1Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. Third-Party Assurance (TPA)

Slides:



Advertisements
Similar presentations
General tax landscape.
Advertisements

Seven sound practices Understand the quantity of money laundering risk at your organization Confirm that policies, procedures, and controls address all.
The Corporate Laws Amendment Bill, B6/2006. © 2006 Deloitte Touche Tohmatsu Corporate Laws Amendment Bill, B6/2006 – 29 May 2006 Introduction Presenting.
© 2010 Deloitte Touche Tohmatsu Sustainable Business Australia Counting the beans - retro-fitted commercial buildings Chris Leach Partner, National Leader.
Mind the Gap: Evaluating Internal Controls in Pharmaceutical Supply Chains across Sub-Saharan Africa AIDS 2012: July Julianna Kohler, Revathi Avasarala,
Deloitte Consulting LLP June 22-25, 2014 IIS 50 th Annual Seminar, London 2014 Big Data in Insurance International Insurance Society.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
Navy Path to Cloud Commercial Services Integration (CSI) Team November 2013 ACT-IAC Pacific: Cloud Computing Panel & Roundtable.
WebEx Training Wednesday, January 15 th Agenda Payment Locations Payment Extension Loss of Health Coverage on 01/31 Retroactive Special.
Leveraging CPQ Cloud for Channel Enablement Self Service Quoting for One and Two Tier Networks.
Pacific Cities Sustainability Initiative – Second Annual Forum Session 4: Public-Private Partnerships Case Studies Jim O’Gara, Director Deloitte Transactions.
Pricing for value Tom Friedman, Principal Deloitte Consulting LLP Global Consulting Leaders Symposium December 5–7, 2007.
Deloitte in India APLG Annual Meeting Savannah, Georgia February 14, 2011.
Risk Intelligence Map – Board level output
1 Copyright © 2006 Deloitte Development LLC. All rights reserved. The Case ABC Molecular Imaging is seeking an Investment Bank to advise them on the sale.
Financial structure, management, and IFRS Reporting Creating value for growth Presenter: John Robinson Partner.
Page 0 Recording of this session via any media type is strictly prohibited. Page 0 FOR016: EXCELLENCE IN RISK MANAGEMENT 11.
NASPP Regional Conference: What the FICA?
Trade Across the Americas: Bolstering Security and Efficiency Supply Chain Risk Analytics May 2015.
Internal Auditing and Outsourcing
Navigating Guidance Changes for Service Organization Control (SOC) Reports NSAA 2011 Annual Conference Deloitte & Touche LLP June 16, 2011.
Middle Tennessee State University John West & Sara Becher June 19, 2013 A Day of Acronyms with D&T.
CLICK TO ADD TITLE The 5th Global Health Supply Chain Summit
Tax Transformation: What does it mean to you?
Keeping up with Today’s Challenges
Primary colors R 0 G 39 B 118 R 0 G 161 B 222 R 60 G 138 B 46 R 114 G 199 B 231 R 201 G 221 B 3 R 146 G 212 B 0 Betty Brathwaite President – Institute.
Introduction In 1992, the Committee Of Sponsoring Organizations of the Treadway Commission (COSO) published Internal Control-Integrated Framework (1992.
Provided by: Training Module: Energy Improvement Loans CDFI Deal Examples This training contains general information only and Deloitte is not, by means.
Career Opportunities in Public Accounting The Who, What, Where, When, Why and How……
A high-level and hands-on approach for organizations to deal with counterfeiting and piracy. Jan Corstens WIPO Moscow
Copyright © 2007 Deloitte Development LLC. All rights reserved. BSA/AML Update Peter Fitzgerald Principal Deloitte & Touche LLP.
© 2011 Deloitte Global Services Limited United Nations Global Compact Management Model Signatory Training.
DoC NTIA Digital-to-Analog Converter Box Coupon Program NPRM Nicholas Van Dongen, Senior Manager Allen Hockenbury, Senior Manager November 14, 2006.
Mike Wyatt, Director State Public Sector Cyber Risk Services
Project Costing Reconciliation Made Easy
KNR- Studiedag 25 september 2013 Btw-checklist. © 2013 Deloitte The Netherlands KNR Studiedag Btw-checklist 1.
Provided by: Page 0 Training Module: Community Staples CDFI Deal Examples This training contains general information only and Deloitte is not, by means.
The 1 st Year in Public Accounting. Overview What to expect What to expect Professional Development Professional Development Organizational Structure.
October 10-13, 2006 San Diego Convention Center, San Diego California Regulation for VoIP Providers What’s the impact on your business.
+ Regulation and Compliance Summary “ Making Great Ideas Become Reality”
Georgia Gateway– Integrated Eligibility System (IES)
Deloitte Forensic Forensic Technology Conference of Regulatory Officers - CORO November 2012.
1 Copyright © 2006 Deloitte Development LLC. All rights reserved. The Case ABC Automotive Products has selected you to advise them on the sale of their.
Credit Management Services
Managing Change in the Face of New HCM Technology Dr. Katherine Jones Vice-President, HCM Technology Research Bersin by Deloitte Deloitte Consulting LLP.
Unraveling technology speak October 2012 Steve Hallam Partner, Deloitte Digital.
PwC National disclosure audio conference: Analysis of the revised Physician Payments Sunshine Act and state drug marketing laws February 10, 2009 “Where.
Current Issues and Opportunities in State Tax Controversy Chicago Tax Club – October 27, 2010 George Barry, Director, Deloitte Tax LLP Jon Cesaretti, Director,
Risks and Controls A day in the life of our Advisory Practice November 2015.
IT auditing in practice Marc Verdonk Eindhoven, November 27 th 2008.
MIS 374 Christine Lyman, Sr. Manager Jan 2015 Root Cause Analysis.
Cyber Risks: Protecting confidential data against unauthorized access Vik Bansal Deloitte & Touche LLP John Reidhead State of Utah March 17, 2016.
© 2013 Deloitte Global Services Limited Growing Markets for Social Impact September 16 th, 2014 Global Public SectorThinking people.
How Do You Plan Inventory in an Omnichannel World? Integrated Merchandising, Planning, and Supply Chain Presentation and Panel Discussion Led by Jamie.
University of Stellenbosch Business School
Will you R.I.S.E. to the challenge?
Innovative Financial and Non-financial Reporting
Modernizing compliance: Moving from value protection to value creation
Crown Jewels in the clouds: The Cloud Risk Assessment
San Francisco IIA Fall Seminar
Getting Started The job search journey begins
AGA 7th Annual Energy Market Regulation Conference Value Proposition for U.S. LNG Exports: Market Study October 2014.
Digital Innovation in Oil & Gas
Building sustainable HIV service delivery model at a local level in Ukraine Iaremenko Oleksii USAID HIV Reform in Action Project, Deloitte consulting LLP.
Maximizing the Impact of Learning & Development
Managed Content Services
Deloitte & Touche November 2018.
Onboarding: Update Your Approach with Human-Centered Design
The Deloitte Industry Proficiency Program
Electronic health records Deploying knowledge at the Point of Care
Presentation transcript:

1Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. Third-Party Assurance (TPA) Optimization and Control Rationalization

2Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization For large, complex service organizations, a thoughtful approach to assurance can save time, money, and lead to more satisfied clients and prospects UnderstandIntegrateRationalizeEnhance  Identify reporting requirements – internal and external  Report definition and inventory  Integrate control testing requirements across the enterprise to reduce work effort  Regulatory requirement mapping  Level set scope and report type requirements  Identification of redundant controls  Identification of control gaps and areas of improvement  Streamline overall TPA approach to better respond to customer queries  Implement salesforce training  Implement regular optimization activities related to TPA trends and industry TPA Optimization Monitor  Execute on-going monitoring activities related to third- party assurance requirements, testing, and reporting including common approach  Establish continuous monitoring techniques and technology

3Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization - Understand Identify internal reporting requirements – SOX, financial audit, operational audits, service level agreements, key performance indicators, etc. Identify external reporting requirements – regulatory, industry, and customer Report definition and inventory Reporting type (SOC 1, SOC 2, AT101, Agreed Upon Procedures, etc.) Inventory of reports – internal, customer facing, regulators Define TPA environment based on steps above UnderstandIntegrateRationalizeMonitorEnhance TPA Optimization Key Activities: TPA report inventory, regulatory requirement inventory, and extended enterprise mapping

4Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization - Integrate Integrated control assessments: Construction of customer facing integrated requirements dashboards Identification of targeted efficiency areas (where there is overlap) Creation of new controls/scope to better meet integrated requirements Regulatory assessments: Identification of legislative and other regulatory requirements Utilization of an integrated requirements framework Mapping control framework to global regulatory requirements Identification of gaps Building global regulatory testing/monitoring approach UnderstandIntegrateRationalizeMonitorEnhance TPA Optimization Key Activities: integrated control framework, regulatory control mapping

5Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization – Rationalize Level set scope and report type requirements What report types best fit customer/regulator need? Do the report periods align and meet customer requirements? Identification of redundant controls Identification and definition of key controls across multiple reporting frameworks Utilizing integrated controls, can efficiencies be identified? Identification of control gaps and areas of improvement Do control gaps exist? If so, remediation efforts should be aligned with broader risk/controls framework UnderstandIntegrateRationalizeMonitorEnhance TPA Optimization Key Activities: rationalized control set, gap assessment, and risk and control map

6Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization – Enhance UnderstandIntegrateRationalizeMonitorEnhance TPA Optimization Key Activities: salesforce training sessions, TPA report repository, customer query process improvement assessment, and report readiness assessments How does a service organization enhance their brand through third-party assurance? Streamline overall TPA approach to better respond to customer queries Implement salesforce training Implement regular optimization activities related to TPA trends and industry How does a service organization utilize TPA reporting for a competitive advantage? Understanding trends and hot topics related to assurance (SOC 2, cyber risk attestations, etc.) and implementing into the TPA process Performing readiness exercises and efficiently mapping controls to new requirements Utilizing online tools/portals for ease of report delivery (for current and prospective customers)

7Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization – Monitor UnderstandIntegrateRationalizeMonitorEnhance TPA Optimization Establishing monitoring activities People: identification of the right skillsets and stakeholders related to third-party assurance across the organization Process: identification of an efficient and effective process for managing third-party assurance reporting Technology: Automated Control Execution (ACE) for continuous monitoring Utilization of analytics to automate and test controls Real-time monitoring rather than point in time testing Testing and design efficiencies Key Activities: implementation of continuous monitoring technology, third-party assurance monitoring control assessment

8Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization – Conclusion UnderstandIntegrateRationalizeEnhance  Increased outsourcing and regulations are raising the bar on OSPs  Complexity of environment and customer requirements are driving needs and confusion at the same time  Better way to efficiently do this, create sales opportunities through differentiation, and streamline internal processes TPA Optimization Monitor

This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this presentation. As used in this document, “Deloitte Advisory” means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. These entities are separate subsidiaries of Deloitte LLP. Please see for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. Copyright © 2016 Deloitte Development LLC. All rights reserved. 36 USC Member of Deloitte Touche Tohmatsu Limited

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.