SOLUTION BRIEF RSA ARCHER AUDIT MANAGEMENT

Similar documents
RSA ARCHER MATURITY MODEL: AUDIT MANAGEMENT

RSA ARCHER IT & SECURITY RISK MANAGEMENT

SOLUTION BRIEF HELPING PREPARE FOR RISK ASSESSMENT & COMPLIANCE CHALLENGES FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

SOLUTION BRIEF EU GENERAL DATA PROTECTION REGULATION COMPLIANCE WITH RSA ARCHER

RSA Solution for egrc. A holistic strategy for managing risk and compliance across functional domains and lines of business.

COMPLIANCE TRUMPS RISK

SOLUTION BRIEF RSA ARCHER PUBLIC SECTOR SOLUTIONS

SOLUTION BRIEF RSA ARCHER REGULATORY & CORPORATE COMPLIANCE MANAGEMENT

RSA ARCHER INSPIRE EVERYONE TO OWN RISK

RSA. Archer Risk Intelligence Index

ORGANIZED FOR BUSINESS: BUILDING A CONTEMPORARY IT OPERATING MODEL

WHITE PAPER THE 6 DIMENSIONS (& OBSTACLES) OF RISK MANAGEMENT

SOLUTION BRIEF HELPING ADDRESS GDPR CHALLENGES WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

RSA. Sustaining Trust in the Digital World. Gintaras Pelenis

Gain strategic insight into business services to help optimize IT.

On the road(map) again. Balancing the emerging regulatory requirements in the Middle East public sector

IBM Service Management solutions To support your IT objectives. Create and manage value throughout the entire service management life cycle.

How to Plan for a Successful Deployment

ERM vs. Internal Audit

BPS Resolver Internal Audit

WHITE PAPER THE RSA ARCHER BUSINESS RISK MANAGEMENT REFERENCE ARCHITECTURE

invest in leveraging mobility, not in managing it Solution Brief Mobility Lifecycle Management

Partnering for Change: Addressing Revenue Cycle with Interim Management

DATA SHEET RSA IDENTITY GOVERNANCE & LIFECYCLE SERVICES ACCELERATE TIME-TO-VALUE WITH PROFESSIONAL SERVICES FROM RSA IDENTITY ASSURANCE PRACTICE

Modernizing compliance: Moving from value protection to value creation

Internal controls over financial reporting

How Can I Better Manage My Software Assets And Mitigate The Risk Of Compliance Audits?

Risk Management Culture: The Linkage Between Ethics & Compliance and ERM September 14, 2009

Why You Should Take a Holistic Approach

IBM Service Management Buyer s guide: purchasing criteria. Choose a service management solution that integrates business and IT innovation.

A 6-step approach for ITSM and ITOM to work better together Steps 1 and 2

Third Party Risk Management ( TPRM ) Transformation

Realize and Sustain the Value of Your Micro Focus Implementation

MATURITY MODEL SNAPSHOT REGULATORY & CORPORATE COMPLIANCE MANAGEMENT

Internal controls over financial reporting

Improve GRC Maturity through Combined Assurance

ENTERPRISE RISK MANAGEMENT USING DATA ANALYTICS. Dan Julevich and Chris Dawes April 17, 2015

ISO/IEC Service Management. Your implementation guide

Adopt New SAP Innovations Early And Win

Seven Key Success Factors for Identity Governance

Fraud Risk Management

SOLUTION BRIEF RSA IDENTITY GOVERNANCE & LIFECYCLE SOLUTION OVERVIEW ACT WITH INSIGHT TO DRIVE INFORMED DECISIONS TO MITIGATE IDENTITY RISK

Practices in Enterprise Risk Management

Audit by Design: Moving Beyond Continuous Auditing - a Vision for Future Models

Quality Assurance in Internal Audit. Standard on Internal Audit (SIA) 7

An Oracle White Paper May A Strategy for Governing IT Projects, Programs and Portfolios Throughout the Enterprise

Creating an agile control environment

An Overview of the AWS Cloud Adoption Framework

DevOps The Basics. Contents

STATE OF INTERNAL AUDIT 2013

Practice Guide. Developing the Internal Audit Strategic Plan

IT GOVERNANCE. WITH ROBERT GOODSELL, MANAGING DIRECTOR JOE BRUTSCHE, DIRECTOR PwC. April 4, 2013

From Dictionary.com. Risk: Exposure to the chance of injury or loss; a hazard or dangerous chance

IT Business Management Driving Cost Transparency, Value and IT Transformation

Making intelligent decisions about identities and their access

Driving healthy growth

Simplify and Secure: Managing User Identities Throughout their Lifecycles

RouteONE Helping enhance the real value from SAP GRC Access Control

Risk Advisory Services Developing your organisation s governance for competitive advantage

Internal Auditors and Enterprise Risk Management (ERM) ICPAK Presentation


Reinforcing the Three Lines of Defense SAP software for risk management, process control, and audit management

Technology Assurance: A Challenge for RAFM in an Evolving Market. Jerusa Verasamy

BRINGING DATA TO LIFE Increase your organization s digital IQ and optimize performance through data analytics

IBM Tivoli Service Desk

Solution White Paper Drive Radical Business Value with a High-Speed IT Organization

KPMG s financial management practice

The Optanix Platform. Service Predictability. Delivered. Optanix Platform Overview. Overview. 95% 91% proactive incidents first-time fix rate

Point of View. Capability Optimization & Doing more with Sourcing and Procurement BPO : Strategic end to end Category Management.

Managing IT risk in a disruptive world

RESEARCH PAPER OCTOBER DevOps: The Worst-Kept Secret to Winning in the Application Economy

4/26. Analytics Strategy

Adopting automation in internal audit Using robotic process automation and cognitive intelligence to fortify the third line of defense

Building Integrated Quality Processes in Aerospace and Defense

Why PMOs Fail: Is Your Organization at Risk?

Roadmap to Success. Leveraging RPA to Drive Growth and Explore New Opportunities for Efficiency

Business Framework Change How You Manage Safety

Solution White Paper Drive Radical Business Value with a High-Speed IT Organization

Workstation Procurement Innovation

CORROSION MANAGEMENT MATURITY MODEL

Enterprise Compliance Management for Credit Unions

CIO s View of Application Performance Management

Business Process Services: A Value-Based Approach to Process Improvement and Delivery

PMO QUICK TIP GUIDE FOR ESTABLISHING, SUSTAINING, AND ADVANCING YOUR PMO. Quick Tip Guide compliments of PMO Symposium San Diego, California, USA

The 5 Building Blocks of a CAPA Solution. Managing Corrective Actions/Preventive Actions for the Consumer Products Industry

pwc.co.uk Enterprise Risk Management

How Performance Management Maturity Drives Business Agility and Innovation

Large Federal Agency Leverages IV&V to Achieve Quality Delivery for Critical Modernization Initiative

Modernizing Financial Management for Faster and More-Effective Decision Making

Open Banking, PSD2 and the New API Economy

can I consolidate vendors, align performance with company objectives and build trusted relationships?

OpenPages Internal Audit Management: Internal audit and its evolving role in GRC

Going beyond risk and compliance: Legal functions embracing digital

WHITE PAPER KEY PRINCIPLES OF INTEGRATED BUSINESS RESILIENCY

Using data analytics and continuous auditing for effective risk management

Enterprise-Wide Security Transformation to Meet Escalating Regulatory Requirements

Maximizing value from your lines of defense

Transcription:

RSA ARCHER AUDIT MANAGEMENT

INTRODUCTION Internal audit departments are struggling to deliver strategic leadership, coordinated assurance and other services their stakeholders need, but this task isn t easy. According to a 2014 PwC study, more than half of senior management does not believe internal audit adds significant value to their organization. Your organization faces a rapidly changing regulatory and business risk landscape, and your internal audit strategy may not be positioned to adapt to these changes. In addition, while internal audit has typically been a compliance function, the expectation now is that dynamic risk planning should be incorporated into approaches and results. We ve seen internal audit s role in enterprises continue to change in reaction to events, risks, or regulations affecting the company. More time needs to be invested to shift internal audit from reactionary to aligned with the enterprise s strategic needs. John Tantillo, Partner 2014 State of the Internal Audit Profession Study, PwC March 2014 2 Existing approaches, tools and expertise are historically positioned around point-in-time, static audit planning. Decentralized documentation captured in multiple tools and systems make it difficult to integrate, and there is often static reporting and limited coordination of objectives among risk, compliance, and audit groups. Lack of visibility into findings generated by other business functions makes tracking the status of all findings and remediation efforts a difficult and time-consuming challenge for internal audit. In turn, this makes creating the necessary reports for the Audit Committee and senior management a resource and time-consuming process. And unfortunately, these reports are often out-of-date as soon as they are completed. Fewer resources and more responsibility for your internal audit team require changes to the current audit approach. As your team strives to change the perception of internal audit s value within your organization, you must take a coordinated, risk-based approach to audit to implement this transformation. TRANSFORM AUDIT WITH A RISK-BASED APPROACH Your current audit approach is very compliance-focused and more reactive than proactive. Unfortunately, this means your team cannot focus on helping the business evaluate new risks and opportunities because you are spending much of your time evaluating past performance of controls. By incorporating a risk-based approach and collaborating with risk and compliance functions, you can integrate the appropriate view of risk into your evaluation of the most critical areas of the business and organizational controls. This also allows you to focus on strategic business initiatives and highlight your audit team s value to the organization. THE RSA ARCHER AUDIT MANAGEMENT ADVANTAGE RSA Archer Audit Management puts you in control of the complete audit lifecycle, enabling improved governance of audit-related activities, while also providing integration with your risk and control functions. With RSA Archer, you can transform the efficiency of your audit department, complete riskscoped audits more quickly, and partner with the business to achieve your organization s goals.

AUTOMATE AUDIT PROCESSES Managing audit plans and workpapers in static documents or standalone systems that do not interact with your business, risk and compliance teams certainly limits your ability to collaborate. Collecting and coordinating audit findings and results in a meaningful and timely manner across these different groups is a manual, painful process that results in static, point-in-time reports. RSA Archer Audit Management enables you to consolidate your entire audit process (audit entities, audit planning, engagements, findings) into one system. You can manage the audit process and team and quickly review your audit staffing, budgets, and resource allocation. Real-time dashboards help identify gaps and ensure you are achieving your audit plan. RSA Archer also allows you to streamline the findings management process, focus on the most critical issues, and report what is most important to the management team and audit committee. This technology becomes even more powerful when other risk and compliance groups also use Archer, improving your ability to communicate the status of collaborative activities and leverage their work. More than 80% of survey respondents said internal audit s role should extend beyond the adequacy of internal reporting and controls, to include other key risks facing the business. 2014 Global Audit Committee Survey. KPMG September 2013 DYNAMICALLY ADJUST RISK-BASED AUDIT PLANS Your time may often be focused on repetitive, compliance-driven audit testing. As a result, you are not positioned to implement a more risk-based audit approach that is increasingly expected by regulators, governing bodies, and executives. RSA Archer Audit Management offers out-of-the-box best practices aligned with the latest Institute of Internal Audit (IIA) standards and Committee of Sponsoring Organizations (COSO) framework. These best practices enable you to partner with your risk and compliance counterparts to share operational risk and control data, and then align audit plans and prioritize efforts based on the organization s business priorities and latest assessment of operational risk. Integrating these risk and control systems drives alignment between audit and other teams regarding prioritization and execution of risk and compliance activities. In addition, you can more clearly understand the current state of the business, which leads to better audit planning and scoping. RALLY RISK & COMPLIANCE TEAM TO TACKLE PRESSING ISSUES Audit teams do not always leverage information, resources and results from other risk and compliance teams. As a result, you lack visibility into key risks and underperforming controls.. 3 With RSA Archer Audit Management, all issues raised by internal audit, other risk and compliance teams, or management can be housed and cataloged within one central system to provide business workflow and a holistic view of their significance and remediation status for all business teams. Internal

audit can also choose to leverage control testing and risk assessment and mitigation by other teams to better evaluate the current status, quality, and effectiveness of your organization s risks and controls, while summarizing and prioritizing critical results to the audit committee and your risk and compliance counterparts. This establishes greater transparency and a higher level of trust throughout the organization. RSA ARCHER AUDIT MANAGEMENT Many times, the audit team cannot focus on helping the business evaluate new risks and opportunities because they are spending time evaluating past performance of controls. Using RSA Archer Audit Management, you can incorporate more of a risk-based approach and collaborate with risk and compliance business partners. Plus, your organization can integrate the appropriate view of risk into evaluation of the most critical areas and controls. This also allows you to focus on strategic business initiatives that show the audit team s value to the organization. RSA Archer Audit Management provides several use cases to meet your specific business needs and progress in the audit maturity journey, including the following options. ISSUES MANAGEMENT RSA Archer Issues Management lays the foundation for your GRC program to manage issues generated by audit, risk and compliance teams. The use case includes the Business Hierarchy to establish the corporate structure and provides better accountability for risk and compliance issues, and workflow to manage findings, remediation plans and exceptions to address risks and associated resolutions. RSA Archer Issues Management allows you to create a consolidated view into all issues. With an organized, managed process to escalate issues, you get detailed, rolled-up visibility into risks and efforts to close and address risks. Workflow for proper sign-off and approval for issues, remediation plans, and exceptions ensures identified issues are managed and mitigated. Your organization will see quicker reaction to emerging risks, creating a more proactive and resilient environment while reducing costs. AUDIT ENGAGEMENTS & WORKPAPERS RSA Archer Audit Engagements & Workpapers enables you to define your audit entities and universe, perform audit engagements, maintain workpaper documentation, and report on audit results in a consistent and timely manner. RSA Archer Audit Engagements & Workpapers helps you transform the efficiency of your audit department, complete better-scoped audits more quickly, and decrease external audit fees. 4

The Audit Management and Compliance Management solutions support the organization s auditing efforts and compliance responsibilities by providing an automated, centralized platform for accessing information about previous assessments and managing those which are ongoing or due in the future. As well as supporting enterprise-wide compliance initiatives, these products also reinforce greater accountability and better working practices within individual business units through assessments focused on individual managers and delivery teams. HCL Technologies AUDIT PLANNING & QUALITY RSA Archer Audit Planning & Quality enables internal audit teams to risk assess their audit entities and make audit plans for engagements in the coming year. Since RSA Archer Audit Planning & Quality integrates rich risk management and control information, internal audit can ensure their audit objectives are aligned with management, enterprise risk management, and other related groups. In addition, the use case allows audit managers to manage the audit team and staff audit engagements with the right personnel. RSA Archer Audit Planning & Quality also offers quality assessment of your audit function for improved governance of audit-related activities. CONCLUSION With RSA Archer, you can truly align risk to the business to support your executive team s goals of growth and profit improvement, and raise the risk conversation to that of performance. From early evolution to program maturity, no one gives you the tools to effectively leverage your audit function better than RSA Archer. 5 RSA and the RSA logo, are registered trademarks or trademarks of Dell Technologies in the United States and other countries. Copyright 2018 Dell Technologies. All rights reserved. Published in the USA. 01/18 Solution Brief H13400-2. RSA believes the information in this document is accurate as of its publication date. The information is subject to change without notice.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback