Keeping Your SOX on: Quality Improvement for Sustaining SOX compliance Proprietary and Confidential by Unitech Systems Inc. All rights reserved.

Slides:



Advertisements
Similar presentations
Auditors Have a Great Responsibility
Advertisements

Sarbanes-Oxley Act of 2002 UAA – ACCT 316 – Fall 2003 Accounting Information Systems Dr. Fred Barbee.
Chapter 10 Accounting Information Systems and Internal Controls
Control and Accounting Information Systems
Control and Accounting Information Systems
Data Rich Information Poor ( D.R.I.P) Business Environment – the Next Quality Frontier Proprietary and Confidential by Infogix Systems Inc.
MODERN AUDITING 7th Edition
“High Performing Financial Institutions and the Keys to Success in an Uncertain Environment”
Comparative Analysis of IT Control Frameworks in the Context of SOX By: Malik Datardina, CA, CISA University of Waterloo.
IS3350 Security Issues in Legal Context
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
1 Introduction of Panel Members Sarbanes-Oxley Section 404 Overview Insert Worlds Image / Client Specific Image Here Scott Henderson
Assurance, Attestation, and Internal Auditing Services
©2008 Prentice Hall Business Publishing, Auditing 12/e, Arens/Beasley/Elder The Demand for Audit and Other Assurance Services Chapter 1.
1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
Seminar in Accounting & Society SOX – Section 404 April 23, 2008.
Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.
Adam Bearhalter Kristy Kelly Julie Bland Alex Tiset.
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
The Demand for Audit and Other Assurance Services Chapter 1.
6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
The Information Systems Audit Process
Euseden INTERNAL AUDIT & ASSURANCE SERVICES.
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
Information Systems Controls for System Reliability -Information Security-
1 Business Continuity and Compliance Working Together Kristy Justice, AVP WaMu Card Services 08/19/2008.
Beyond compliance: Exchanging information with Integrity and Quality Proprietary and Confidential by Unitech Systems Inc. All rights reserved.
Chapter 4 Internal Controls McGraw-Hill/Irwin
© Copyright 2012 Pearson Education. All Rights Reserved. Chapter 10 Fraud & Internal Control ACCOUNTING INFORMATION SYSTEMS The Crossroads of Accounting.
Chapter 9: Introduction to Internal Control Systems
Implementing and Auditing Ethics Programs
Vijay V Vijayakumar.  SOX Act  Difference between IT Management and IT Governance  Internal Controls  Frameworks for Implementing SOX  COSO - Committee.
Implementation Issues of Sarbanes-Oxley CASE Presentation September 23, 2004 By Denise Farnan.
Chapter Three IT Risks and Controls.
Overview:  Different controls in an organization  Relationship between IT controls & financial controls  The Mega Process Leads  Application of COBIT.
© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.
1 - 1 ©2006 Prentice Hall Business Publishing, Auditing 11/e, Arens/Beasley/Elder The Demand for Audit and Other Assurance Services Chapter 1.
OVERVIEW OF INFORMATION SYSTEM (IS) AUDITING NORHAFIZAH BINTI ABDUL MUDALIP YAP YONG TECK TAN YUAN JUE TAY QIU JIE GROUP MEMBER:
1 Today’s Presentation Sarbanes Oxley and Financial Reporting An NSTAR Perspective.
1 Information Technology (IT) Auditing & Control Instructor: Dr. Princely Ifinedo Cape Breton University (CBU)
TWO FIELDS…ONE JOB: THE RELATIONSHIP BETWEEN ACCOUNTING AND IT By: Jodi L. Benson July 2005.
Richard F. Chambers, CIA, CGAP Vice President, IIA Learning Center The Institute of Internal Auditors.
ACCOUNTING AND FINANCIAL RESPONSIBILITY IN STRATEGIC PLANNING By Charles D. Little, Ph.D.
Bank Audit. Internal Audit Internal audit is an independent, objective assurance activity and can give valuable insight in providing assurance that major.
1 Chapter Nine Conducting the IT Audit Lecture Outline Audit Standards IT Audit Life Cycle Four Main Types of IT Audits Using COBIT to Perform an Audit.
1 Sarbanes-Oxley Overview. 2 Sarbanes-Oxley Act Summary The Sarbanes-Oxley Act of 2002 §201Prohibited Non-Audit Services §202Audit Committee Pre-Approval.
McGraw-Hill/Irwin Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 6-1 Chapter Six Internal Control in a Financial Statement Audit.
Chapter 9: Introduction to Internal Control Systems
©2010 Prentice Hall Business Publishing, Auditing 13/e, Arens/Elder/Beasley The Demand for Audit and Other Assurance Services Chapter 1.
Accounting and Information Systems: a powerful combination.
Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 20-1 Chapter Twenty Assurance, Related Services and Internal.
1 COSO ERM Framework Update Our Next Challenge and Opportunity September 2015.
Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.
Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.
Risk Management Dr. Clive Vlieland-Boddy. Managements Responsibilities Strategy – Hopefully sustainable! Control – Hopefully maximising profits! Risk.
The Demand for Audit and Other Assurance Services
The Demand for Audit and Other Assurance Services
Chapter 4 Internal Controls McGraw-Hill/Irwin
Fraud & Internal Control
Fraud & Internal Control
COSO Internal Control s Framework
Governance, audit and digital preservation
Fraud & Internal Control
WELCOME AUDIENCE.
An overview of Internal Controls Structure & Mechanism
Presentation transcript:

Keeping Your SOX on: Quality Improvement for Sustaining SOX compliance Proprietary and Confidential by Unitech Systems Inc. All rights reserved

2 Purpose of today’s discussion To discuss the challenges and opportunities presented by the SOX compliance To outline an information centric approach towards improving organizational performance for sustaining SOX compliance

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 3 Agenda State of Financial reporting and SOX mandate Modeling Enterprise Information SOX compliance and continuous improvements Key Benefits

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 4 Agenda State of Financial reporting and SOX mandate Modeling Enterprise Information SOX compliance and continuous improvements Key Benefits

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 5 State of Financial reporting [Ref: Huron Consulting Group; Information Integrity Coalition; ] Inaccurate, Inconsistent and Unreliable financial report is a Quality Issue

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 6 SOX Primer Sarbanes-Oxley was enacted in a major effort to prevent accounting scandals and other reporting problems from recurring, and to rebuild public trust in corporate business practices and reporting. Establishes new or enhanced standards for corporate accountability and penalties for corporate wrongdoing. Contains 11 titles, ranging from additional responsibilities for audit committees to tougher criminal penalties for white-collar crimes such as securities fraud. Defines a higher level of responsibility, accountability, and financial reporting transparency – changes that ultimately are intended to return to investors the confidence.

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 7 SOX key requirements CEO and CFO certification Real time disclosure of material events Disclosure Control and Procedures Internal Controls Over Financial Reporting Internal Control Reports and Assertions External Auditor Attestation

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 8 Challenges Multiple isolated compliance efforts Focus is on compliance ( read documentation) Distraction from “Business as Usual” activities Compliance does not guarantee business sustainability – Quality does For better value,Compliance management should be part of “business as usual activities. [Ref: Booz, Allen Hamilton, 2004]

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 9 I Manufacturing Transportation Energy Explosion in products II Software Internet E-Commerce Explosion in Information Industrial Revolutions Ref: Martin Bariff, 2004 at ISACA

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 10 Improving Quality of Financial Reporting Process Focus Assure the quality of the financial reporting processes Assure the integrity and accuracy of the controls relevant to financial reporting processes Assure the integrity of the information outputs Reduce fraud through regulations

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 11 Agenda State of Financial reporting and SOX mandate Modeling Enterprise Information SOX compliance and continuous improvements Key Benefits

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 12 What is Information Integrity? Information Integrity (I*I) is the trustworthiness or dependability of information as defined by the accuracy, consistency & reliability of information content, processes and systems. Accuracy: The degree of agreement between a particular value and an identified source that provides the correct value at a specific point in time. Consistency: The degree of agreement among repeated instances of the same information (occur in space, over time, and in relation to one another at the same point in time). Reliability: The degree to which information is complete, current, and verifiable.

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 13 I*I Risks are linked to “Static” business models in changing markets Process re-engineering initiatives Growth in business, information, and data Information systems initiatives “Off System” analytical work

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 14 IndustryImpact of I*I failures TelecomAbout 5-11% of revenue is lost [1]. That is about $15-30 billion a year[1]. Banking30 banks had reported total operational losses of around 2.6 billion euros. [5,6] During year 2000, UK lost £113 million through non- compliant documents being presented under letters of credit.[3] InsuranceUS Medicare program lost between 7-10% of its budget due to I*I related errors[4]. RetailUS retail companies lost about $5.6 billion in year 2001 [2] due to clerical and administrative errors. [1] D&T, Revenue assurance survey, PWC, KPMG publications[4] GAO report,1999, IIC report,2001 [2] 2001, National security survey, university of Florida[5] BIS, “Quantitative Impact Study”, 2002 [3] SITPRO, 2003 [6] Rick Harris, “Domestic regulatory approaches to operational risk”, 2002 Reported magnitude of I*I issues

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 15 Unitech’s Framework is comprehensive The Unitech’s Enterprise Information Model (EIM) is a comprehensive framework for identifying focal business processes for integrity evaluation The four quadrants can be populated with issues and processes representing every aspect of enterprise operations

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 16 Information Exchange Integrity

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 17 I*I Assessments Ref: Martin Bariff, 2004 at ISACA

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 18 I*I Rating Systems Process-Based Ratings – Management Requirements Ref: "Building an Information Integrity Rating System,“ by Craig M. Watson, April 12, 2004 Examples from Quality world Usually for business process

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 19 AAA Investment Grade BBB Non-Investment Grade Bbb Junk Source: "Building an Information Integrity Rating System,“ by Craig M. Watson, April 12, 2004 Outcome-Based Ratings – Performance Requirements I*I Rating Systems Usually for information exchanges. Examples include financial statement released to public, individual bank statements etc. Similar examples Trustworthy information Acceptable non critical information Non Acceptable

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 20 Agenda State of Financial reporting and SOX mandate Modeling Enterprise Information SOX compliance and continuous improvements Key Benefits

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 21 Baldrige Framework

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 22 Several Concepts – Several Tools Quality Management Risk Management Control Management Information Integrity Management Six Sigma, Quality Circle Business Process Reengineering Integrity Risk Assessment Enterprise Risk Management COSO, COBIT (Baldrige Criteria for Performance Excellence ) Corporate Governance Model

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 23 Integrated Management Systems Approach Baldrige based Management System Information Integrity Requirements Quality Requirements Integrity ToolsQuality Tools SOX ComplianceRegulatory CompliancePerformance Excellence Corporate Governance

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 24 Agenda State of Financial reporting and SOX mandate Modeling Enterprise Information SOX compliance and continuous improvements Key Benefits

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 25 Benefits of the Unitech Approach Enterprise-based The Enterprise Information Model embraces all major processes in the enterprise. One tool provides the total perspective Process-Focused Our approach is driven by a relentless focus on practical process understanding. As a result, we connect with management thinking and deliver practical integrity improvements. Effective/Efficient We look at processes from both effectiveness and efficiency perspectives, thus broadening performance impact Compliance-rich Unitech is particularly suitable for supporting Sarbanes-Oxley and Basel II compliance initiatives. We provide documentation of controls, as well as a high-level of confidence in the results Generally adaptable Unitech’s approach can be applied to ANY business process, yielding powerful insights into information integrity, as well as performance improvement potential

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 26 More Resources

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.