Data Analytics Seminar. Reykjavik May 13 th

Transcription

1 Data Analytics Seminar Reykjavik May 13 th 1

2 Introduction Carsten Christiansen Solution Sales Professional Bizcon Nordic ACL Channel partner 2

3 Without data, you are just another person with an opinion William Edwards Deming 3

4 Why data analysis We have better things to do than manually looking at data Automation saves time so we can create value for the business Greater assurance from 100% coverage We get insight into our data 4

5 Focus areas this year (2014) 2014 Internal Audit Capabilities and Needs Survey - Protivity 5

6 EMERGING DEMAND FOR DATA ANALYTICS TECHNOLOGY (2012) Most Frequently Used Data Tools Data mining, despite its widespread use, is a relatively new practice for many organizations. Future Use of Technology Key ACL GRC Capabilities Source: Enhancing Audit Technology Effectiveness, Key Insights from TeamMate s 2012 Global Technology Survey

7 KEY DRIVERS FOR DATA ANALYTICS BY INTERNAL AUDIT Factors influencing the use of analytics in Internal audit functions: Explosive growth of data (both structured and unstructured). Hindsight Insight Foresight Increasing expectation of key stakeholders regarding the nature and value of information that internal audit process produces. Limitations of inherent and traditional techniques. Analytics provides answers to decision makers from three perspectives: historical, current, and future i.e. hindsight, insights, and foresight. - Adding insight to audit - Transforming Internal Audit through data analytics Deloitte Analytics What happened? How many, how often, where? Where is the problem? Why is this happening? What actions are needed? What if these trends continue? What will happen next? What s the best that can happen?

8 Audit Contribution The Audit Analytic Capability Model ad hoc repetitive continuous Foresight Level 5 Monitoring Level 4 Automated Insight Level 3 Managed Hindsight Level 1 Basic Level 2 Applied Sophistication

9 WHY CONTINUOUS MONITORING? ECM Focus Security Automation Collaboration Risk-Based Continuous Monitoring Characteristics Streamline and de-risk data Imports Secure access to enterprise source data Integration with existing enterprise security Discrete collaboration with other functional groups Scheduling, automation of data analytics Immediate identification of anomalies Prevention of transactions Retain the ability to focus on non-repetitive tasks Consistency develop best-practice, risk-based methodology Present a harmonized set of results one version of the truth Reusability - e.g. for rotational audit models Rules-based routing & remediation Continual validation and prioritization of Enterprise Risk Distribution of results to any department or person Regulatory Compliance Data visualization and integration of results to risk universe

10 Creating Value 2014 Deloitte 10

11 Creating Value 2014 Deloitte 11

12 How to get started.? What do we want to accomplish Is data available, and how Ad hoc or continuous monitoring Involve the IT department as early as possible Have an ambassador for the data analysis and find out who just needs the results Find a solution that match your needs and get inspiration from peers 12

13 Becoming successful Tone at the top Work together with the business on providing analyses Make data analysis an integrated part of the IA lifecycles from Risk Management reporting and monitoring 13

14 Why ACL? CLICK TO EDIT MASTER TITLE STYLE Click ACL to edit can Master provide text a styles consolidated solution with Data Driven GRC Click to edit Master text styles. Lots of paragraph copy goes here, and here and here. ACL Second is purpose level built for data analytics with Third level 26 years proven experience. Fourth level» Fifth level ACL can analyze 100% of the available data no matter how much. ACL is read only ensuring data integrity and security. ACL can read almost all data types no matter the source. ACL has a log file that records every step. ACL does not require Users to be programmers.

15 DATA INTEGRATION & CONTINUOUS MONITORING AX Core Client & ACL Analytics creator role all in analytics AX Intermediate Web Client - consumer role - Run analytics, create visualizations AX Light exception manager role - remediate exceptions 15

16 Data-Driven GRC Putting It All Together

17 RISK BASED APPROACH TO ANALYTICS Fraud 5 were found to have been paid to employee bank accounts Anti-Fraud Review (Location A) 30 payments were found to involve conflicts of interest over $10k Transactions by employees over threshold limits Identify all employee transactions over $10k Employees can authorize payments over $10k All employees are limited by a $10k threshold 17

18 No need to trust me! Trust our references Promens Vestas Danfoss Novozymes 18

19 Contact details Carsten Christiansen