1 2 MANAGING YOUR DYNAMICS ERP SYSTEM: AUDIT READINESS... 1 2.1 Common

More information

An Innovative Approach to Close Cycle Reduction

An Innovative Approach to Close Cycle Reduction An Innovative Approach to Close Cycle Reduction As filing deadlines are accelerated and regulatory requirements become more stringent, companies are discovering that their financial close process does

More information

CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT

CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT CORE INSIGHT ENTERPRISE: CSO USE CASES FOR ENTERPRISE SECURITY TESTING AND MEASUREMENT How advancements in automated security testing software empower organizations to continuously measure information

More information

Managing the Multi-Company Corporation

Managing the Multi-Company Corporation Managing the Multi-Company Corporation A White Paper for Today s Growing Businesses 1 Managing the Multi-Company Corporation Executive Summary Managing the books in any company is increasingly challenging

More information