Data analytics the changing use of data within Internal Audit

Similar documents
CIIA South West Analytics in Internal Audit - Tackling Fraud

Lloyd s Managing Agents FSA Solvency II Data Audit

Cyber security Building confidence in your digital future

CIC Audit Review: Experian Data Quality Enterprise Integrations. Guidance for maximising your investment in enterprise applications

Data Analytics in Internal Audit. Elizabeth Dunkerley

Website (Digital) & Mobile Optimisation. 10 April G-Cloud. service definitions

Using CAATs for Risk Reduction and Project Efficiencies

In-house vs. Outsourcing. Pank Koria, CEO, Project People

Assessing the strength of your security operating model

Pascal Clement Head of Travel Intelligence June 2013

Addressing Cyber Risk Building robust cyber governance

Beyond Data Governance Beyond Definitions and into the Business Reality

Improving data governance; how can health informatics practitioners help gain stakeholder support?

The Power of Risk, Compliance & Security Management in SAP S/4HANA

Case Study: ICICI BANK INTERNAL AUDIT DEPARTMENT PENTANA AUDIT WORK SYSTEM IMPLEMENTATION

Business Intelligence in the real-world

Data analytics Delivering intelligence in the moment

Supply Chain Analytics Market by Solution - Worldwide Forecast and Analysis to 2019

D-G4-L4-231 Data Governance Assessment Design and Implementation Deloitte LLP Service for G- Cloud IV

Internal Audit - progress report and plan

Cyber security Building confidence in your digital future

Meeting the challenge of software quality and maximizing return on investment Performance driven. Quality assured.

Customer requirements. Asset management planning Inspection and assessment Route asset planning Annual work plans Contracting strategy

BUYER S GUIDE. flexible service delivery. Top 5 reasons for adopting SAP Managed Services. Remixing SLA s! Managing the post merger IT landscape

@DanSSenter. Business Intelligence Centre of Excellence Manager. +44 (0) dansenter.co.

1. Understanding Big Data

Platform as a Service (PaaS) (Public, Private and Hybrid Cloud) Market - Global Industry Analysis, Size, Share, Growth, Trends and Forecast

BBC Technology Strategy

ACL WHITEPAPER. Automating Fraud Detection: The Essential Guide. John Verver, CA, CISA, CMC, Vice President, Product Strategy & Alliances

Governance, Risk and Compliance (GRC) software Business needs and market trends

Analytics Strategy Information Architecture Data Management Analytics Value and Governance Realization

JOB DESCRIPTION. Be responsible for ensuring the implementation of standard operating procedures (SOPs) and systems documentation.

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis

OPTIMUS SBR. Optimizing Results with Business Intelligence Governance CHOICE TOOLS. PRECISION AIM. BOLD ATTITUDE.

Risk Considerations for Internal Audit

Insight and Peer Analysis

redesigning the data landscape to deliver true business intelligence Your business technologists. Powering progress

BPM IN F&A THE DIGITAL CFO PARTNERING THE BUSINESS IN GROWTH. xchanging.com BUSINESS PROCESS MANAGEMENT 1

Big Data as a Service Market by Type of Solutions (Hadoop as a Service, Data as a Service, Data Analytics as a Service) - Global Forecast to 2020

GPS G-Cloud Lot 4: Oracle Business Intelligence Cloud Consultancy Service Definition

How To Turn Big Data Into An Insight

Keeping sight of your business Hot topics facing Financial Services organisations in IT Internal Audit

Extracting learning from operational risk loss events and root cause analysis. Caroline Coombe Chief Executive, ORIC International

An Introduction to Continuous Controls Monitoring

Westernacher Consulting

UBS presentation Key remediation actions

Ultracomms Cloud Solutions

The Data Lifecycle: Managing Data through Business. Ewan Willars Friday 27 February

Oracle Cloud: Enterprise Resource Planning

PPC Director Job Description.

Continuous Controls Monitoring. Virginia ISACA January Meeting 19 January 2010

Oracle Business Intelligence 11g Business Dashboard Management

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

UK Indirect Tax Conference 2015 Automating Indirect Tax Compliance. Jilly McCullagh 11 November 2015

Understanding and Evaluating the BI Platform by Cindi Howson

Complete Financial Crime and Compliance Management

MANAGING THE SOFTWARE PUBLISHER AUDIT PROCESS

Enhanced Portfolio Management in uncertain times

Leveraging Continuous Auditing / Continuous Monitoring in internal audit April 10, 2012

Brochure More information from

Reduce and manage operating costs and improve efficiency. Support better business decisions based on availability of real-time information

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Transforming risk management into a competitive advantage kpmg.com

Specialist Cloud Services Lot 4 Cloud Printing and Imaging Consultancy Services

This image cannot currently be displayed. D-G4-L4-241 Predictive analytics (software as service) Deloitte LLP Service for G-Cloud IV

Oracle Fusion Transactional Business Intelligence

FCA Thematic Review Delegated Authority: Outsourcing in the General Insurance Market

Digital Asset Management. Delivering greater value from your assets by using better asset information to improve investment decisions

CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response

4net Technologies. Managed Services and Cloud Solutions

White Paper Software Quality Management

IPL Service Definition - Data Governance

The Internal Audit Analytics Conundrum Finding your path through data

Managing contractors involved in high impact activities

CRM Analytics Market by Type - Global Forecast to 2019

Developing an effective internal audit plan profiling our experiences 10 December 2015

London Business Interruption Association Technology new risks and opportunities for the Insurance industry

BT Contact Centre Efficiency Quick Start Service

STL Microsoft SharePoint Consulting and Support Services

Infrastructure Asset Management Report

Evolution of Meter Data Management

Cyber Security Evolved

Capture Share Report Asia Pacific Business Intelligence and Analytics Solution Providers. Authored by Phil Hassey: - Founder capioit

Transforming Internal Audit: A Maturity Model from Data Analytics to Continuous Assurance

Transcription:

Data analytics the changing use of data within Internal Kiran Sudhakar Associate Director, Grant Thornton UK

Overview Areas of discussion Introduction Common questions asked Evolution of data analytics Data analytics and the changing landscape What does this mean for internal audit (IA) and risk Future data driven world How we meet the future data driven world Additional challenges Stages of data analytics maturity IA data analytics spectrum Using data analytics through your lifecycle Same value.increasing complexity Survey responses and questions Data visualisation and business intelligence Questions and answers There are three kinds of lies: lies, damned lies, and statistics Mark Twain Simple liars, damned liars, and experts Thomas Henry Huxley

Introduction Kiran Sudhakar Associate Director, Grant Thornton UK Worked for GT for c.8 years with over 15 years specialising in technology and business risk Focus is on enabling technology to enhance business process, risk and control objectives from an internal audit and risk perspective Main focus on the Insurance and Banking sectors especially with regards to data interrogation and analysis within the Financial Crime and trading perspective Performed various Solvency II data analysis, interrogation and remediation reviews across the Lloyds' of London market Conducted a number of reviews over the role of Internal within a Three Lines of Defence perspective and the use of data to support all lines and provide insight to management and Committees Previous roles includes working in risk assurance positions at Deloitte and PwC Historically setup a web 2.0 social networking business utilising bleeding edge technologies and approaches Data evangelist of using data visualisation to enable a more effective decision making process and prevent bad decisions from bad or sub-optimal data

How can I maximise the increased onus on three lines of defence and the increasing desire for internal audit insight? What do we do in order to meet the changing regulatory requirements and appeasing multiple regulatory regimes? How do we understand the changing current and emerging risks that we see? Continued dynamic audit plans can you quantify it or only 'feel' it? More audits and either less budget or the same. how? How do I make sure my audit and auditors are only focussing on the right things? How does data analytics assist this? How to meet the increasing requirement to quantify issues? Management has seen the phrase big data and wants me to apply it. How?

Evolution of data analytics

Data analytics the changing landscape From 2001 and the 3 V's to now Source: CapGemini Source: IBM

What does this mean for IA & Risk? Interesting use of infographics by SAP.

What does this mean for IA & Risk? More infographics by PwC Canada.

Future data driven world An on-demand data driven enterprise where data analytics is at the core of all services and functions (both customer and corporate) Corporate growth considerations will be driven by data not by 'feeling the market' or sample based market research Your data could be your only IP in a cloud computing world Serious mistakes could be made on misinterpretation of data Real/in-time analytics with open source systems may fragment organisations into an ecosystem of joint ventures More and more data due to the cost of data storage and analysis getting cheaper by the day

How we meet the future data driven world Challenge Internal response An on-demand data driven enterprise where data analytics is at core of all services and functions Corporate growth considerations will be data driven by 'feeling the market' or sample based market research Your data could be your only IP in a cloud computing world Serious mistakes could be made on interpretation of data Real time analytics may fragment organisations into an ecosystem of joint ventures More and more data due to the cost of data storage and analysis getting cheaper by the day The need for specialist technology resource to meet the data demands Robust processes around business strategies with a focus on validating large data sets Information security becomes critical, accounting treatment of IP important and data integrity Reputational risk approaches more time sensitive and more onus on testing of data strategies Legal risks of ownership and recourse and onus on MI across all business performance (internal/jv) Assessing risks of external/cloud storage and availability considerations of using bleeding edge IT

Additional challenges How do you weave in continuous monitoring and sustainable analytics into the Internal fabric? While you may have data evangelists at management level does that apply for the Committee Some people just want numbers on a table not visualisation Where do you start? So much data.. IT don't pass me the data to interrogate and analyse in a timely manner A slow start loses stakeholder enthusiasm Moving between descriptive, predictive to prescriptive analytics is too utopian Is prescriptive analytics the role of IA and risk? Do I recreate analytics or utilise someone else's business intelligence and analysis framework? Where do I find the staff to do this?

Stages of data analytics maturity Increasing adoption and perhaps use of IDEA/ACL. Some value but not integrated with other data and unpredictable results. A value add to the audit not expected. On request data sources in place and skillset starting to be embedded within the department. Equally reliance on continuous monitoring in 2 nd line evolving to form combined view. Analytics driving audit plans with changed audit and risk behaviours based on analytics results. Fully established three lines with horizon scanning in prescriptive analysis Ad-hoc Limited value Limited and valued Meshed Embed Forward looking Utilised when needed but limited to select individuals with limited use of tools perhaps Excel. No agreed approach or linkage to other data sets. Analytics policy and methodology and in the 'driving seat' at the testing stage to validate controls. Wider usage within Internal and value seen by stakeholders. Metric based monitoring allowing for the creation of more dynamic audit plans. Skills embedded within the team. Focus on root cause of issues by management not incidents.

IA data analytics spectrum Current state Current Internal process Risk assessment plan Fieldwork & testing report Issue tracking Stakeholder management Validation and replanning process Stakeholder discussion KPI & KRI Combined assurance results Establishing a risk based dynamic plan that flex's to your needs Dynamic audit plans rather than quarterly to annual refreshes Report Test Future state Short more concise audits based on continuous monitoring and auditing Data validation planning and insight driven testing Visually insightful audit reports and packs reports and audit committee packs with insight Continuous monitoring by 2 nd line and continuous auditing by 3 rd line

Using data analytics through your lifecycle Risk assessment Collating information and 'slicing and dicing' blended data you are able to identify any trends or patterns that may not have been previously possible If the data sets continue to be the same you can reuse this information continually Planning & Testing Perform complex analytical review may identify anomalies that require clarification against wide time series Higher sampling are achieved with insighful blended data sets e.g. high value transactions linked to segregation of payment thresholds Reporting By combining different datasets with high sampling you are able to quantify issues quicker and better Representing information visually can be more insightful such as differences in risk profile or control effectiveness by countries

Same value increasing complexity The value of data analytics is not reserved for large audit and risk functions. Every type of function can use a mix of tactical or strategic functionality to achieve their goals Size of audit and risk function Excel/ Tableau Tableau/Qlikview SAS/ Oracle/ IBM/ Microsoft Tactical solution Strategic solution

Survey responses and questions What are smaller companies doing in the data analytics space Digital marketing web analytics How to best use visualisation techniques to deliver insightful messages to all stakeholders Lots.some start tactically and then expand and some look for smaller data analysis solutions but with lots of data The godfather of the invention of analytics. Google analytics, Bing, Yahoo and digital ad firms are creating clear open architectures to connect data together I will show you the use of Tableau that I do for various clients and how this can be incorporated The anonymous survey responses will be provided to the IIA after the discussion for sharing with all attendees

Data visualisation and business intelligence There are a number of players in the market that can help. This can be supported by implementation consultants or some of the implementations can be done with minimal training. The cost of implementation varies between different types of suppliers with various different features. Analysis on most appropriate supplier should be performed. Source: Gartner Group Business Intelligence and Analytics: http://www.gartner.com/technology/reprints.do?id=1-2aclp1p&ct=150220&st=sb

How can I maximise the increased onus on three lines of defence and the increasing desire for internal audit insight? What do we do in order to meet the changing regulatory requirements and appeasing multiple regulatory regimes? How do we understand the changing current and emerging risks that we see? Continued dynamic audit plans can you quantify it or only 'feel' it? More audits and either less budget or the same. how? How do I make sure my audit and auditors are only focussing on the right things? How does data analytics assist this? How to meet the increasing requirement to quantify issues? Management has seen the phrase big data and wants me to apply it. How?

Questions? kiran.sudhakar@uk.gt.com stephen.kelly@gtas.bm

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information