Presentation is loading. Please wait.

Presentation is loading. Please wait.

1Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. Third-Party Assurance (TPA)

Published byJessie Leonard Modified over 8 years ago

Similar presentations

Presentation on theme: "1Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. Third-Party Assurance (TPA)"— Presentation transcript:

1 1Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. Third-Party Assurance (TPA) Optimization and Control Rationalization

2 2Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization For large, complex service organizations, a thoughtful approach to assurance can save time, money, and lead to more satisfied clients and prospects UnderstandIntegrateRationalizeEnhance  Identify reporting requirements – internal and external  Report definition and inventory  Integrate control testing requirements across the enterprise to reduce work effort  Regulatory requirement mapping  Level set scope and report type requirements  Identification of redundant controls  Identification of control gaps and areas of improvement  Streamline overall TPA approach to better respond to customer queries  Implement salesforce training  Implement regular optimization activities related to TPA trends and industry TPA Optimization Monitor  Execute on-going monitoring activities related to third- party assurance requirements, testing, and reporting including common approach  Establish continuous monitoring techniques and technology

3 3Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization - Understand Identify internal reporting requirements – SOX, financial audit, operational audits, service level agreements, key performance indicators, etc. Identify external reporting requirements – regulatory, industry, and customer Report definition and inventory Reporting type (SOC 1, SOC 2, AT101, Agreed Upon Procedures, etc.) Inventory of reports – internal, customer facing, regulators Define TPA environment based on steps above UnderstandIntegrateRationalizeMonitorEnhance TPA Optimization Key Activities: TPA report inventory, regulatory requirement inventory, and extended enterprise mapping

4 4Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization - Integrate Integrated control assessments: Construction of customer facing integrated requirements dashboards Identification of targeted efficiency areas (where there is overlap) Creation of new controls/scope to better meet integrated requirements Regulatory assessments: Identification of legislative and other regulatory requirements Utilization of an integrated requirements framework Mapping control framework to global regulatory requirements Identification of gaps Building global regulatory testing/monitoring approach UnderstandIntegrateRationalizeMonitorEnhance TPA Optimization Key Activities: integrated control framework, regulatory control mapping

5 5Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization – Rationalize Level set scope and report type requirements What report types best fit customer/regulator need? Do the report periods align and meet customer requirements? Identification of redundant controls Identification and definition of key controls across multiple reporting frameworks Utilizing integrated controls, can efficiencies be identified? Identification of control gaps and areas of improvement Do control gaps exist? If so, remediation efforts should be aligned with broader risk/controls framework UnderstandIntegrateRationalizeMonitorEnhance TPA Optimization Key Activities: rationalized control set, gap assessment, and risk and control map

6 6Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization – Enhance UnderstandIntegrateRationalizeMonitorEnhance TPA Optimization Key Activities: salesforce training sessions, TPA report repository, customer query process improvement assessment, and report readiness assessments How does a service organization enhance their brand through third-party assurance? Streamline overall TPA approach to better respond to customer queries Implement salesforce training Implement regular optimization activities related to TPA trends and industry How does a service organization utilize TPA reporting for a competitive advantage? Understanding trends and hot topics related to assurance (SOC 2, cyber risk attestations, etc.) and implementing into the TPA process Performing readiness exercises and efficiently mapping controls to new requirements Utilizing online tools/portals for ease of report delivery (for current and prospective customers)

7 7Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization – Monitor UnderstandIntegrateRationalizeMonitorEnhance TPA Optimization Establishing monitoring activities People: identification of the right skillsets and stakeholders related to third-party assurance across the organization Process: identification of an efficient and effective process for managing third-party assurance reporting Technology: Automated Control Execution (ACE) for continuous monitoring Utilization of analytics to automate and test controls Real-time monitoring rather than point in time testing Testing and design efficiencies Key Activities: implementation of continuous monitoring technology, third-party assurance monitoring control assessment

8 8Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. TPA Optimization – Conclusion UnderstandIntegrateRationalizeEnhance  Increased outsourcing and regulations are raising the bar on OSPs  Complexity of environment and customer requirements are driving needs and confusion at the same time  Better way to efficiently do this, create sales opportunities through differentiation, and streamline internal processes TPA Optimization Monitor

9 This presentation contains general information only and Deloitte is not, by means of this presentation, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This presentation is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your business. Before making any decision or taking any action that may affect your business, you should consult a qualified professional advisor. Deloitte shall not be responsible for any loss sustained by any person who relies on this presentation. As used in this document, “Deloitte Advisory” means Deloitte & Touche LLP, which provides audit and enterprise risk services; Deloitte Financial Advisory Services LLP, which provides forensic, dispute, and other consulting services; and its affiliate, Deloitte Transactions and Business Analytics LLP, which provides a wide range of advisory and analytics services. Deloitte Transactions and Business Analytics LLP is not a certified public accounting firm. These entities are separate subsidiaries of Deloitte LLP. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. Copyright © 2016 Deloitte Development LLC. All rights reserved. 36 USC 220506 Member of Deloitte Touche Tohmatsu Limited

Download ppt "1Third Party Assurance Optimization and Control RationalizationCopyright © 2016 Deloitte Development LLC. All rights reserved. Third-Party Assurance (TPA)"

Similar presentations

General tax landscape.

General tax landscape.
Seven sound practices Understand the quantity of money laundering risk at your organization Confirm that policies, procedures, and controls address all.

Seven sound practices Understand the quantity of money laundering risk at your organization Confirm that policies, procedures, and controls address all.
The Corporate Laws Amendment Bill, B6/2006. © 2006 Deloitte Touche Tohmatsu Corporate Laws Amendment Bill, B6/2006 – 29 May 2006 Introduction Presenting.

The Corporate Laws Amendment Bill, B6/2006. © 2006 Deloitte Touche Tohmatsu Corporate Laws Amendment Bill, B6/2006 – 29 May 2006 Introduction Presenting.
© 2010 Deloitte Touche Tohmatsu Sustainable Business Australia Counting the beans - retro-fitted commercial buildings Chris Leach Partner, National Leader.

© 2010 Deloitte Touche Tohmatsu Sustainable Business Australia Counting the beans - retro-fitted commercial buildings Chris Leach Partner, National Leader.
Mind the Gap: Evaluating Internal Controls in Pharmaceutical Supply Chains across Sub-Saharan Africa AIDS 2012: July 22-27 Julianna Kohler, Revathi Avasarala,

Mind the Gap: Evaluating Internal Controls in Pharmaceutical Supply Chains across Sub-Saharan Africa AIDS 2012: July Julianna Kohler, Revathi Avasarala,
Deloitte Consulting LLP June 22-25, 2014 IIS 50 th Annual Seminar, London 2014 Big Data in Insurance International Insurance Society.

Deloitte Consulting LLP June 22-25, 2014 IIS 50 th Annual Seminar, London 2014 Big Data in Insurance International Insurance Society.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
Navy Path to Cloud Commercial Services Integration (CSI) Team November 2013 ACT-IAC Pacific: Cloud Computing Panel & Roundtable.

Navy Path to Cloud Commercial Services Integration (CSI) Team November 2013 ACT-IAC Pacific: Cloud Computing Panel & Roundtable.
WebEx Training Wednesday, January 15 th 2014 1. - 2 - Agenda Payment Locations Payment Extension Loss of Health Coverage on 01/31 Retroactive Special.

WebEx Training Wednesday, January 15 th Agenda Payment Locations Payment Extension Loss of Health Coverage on 01/31 Retroactive Special.
Leveraging CPQ Cloud for Channel Enablement Self Service Quoting for One and Two Tier Networks.

Leveraging CPQ Cloud for Channel Enablement Self Service Quoting for One and Two Tier Networks.
Pacific Cities Sustainability Initiative – Second Annual Forum Session 4: Public-Private Partnerships Case Studies Jim O’Gara, Director Deloitte Transactions.

Pacific Cities Sustainability Initiative – Second Annual Forum Session 4: Public-Private Partnerships Case Studies Jim O’Gara, Director Deloitte Transactions.
Pricing for value Tom Friedman, Principal Deloitte Consulting LLP Global Consulting Leaders Symposium December 5–7, 2007.

Pricing for value Tom Friedman, Principal Deloitte Consulting LLP Global Consulting Leaders Symposium December 5–7, 2007.
Deloitte in India APLG Annual Meeting Savannah, Georgia February 14, 2011.

Deloitte in India APLG Annual Meeting Savannah, Georgia February 14, 2011.
Risk Intelligence Map – Board level output

Risk Intelligence Map – Board level output
1 Copyright © 2006 Deloitte Development LLC. All rights reserved. The Case ABC Molecular Imaging is seeking an Investment Bank to advise them on the sale.

1 Copyright © 2006 Deloitte Development LLC. All rights reserved. The Case ABC Molecular Imaging is seeking an Investment Bank to advise them on the sale.
Financial structure, management, and IFRS Reporting Creating value for growth Presenter: John Robinson Partner.

Financial structure, management, and IFRS Reporting Creating value for growth Presenter: John Robinson Partner.
Page 0 Recording of this session via any media type is strictly prohibited. Page 0 FOR016: EXCELLENCE IN RISK MANAGEMENT 11.

Page 0 Recording of this session via any media type is strictly prohibited. Page 0 FOR016: EXCELLENCE IN RISK MANAGEMENT 11.
NASPP Regional Conference: What the FICA?

NASPP Regional Conference: What the FICA?
Trade Across the Americas: Bolstering Security and Efficiency Supply Chain Risk Analytics May 2015.

Trade Across the Americas: Bolstering Security and Efficiency Supply Chain Risk Analytics May 2015.
Internal Auditing and Outsourcing

Internal Auditing and Outsourcing

Similar presentations

Ads by Google