Presentation is loading. Please wait.

Presentation is loading. Please wait.

® IBM Research Division © 2006 IBM Corporation Real-Time Business Assurance November 8, 2006 Chung-Sheng Li DGM, Security, Privacy and eXtensible technologies.

Similar presentations


Presentation on theme: "® IBM Research Division © 2006 IBM Corporation Real-Time Business Assurance November 8, 2006 Chung-Sheng Li DGM, Security, Privacy and eXtensible technologies."— Presentation transcript:

1 ® IBM Research Division © 2006 IBM Corporation Real-Time Business Assurance November 8, 2006 Chung-Sheng Li DGM, Security, Privacy and eXtensible technologies IBM Research Division

2 © 2006 IBM Corporation Why Real-time Business Assurance? Continuous Allows mistakes or fraud to be detected early, rather than long after the fact. Avoids restatement of results. Integrated Current solutions are fragmented. Fragmentation in solutions between partners and service providers (Ex.: IBM and Lenovo have different standards for revenue recognition) Organizations that choose individual solutions for each regulatory challenge they face will spend 10 times more on compliance projects than those that leverage each implementation for multiple requirements (0.9 probability). Gartner ITxpo, 2005 Complete Current auditing methods only verify integrity of a sample of transactions, and does not offer a complete view of the state of the enterprise. Can miss major accounting errors. Continuous auditing is gaining steam 81% of companies had or plan to have continuous auditing (PwC survey), e.g. Siemens, Cisco, FDIC. From 2005 to 2006, companies with continuous auditing jumps from 35% to 50% (PwC survey) Real-time business assurance allows enterprises to comply with regulations and minimize risk

3 IBM Research Division © 2006 IBM Corporation Scenario: Continuous Auditing for the Revenue Cycle Customer order Shipping system Billing system Order entry system Cash receipts system Sales order Shipping notice Sales invoice Customers Inventory Cost of Goods Sold Accounts Receivable Cash Accounts Receivable Revenue Receive a request for goods or services Deliver the goods or services Request payment for the goods or services Receive cash in payment Payment Revenue/ Collection Cycle Acquisition / Expenditur e Cycle Production Cycle Payroll Cycle Finance and Investment Cycle Major Auditing Cycles Purchase order, contracts Credit Granting Credit files, reports Customer payments (cash receipts)

4 IBM Research Division © 2006 IBM Corporation Continuous Assurance Architecture for Revenue Collection Business Integration Server (e.g. WPS) Streaming Control Identification & Audit Engine (based on quantifiable control risk) Order System Billing System Inventory Control System Cash Receipts System Control Provenance Store Dashboard Compliance Report Alert Transaction Provenance Store Audit Provenance Store Policy Engine Master Data Management (e.g. WPC, WCC) Account Receivable (Master) Pending Order (Master) Sales Invoice (Master) Inventory (Master) Cash Receipts (Master) Ledger System General Ledger (Journal) Back Order (Master) Credit Check (Master) Supporting Documents for A/R Reserve, Discount, Returns and Allowance Information Integration Server (e.g. WII) Policy Repository (e.g. Accounting Practices, Revenue Recognition guidelines) Isolation and segregation

5 IBM Research Division © 2006 IBM Corporation Continuous Assurance Architecture for Revenue Collection Business Integration Server (e.g. WPS) Streaming Control Identification & Audit Engine (based on quantifiable control risk) Order System Billing System Inventory Control System Cash Receipts System Control Provenance Store Dashboard Compliance Report Alert Transaction Provenance Store Audit Provenance Store Policy Engine Master Data Management (e.g. WPC, WCC) Account Receivable (Master) Pending Order (Master) Sales Invoice (Master) Inventory (Master) Cash Receipts (Master) Ledger System General Ledger (Journal) Back Order (Master) Credit Check (Master) Supporting Documents for A/R Reserve, Discount, Returns and Allowance Information Integration Server (e.g. WII) Policy Repository (e.g. Accounting Practices, Revenue Recognition guidelines) Isolation and segregation Constructing the entity centric provenance: need to collect information on the entirely history of who has done what at when on the entity from order placement, credit check, order fulfillment, inventory verification, shipping verification (from carrier), invoicing, payment collection, account receivable, and general ledger. Potentially needing to extract provenance from supporting documents related to A/R reserve, discount, returns, and allowance. Policy for revenue recognition: e.g. IBM recognizes revenue at shipping, Lenovo recognizes revenue at delivery; gross vs. net, multi-element arrangement, etc. Policy for identification of Controls: e.g. any entity that has a sale price higher that $1M, or delivery latency higher than 7 days, or involving returned goods, or involving discount higher than 5%, or sales commission higher than 3%. Real time identification of controls: based on quantifiable risk framework for assessing the inherent risk, audit risk, control risk, and detection risk

6 IBM Research Division © 2006 IBM Corporation Discovery and/or Capture End-to-End Provenance Business Integration Server (e.g. WPS) Order System Billing System Inventory Control System Cash Receipts System End-to-End Provenance Store Master Data Management (e.g. WPC, WCC) Account Receivable (Master) Pending Order (Master) Sales Invoice (Master) Inventory (Master) Cash Receipts (Master) Ledger System General Ledger (Journal) Back Order (Master) Credit Check (Master) Supporting Documents for A/R Reserve, Discount, Returns and Allowance Provenance Discovery & Management (e.g. WII) Automatically capture provenance from execution of business processes Customer, Product, and Price data Policy Engine Policy Repository Inference/discovery end-to-end provenance from business context and information warehouses

7 IBM Research Division © 2006 IBM Corporation Compliance Oriented Architecture Using Provenance Store Asynchronous vs. Streaming Assurance Enterprise Application End-to-end Provenance Store Enterprise Application … Assurance Engine Enterprise Application End-to-end Provenance Store Enterprise Application … Streaming Assurance Engine Record Documentation of Execution Record Documentation of Execution Query Provenance Data Streaming Query of Provenance Data Assurance/compliance is performed asynchronously as applications record provenance into provenance store Assurance/ compliance is performed synchronously as applications record provenance into provenance store Information Warehouse

8 ® IBM Research Division © 2006 IBM Corporation Thank You Chung-Sheng Li DGM, Security, Privacy and eXtensible Technologies IBM Research Division


Download ppt "® IBM Research Division © 2006 IBM Corporation Real-Time Business Assurance November 8, 2006 Chung-Sheng Li DGM, Security, Privacy and eXtensible technologies."

Similar presentations


Ads by Google