ACL Audit Management Software Helps Demonstrate Audit Value to Leadership Team

Similar documents
DEVELOPING AN EFFECTIVE INTERNAL AUDIT TECHNOLOGY STRATEGY

DEFINING OUR ROLE IN A CHANGING LANDSCAPE

THE 2013 INTERNAL AUDIT COMPENSATION STUDY EXECUTIVE SUMMARY SEPTEMBER 2013

ENHANCING VALUE THROUGH COLLABORATION: A CALL TO ACTION GLOBAL REPORT JULY 2014

Connecting the Dots: Building Internal Audit Value

MAKING INTERNAL AUDIT MORE CREDIBLE AND RELEVANT AUGUST 2011

ACL WHITEPAPER. Automating Fraud Detection: The Essential Guide. John Verver, CA, CISA, CMC, Vice President, Product Strategy & Alliances

Standards for the Professional Practice of Internal Auditing

ORACLE ENTERPRISE GOVERNANCE, RISK, AND COMPLIANCE MANAGER FUSION EDITION

The Institute of Internal Auditors 247 Maitland Avenue Altamonte Springs, FL USA

Integrating CA and CM into Audit, Risk and Compliance processes

ACCELUS COMPLIANCE MANAGER FOR FINANCIAL SERVICES

Practice Guide COORDINATING RISK MANAGEMENT AND ASSURANCE

building a business case for governance, risk and compliance

ORACLE S PRIMAVERA FEATURES PORTFOLIO MANAGEMENT. Delivers value through a strategy-first approach to selecting the optimum set of investments

Transform Audit Practices and Move Beyond Assurance

RSA ARCHER OPERATIONAL RISK MANAGEMENT

Leveraging Network and Vulnerability metrics Using RedSeal

IIA Position Paper: THE THREE LINES OF DEFENSE IN EFFECTIVE RISK MANAGEMENT AND CONTROL

Continuous Monitoring and Auditing: What is the difference? By John Verver, ACL Services Ltd.

Internal Audit Practice Guide

Internal Auditing Guidelines

ORACLE PLANNING AND BUDGETING CLOUD SERVICE

Outperform Financial Objectives and Enable Regulatory Compliance

Compliance Management, made easy

Survey of more than 1,500 Auditors Concludes that Audit Professionals are Not Maximizing Use of Available Audit Technology

SAP Audit Management A Preview

How To Manage Risk With Sas

Internal Auditing: Assurance, Insight, and Objectivity

Moving Forward with IT Governance and COBIT

PRIMAVERA PORTFOLIO MANAGEMENT

Patient Relationship Management

RSA ARCHER AUDIT MANAGEMENT

Oracle Planning and Budgeting Cloud Service

An Effective Approach to Transition from Risk Assessment to Enterprise Risk Management

Fly High With Human Capital Management Software

Leveraging a Maturity Model to Achieve Proactive Compliance

Continuous Auditing: Implications for Assurance, Monitoring, and Risk Assessment

Overcoming Obstacles to Retail Supply Chain Efficiency and Vendor Compliance

Mastering Risk with Data-Driven GRC

How To Write An Impactful Audit Report

Measure Your Data and Achieve Information Governance Excellence

Begin Your BI Journey

Management Update: The Cornerstones of Business Intelligence Excellence

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

Reducing Cost and Risk Through Software Asset Management

Analytics With Hadoop. SAS and Cloudera Starter Services: Visual Analytics and Visual Statistics

Enhancing Audit Technology Effectiveness Key Insights from TeamMate s 2014 Global Technology Survey

REALIZING MAXIMUM BENEFITS FROM GOVERNANCE, RISKS AND COMPLIANCE (GRC) TOOLS

Oracle Fusion Financials Cloud Service

OVERVIEW AVISO INSIGHTS

TAKE COST CONTROL AND COMPLIANCE TO A NEW LEVEL. with ACL Travel & Entertainment Expense Fraud and Cost Control Solution

STATE & LOCAL GOVERNMENT DIGITAL ENGAGEMENT TRENDS REPORT: 2015

Integrating Working Papers with Audit Management

Government Business Intelligence (BI): Solving Your Top 5 Reporting Challenges

SAP Overview Brochure. Confidence Powers Success. SAP Solutions for Governance, Risk, and Compliance.

Addressing IT governance, risk and compliance (GRC) to meet regulatory requirements and reduce operational risk in financial services organizations

INTERNATIONAL STANDARDS FOR THE PROFESSIONAL PRACTICE OF INTERNAL AUDITING (STANDARDS)

Top 10 Most Popular Reports in Enterprise Reporter

USING SPREADSHEETS TO MANAGE GOVERNANCE, RISK AND COMPLIANCE:

FIVE PRACTICAL STEPS

Infor10 Corporate Performance Management (PM10)

Cross-Domain Service Management vs. Traditional IT Service Management for Service Providers

Resolving the Top Three Patch Management Challenges

The Future of Investment Compliance for Asset Owners: The Next Great Transformation

Introduction. By Santhosh Patil, Infogix Inc.

Preserving and Growing Value Through Enterprise Risk Management

Enhance Performance Management Reporting

Real Estate Business Intelligence Steps to Success

Physician Enterprise The Importance of Charge Capture, Business Intelligence and Being a Data Driven Organization

Business Process Management & Workflow Solutions

Setting smar ter sales per formance management goals

Privacy by Design Setting a new standard for privacy certification

The Power of Risk, Compliance & Security Management in SAP S/4HANA

AuditNet 2012 Survey Report on Data Analysis Audit Software

Building a Data Quality Scorecard for Operational Data Governance

EMC CONSULTING SECURITY STANDARDS AND COMPLIANCE SERVICES

Product Lifecycle Management in the Medical Device Industry. An Oracle White Paper Updated January 2008

What s on Your Sustainability Dashboard?

RISK BASED AUDITING: A VALUE ADD PROPOSITION. Participant Guide

Big Data Industry Approaches to Operational Excellence

IBM Executive Point of View: Transform your business with IBM Cloud Applications

Total Workforce Management 2013: The State of Time and Attendance

Helping Midsize Businesses Grow Through HR Technology

Automate Complex Pay Rules While Streamlining Time and Attendance Management

Why Nonprofits Need Nonprofit Accounting Software

Network Enabled Cloud

Application Test Management and Quality Assurance

A Look at the Varied Responsibilities of Internal Auditors. internal auditing: All in a days work

Implement security solutions that help protect your IT systems and facilitate your On Demand Business initiatives.

Simply Sophisticated. Information Security and Compliance

Analytics in the Finance Organization

Transnet Engineering: Driving Lean Six Sigma with SAP Portfolio and Project Management

A Guide for Implementing Best-in-Class Time and Attendance Strategies

Transcription:

ACL Audit Management Software Helps Demonstrate Audit Value to Leadership Team New regulations, increasingly stringent compliance requirements, and increased stakeholder expectations are taking a heavy toll on companies across a wide array of industries, particularly finance and healthcare. In order to help ensure compliance and avoid fines that could significantly impact the bottom line, Self Regional Healthcare (SRH), an acute care hospital in Greenwood, South Carolina, has worked hard to stay ahead of the curve. Deadlines to implement new systems and processes under the Patient Protection and Affordable Care Act loom large; Anna Cuson, Senior Internal Auditor, and the internal audit team have been facing the challenges head on. Strategic Risk-Based Auditing Risk management, regulatory compliance, and transparency are always critical areas for auditors and business executives, but during times of regulatory change these areas must be closely and continuously monitored. Otherwise, minor issues can quickly grow into massive problems. Self Regional s internal audit department proactively took steps to provide management with straightforward answers about which risks are top priority based on likelihood and impact. It was clear early on, however, that the department would be required to do more without additional staff or resources. Data-Driven Audit Management As part of their risk-based audit strategy, Cuson planned a comprehensive risk assessment at all levels of the organization including function level, the C-Suite, and the Board of Trustees (Board). Management was also looking for ways to automate the process. Cuson needed to roll out the risk assessment, collect and analyze results, and present the audit plan to the Board within six weeks.

To ensure that nothing fell through the cracks, the internal audit team considered risks at all levels. In this case it was crucial to view the full population of risks related to key activities including patients, records, common practices, management concerns, staffing levels, and other risks present within a healthcare entity. Given the tight deadline to turn around a clear and concise report for stakeholders, it was necessary to implement a flexible solution that would allow Internal Audit to store historical data and accommodate adjustments to the audit plan based on SRH s needs. To effectively tackle the multitude of challenges, SRH s Internal Audit deployed ACL GRC, an audit management software solution that manages the process of assessing risk, planning and organizing projects, analyzing data, communicating issues, and visually sharing findings. Figure 1. Sample violations report, illustrating which department had the most violations. Seamless Audit Process & Executive Reporting Historically, the audit process involved disparate solutions, including data analytics tools, Microsoft Excel, Word, and PowerPoint. In addition, audit reports had to be separated into different versions to address the needs of specific stakeholders: one for the business owner, another for the audit committee, and a high-level report for the Board. Producing multiple levels of reporting and managing edits across all versions requires a significant time commitment. Cuson and her team needed every hour spent on this task to be focused on value-add activities. With ACL GRC s ability to collect and visualize findings, internal audit is able to focus on presenting data that explains issues rather than spending time on redundant clerical tasks that add no value. For

example, instead of adjusting the report for each stakeholder by overhauling entire spreadsheets and then transferring information to the preferred version of document, the auditors were able to simply adjust a setting in the ACL GRC system and immediately deliver the desired information. The entire audit history was saved automatically in one place and everything could be accessed by any professional across different departments through the user-friendly interface of the cloud-based platform. Figure 2. Example issues tracking; illuminates existing control gaps related to organizational risks and quantifies using data. Reducing Time Spent on Administrative Tasks by 75% Not only did we meet our deadline, but time spent on administrative tasks was reduced by 75 percent, allowing us to expand our scope of audits and allocate more time toward one-on-one time with management, said Cuson. The visual, easy-to-decipher reports have been a hit throughout the organization. Executives and Board members can identify specific risks and the impact each risk would have, allowing them to prioritize issues quickly and to develop a remediation plan for potential damage.

Figure 3. Sample heatmap, illustrating a summary of all risks and their performance across an organization. ACL GRC was instrumental in meeting our deadline and delivering comprehensive reporting that exceeded the initial goal, said Cuson. While the software took care of the time consuming administrative tasks, my team was able to focus on audits for the risk assessment and delivering the highest quality information to executives and the board of trustees valuable insight into risks and opportunities for which our internal audit team is now sought after. >> Related Resource: Watch a video Q&A on ACL GRC with Anna Cuson

ABOUT THE AUDIT EXECUTIVE CENTER The IIA s Audit Executive Center is the essential resource to empower CAEs to be more successful. The Center s suite of information, products, and services enables CAEs to respond to the unique challenges and emerging risks of the profession. For more information on the Center, visit www.theiia.org/cae. DISCLAIMER Copyright 2015 by The Institute of Internal Auditors (IIA) located at 247 Maitland Ave., Altamonte Springs, Fla., 32701, U.S.A. All rights reserved. Published in the United States of America. Except for the purposes intended by this publication, readers of this document may not reproduce, redistribute, display, rent, lend, resell, commercially exploit, or adapt the statistical and other data contained herein without the permission of The IIA. ABOUT THIS DOCUMENT The information included in this document is general in nature and is not intended to address any particular individual, internal audit activity, or organization. The objective of this document is to share information and other internal audit practices, trends, and issues. However, no individual, internal audit function, or organization should act on the information provided in this document without appropriate consultation or examination.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information