Advanced Monitoring and Testing to Enable Performance. SCCE Boston Regional Conference

Similar documents
KPMG International. kpmg.com

KPMG International. kpmg.com

kpmg.com/au/dynamicaudit

HCCA Compliance Institute : Intersection of Internal Audit & Compliance. April 17, Agenda. Where are we today?

Embracing Opportunity Demands an Internal Audit Transformation

Intelligent automation and internal audit

Powered by technology, our experts are unlocking the value of your audit. Dynamic Audit

Adding insight to audit Transforming Internal Audit through data analytics

An integrated model approach to improve the management of marketed products

Welcome to the 404 Institute Webcast

Future of finance: Finance disrupted. How should the CFO respond to a business environment in turmoil? kpmg.com/us/futurefinance

Intelligent automation and internal audit

Operational Considerations for Transparency. September 2011

Internal Audit and Robotic Process Automation

3 Ways to Reduce the Costs of SOX compliance

GREAT SERVICE NEVER STOPS.

ADP ihcm Supporting Strategy and Execution ADP ihcm Executive Briefing for CEOs

Business Process Services: A Value-Based Approach to Process Improvement and Delivery

Talent acquisition analytics Driving smarter sourcing and hiring decisions with data

Streamline your business processes for far-reaching results. EY s Business Process Management Services practice

SOLUTION BRIEF RSA ARCHER AUDIT MANAGEMENT

Risk Advisory Services Developing your organisation s governance for competitive advantage

Modernizing compliance: Moving from value protection to value creation

BUSINESS CASE. How Investing in a Unified Internship and Early Career Program Management Solution Keeps Your Company Ahead of the Competition

Positioning Internal Audit to Deliver Value

TREASURY. INTEGRITY SaaS

Thomson Reuters Regulatory Change Management

Navigating the New Health Economy

Achieving an Agile Enterprise with Enterprise-Wide Portfolio and Lifecycle Management

What you gain The PwC Internal Audit Contacts David Toh Francis Wan

Procurement Transformation on the Fast Track: Doing More with Less

Business Resilience: Proactive measures for forward-looking enterprises

IBM Incentive Compensation Management

NATIONAL INSTRUMENTS VISUALIZES GROWTH WITH XACTLY

CONSULTING & CYBERSECURITY SOLUTIONS

IBM Planning Analytics Express

THE TOP 5 TRENDS DRIVING OUTSOURCING VALUE OPTIMIZATION IN 2018

3 Questions. to Ask When Developing an Adaptive Security Awareness Program

Financial Consolidation Software

What if... You could deploy the leading industrial ERP solution with the lowest total cost of ownership, freeing up capital for other ventures?

TECHNOLOGY AND AUDIT: A MUTUAL FUTURE THERESA GRAFENSTINE CHAIR, ISACA BOARD OF DIRECTORS 2/15/2018

All-in-One Compliance for All.

Infor PM 10. Do business better.

RSA ARCHER MATURITY MODEL: AUDIT MANAGEMENT

Capture the agility to respond to evolving fraud threats and the flexibility to stay focused on the customer experience.

Multisource Management in the Cloud Age Keys to MSI and SIAM success in Hybrid IT environments

Are you prepared for this Challenge? The new COSO Enterprise Risk Management Framework

California ISO PwC report on the 2017 market controls audit

Shared Services Survey Ireland 2016

CRITICAL OF CHOOSING THE SOLUTION

Business Risk Intelligence

Global Enterprise Model (GEM) for Utilities

IT Risk Advisory & Management Services

HOW TO LAUNCH A SUCCESSFUL WORKFORCE PLANNING CENTER OF EXPERTISE (COE)

The eight attributes. Delivering internal audit excellence as stakeholders expect more

Full Steam Ahead: Finance On Board With Automation

White Paper Describing the BI journey

COMBATING BRIBERY & CORRUPTION THROUGH INFORMATION INTELLIGENCE

Enterprise-Wide Security Transformation to Meet Escalating Regulatory Requirements

Evolving Core Tasks for Improved Internal Audit Performance. Copyright 2018 AuditBoard Inc. 1

Internal audit strategic planning Making internal audit s vision a reality during a period of rapid transformation

Intelligent Automation and Internal Audit

Thomson Reuters: Anti-Money Laundering Survey Insights

Infor M3 Cloud. Establish a foundation for digital transformation

Overview and Frequently Asked Questions

PROTECTING YOUR BUSINESS AND CLIENTS FROM HIGH RISK BROKERS

Managing Third-Party Relationships

A Financial Executive s Guide to Internal Controls & Fraud Prevention in the Cloud

Preparing your organization for a Human Resource Outsourcing implementation

Comprehensive Enterprise Solution for Compliance and Risk Monitoring

Good Practices of the Audit Committee

Billing Strategies for. Innovative Business Models

Lessons Learned in Streamlining the Third-party Risk Assessment Process

Enterprise Content Management and Business Process Management

VIA Insights: Telcoms CONNECT to Digital Operations

Thomson Reuters AutoAudit

Advanced e5 for Higher Education

Internal Controls Optimization

FORBES INSIGHTS RESEARCH REPORT ON THE FUTURE OF MARKETING. Marketing Operations is the Key to Success. In association with:

ROAD MAP. MDaudit Road Map Preparing for Change: 7 Steps to Risk-based Audits

SEIZING THE DIGITAL OPPORTUNITY IN AEROSPACE AND DEFENSE

Fixed Scope Offering for Implementation of Oracle Fusion CRM in Cloud

The CFO Agenda 2020: Demands f are increasing with the changing role of the CFO

Accounting & Finance BPO

Quantifying the Value of Investments in Micro Focus Quality Center Solutions

Enterprise Compliance Management for Credit Unions

Going beyond risk and compliance: Legal functions embracing digital

The robotic revolution Business transformation through digital labour

Optiv's Third- Party Risk Management Solution

Tailored Learning Solutions. Measurable Results. Raytheon Professional Services

The Evolution of the HR Business Partner

KPMG s Dynamic Audit. Powered by Data+ Analytics. January kpmg.com

WHITE PAPER. Engaging the Evolving Stakeholder Network: A New Approach for Medical Affairs

AUTOAUDIT. Drive deeper insights

Digital labor and the future of finance

The business owner s guide for replacing accounting software

The Robotics Auditors The Workforce of the Future. Giridhar LS CEO

Oracle Buys ClearTrial Adds Leading Cloud-based Clinical Trial Operations and Analytics Applications to the Oracle Health Sciences Suite

Transcription:

www.pwc.com Advanced Monitoring and Testing to Enable Performance SCCE Boston Regional Conference Presenters Jon Mackenzie Managing Director, Office: (267) 330 8111 Email: jonathan.b.mackenzie@pwc.com John Dalton Manager, Office: (617) 530 5580 Email: john.t.dalton@pwc.com 2 1

In the next hour, you will learn more about 1 2 3 4 5 Meeting today s challenges for continuous controls monitoring and more timely feedback on compliance and controls Improving the effectiveness and timeliness of your monitoring and testing program to meet the increasing regulatory and stakeholder expectations Developing a sustainable program that effectively utilizes data, scalable resources, technology, standardization, and other leading methods Leveraging technology solutions to effectively coordinate workflow and consistently measure results across the organization Optimizing your controls monitoring and reducing the overall costs of compliance 3 Today s business climate 1 4 2

Today s fast-changing business climate Coupled with the evolving risk and regulatory landscape raise the bar for your continuous monitoring and testing needs. 1 2 3 4 Increased complexity and intensity of the regulatory landscape Evolving business landscape and the resulting potential risks associated with operating in multiple sectors and environments Proliferation of technology which creates great business opportunities, while increasing compliance vulnerability Continued pressure to manage compliance costs in the face of increased risk 66% of CEOs see regulatory change as a disruptor within their industries over the next five years 1. 1/3 of CEOs say they have entered new industries in the last three years, and 56% believe that organizations will increasingly be competing in new sectors in the next three years 1. 1 s 18 th Annual Global CEO Survey 5 To sum it up these are extraordinary and changing times for risk and compliance owners! Extraordinary times Companies that lead in risk management actively anticipate, measure, and accept risks that facilitate growth without jeopardizing their business 1. US CEOs see more opportunities even in a slowgrowing, increasingly risky world compared to three years ago: 67% 60% see more opportunities see more threats 1 s 18 th s 2015 Risk in Review Survey 6 3

Trends and focus areas 2 7 Companies are requiring timely compliance feedback more-so than ever! What we are hearing I need a consistent and efficient standard for monitoring controls performance across the company and globe. Regulatory monitoring is not one of our core competencies but our stakeholders are now demanding that we do it well. I need to be survey ready. How do I drive more efficient/continuous monitoring around my third-party relationships using technology? I have been asked to significantly increase my IT compliance testing. Small samples are not giving me the compliance visibility I need I need to use my data and get off of manual spreadsheets. 8 4

Monitoring and testing is not just an internal audit responsibility Influential Forces Technology Innovation Globalization Regulation Board/Audit Committee Senior Management 1st Line of Defense Management/ Entity Controls Internal/ Process Controls 2nd Line of Defense Compliance Risk Management Security 3rd Line of Defense Internal Audit External Audit Regulator Privacy Quality Financial Controls 9 Advanced monitoring and testing is an emerging risk process model for meeting today s continuous monitoring needs An enhanced solution for more timely feedback in your risk, compliance, and control activities. Combines advanced data analysis techniques with centralized testing approaches and technology enabled delivery to provide efficient, high quality, and scalable testing processes. Dynamic More complex Risk Process Outsourcing (RPO) Static Less complex Business Process Outsourcing (BPO) 10 5

Where you can benefit Attaining value from an advanced monitoring and testing approach 1 2 3 4 Regulatory compliance testing (e.g., FS, pharma, healthcare, utilities, etc.) Information technology compliance testing Third-party risk management Anti-corruption controls Although processes differ by industry sector, examples of areas where companies can gain significant benefits include: 5 6 7 Supply chain issues and contract compliance Revenue processes and revenue compliance testing Expanded Internal Control over Financial Reporting (ICFR) But how do you do this efficiently? 11 Key aspects of advanced monitoring and testing programs 3 12 6

Advanced managed monitoring and testing model Bringing the right tools to create a targeted, consistent, scalable, and cost-efficient program! Business transactions Risk Assessment Identify highrisk processes for ongoing testing. Examples: Regulatory compliance IT compliance 3 rd party risk management Anti-corruption controls Contract compliance Revenue processes ICFR Key Controls (operational, financial, compliance) Identification of key control objectives for highrisk processes Data-driven Monitoring Advanced analytics technology to automate controls monitoring, where possible Centralized Testing Ongoing scalable testing Compliance Dashboard Reporting Process supported by enabling technology 13 Centralized testing model brings standardization, scalablity, and efficiency Standardized processes provide consistent quality and efficiency gains over time, leading to a cost advantage for the company Leveraging highly qualified and experienced talent pool with advanced capabilities delivers premium services Stringent, high quality feedback and results facilitates continuous improvement of control processes Risk and Compliance Leaders Business Control Owner Centralized Delivery Model Resources Controls Monitoring and Testing Dashboard Reporting Data Analytics 14 7

Using technology tools to enable and drive the sustainability of your program A technology tool to support ongoing monitoring and testing should include the following key elements to provide efficiency and sustainability: Data Hierarchy Control Repository Workflow Reporting & Analytics Incident & Issue Management Incorporates Compliance and Regulatory Requirements sector and industry expertise Automated Workflow Reporting customized based on role Risks Coordination Across Geographies Results Dashboards Establish Control Repository and Related Monitoring/Testing Procedures Test Performance Visualization 15 Effective use of data analytics 4 16 8

Data analytics unlocks intelligence around compliance/controls performance How does analytics enhance monitoring and testing programs? Framework for evaluating areas for increased automated testing where feasible, increasing speed, effectiveness, and efficiency of testing Manual testing executed with analytics, improving efficiency, and coverage Mechanism for intelligent sampling/testing Intuitive dashboards enable continuous monitoring and real-time insight using risk factors to slice, dice and visualize data to hone in on meaningful follow up activities 17 Basic example T&E Use of cash for gifts Expense Analytics Description: High level analytics showing the expenses for the organization by org unit expense type. Region Department Filters Expense Type Color Keys Gifts 18 9

Basic example T&E Use of cash for gifts (continued) Expense Analytics Description: High level analytics showing the expenses for the organization by org unit expense type. Region Department Team Filters Region Expense Type By leveraging analytics dashboard we can quickly extrapolate the cash use expenses Cash Gifts Color Keys 19 Industry example Pharmaceutical Excluded Specialties Compliance Analytics Excluded Calls & Excluded Sample Drops & Scientific Inquires Summary Product ID Region State Excluded Type Excluded Call by Region Excluded Calls & Drops & Inquiries by State Excluded Calls & Drops & Inquiries by Product Excluded Calls & Drops & Scientific inquiries Time Series No Excluded Calls No Excluded Drops No. Scientific Inquiry Excluded Calls & Drops by Reps Excluded Calls & Inquiries by Rep Excluded Calls & Drops by HCP Excluded Calls & Inquiries by HCP Outlier 20 10

Industry example Pharmaceutical (continued) Excluded Specialties Compliance Analytics Excluded Calls & Excluded Sample Drops & Scientific Inquires Summary Product ID Region State Excluded Type Excluded Call by Region Excluded Calls & Drops & Inquiries by State Excluded Calls & Drops & Inquiries by Product Excluded Calls & Drops & Scientific inquiries Time Series No Excluded Calls No Excluded Drops No. Scientific Inquiry Trend Excluded Calls & Drops by Reps Excluded Calls & Inquiries by Rep Excluded Calls & Drops by HCP Excluded Calls & Inquiries by HCP Outlier 21 Advanced monitoring and testing in action 5 22 11

Advanced monitoring and testing in action High growth global company Transform existing IT operations, security controls, and compliance program to drive efficiency, effectiveness, and standardization. Company issue Action Business impact Desire to increase the efficiency and effectiveness of global controls and compliance program, which supports many standards, including NIST 800-53, ISO, SOC 1, SOC 2, HIPAA, SOX, FCPA, and others. Build a risk-based controls and compliance testing program including performance and quality measurement and continuous improvement efforts. Utilize technology to manage the end-to-end service delivery, and enable automation and dashboard reporting of results. Deliver controls testing services through a centralized model, which provides low-cost, highly skilled professionals. Enhanced quality and efficiency through standardization. Reporting provided deeper insight into the company s risk and controls environment. Standardized company s compliance efforts, improved controls documentation, and boosted the quality of services. 23 Advanced monitoring and testing in action Large consumer products company Leverage an enhanced monitoring and testing approach focused on financial and compliance controls to achieve a quality and cost efficient solution and establish data analytics testing footprint Company issue Action Business impact Company needed to transform their compliance and controls testing procedures and implement data analytics to meet stakeholder expectations. Company desired a 3 year roadmap to focus on building priority capabilities in financial controls and key compliance areas. Company required a more efficient solution that enabled internal resources to focus on other areas of the business. Establish a testing program based on the risk assessment evaluation. Leverage advanced analytics capabilities and deploy new control testing methodologies. Implement a centralized testing and monitoring model and a three-year plan for scalability and expansion of coverage. Sustainable approach to managing risk and compliance testing requirements. Provides company stakeholders with a cost effective solution and the ability to scale the program. Proficient use of data analytics to provide powerful insights into the business and process enhancements. Leveraging highly skilled professionals, freed up internal resources to focus on more business critical operations. 24 12

Questions and answers 6 25 Ask yourself 1 2 3 4 5 What is the level of maturity of your risk and compliance program? Do you need to improve the effectiveness of your monitoring and testing program to meet regulatory and/or stakeholder expectations? How can you drive the optimization of your controls monitoring and/or reduce the costs of compliance? Do you have the internal competencies, infrastructure, and subject matter expertise to drive an effective program? How well do you use your data and technology to drive monitoring and testing activity and measure results across the organization? 26 13

Questions??????? Thank you! 2016. rights reserved. refers to the US member firm or one of its subsidiaries or affiliates, and may sometimes refer to the network. Each member firm is a separate legal entity. Please see www.pwc.com/structure for further details. 27 14

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback