Presentation is loading. Please wait.

Presentation is loading. Please wait.

© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Continuous Assurance Model.

Published byAriel Allen Modified over 7 years ago

Similar presentations

Presentation on theme: "© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Continuous Assurance Model."— Presentation transcript:

1 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Continuous Assurance Model Brad Ames, CPA, CISA, CRMA Stephen Kozlowski, CPA November 9, 2013

2 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 2 Agenda Continuous Assurance Model Ongoing Risk Assessments Ongoing Control Assessments Integration with 3 Lines of Defense Illustrations Automated Application Controls Employee Expenses Manual Journal Entries Questions & Answers

3 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 3 Continuous Assurance Continuous Auditing by Internal Audit Ongoing Risk Assessment Ongoing Control Assessment Audit Testing of Continuous Monitoring Performed by Management Continuous Assurance Model

4 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 4 Continuous Auditing Ongoing Risk Assessment Identify and assess levels of risk to the achievement of business objectives. Considers a combination of financial and unstructured data Analyzing trends Correlating outliers Highlighting potential exposures

5 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 5 Continuous Auditing: Ongoing Control Assessment Assurance related to control objectives Considers the interrelationship of IT and manual control mix Automated controls are designed in the application IT general controls across the entity Manual business process controls Optimized by monitoring change to a baseline

6 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 6 Business Process Control Objectives Automated (Application) Controls Changes Security Incidents Outliers and Transactions IT General Controls: Database Operating System Network Define Control Objectives Authorization Completeness Accuracy Determine Key Controls Evaluate Baseline Condition of Controls (Still Active and Functioning) and Measure for Subsequent Changes Ongoing Control Assessments Leverage Interdependent Controls

7 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 7 CA Relationships to Third Line of Defense 3 rd line of Defense Assurance 2 nd Line of Defense Risk Management IT Operations, Business Applications, and Processes Changes, Security, Incidents, Outliers, Transactions and Unstructured Data Continuous Monitoring Continuous Auditing Continuous Assurance: Results of Continuous Monitoring and Continuous Auditing Process 1 st Line of Defense Operational Management Audit Testing of Continuous Monitoring

8 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 8 3 rd line of Defense Assurance 2 nd Line of Defense Risk Manageme nt IT Operations, Business Applications, and Processes Changes, Security, Incidents, Outliers, Transactions and Unstructured Data Optimize Continuous Auditing Continuous Assurance Results of Continuous Monitoring and Continuous Auditing Process 1 st Line of Defense Operationa l Manageme nt Audit Testing of Continuous Monitoring Transition Continuous Audit Techniques Continuous Monitoring Transition Continuous Audit Techniques to Second Line of Defense

9 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 9 Ongoing Control Assessment Illustration Application Controls Benchmark Report

10 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 10 Ongoing Control Assessment: Optimize by Benchmarking Automated Controls

11 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 11 Ongoing Risk Assessment: Gain a Better Perspective of Employee Expenses by Matching Card Service Reports

12 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 12 Ongoing Risk Assessment : Manual Journal Entries Cluster AnalysisGrid Analysis

13 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 13 Ongoing Risk Assessment: Manual Journal Entries Cluster Analysis

14 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 14 Dashboards: - LHJE - Fixed Assets - Contra Financial Solutions team, PPS Finance Business strategy Channel and Contra Practice area Finance and Compliance (SOX) team SAP KPI Tool SAS Server Automation of datasets FlashPRO Trident Aspen/Infominer Eclipse EDW VCI (Credit Inf.) HR data Vista/JDEdwards AssureNet/R.Net Emp Exp Mgt DSAS Database ACL AX Server Automated CA/CM solutions Special Pricing GL Contra Fixed Assets Channel CA/CM Application Architecture Wave 1 Wave 2 Audit Data Standards Major Source Data feeds

15 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP confidential. 15 Audit Data Standards

16 © Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Thank you Brad Ames (brad.ames@hp.com) Stephen Kozlowski (sp.kozlowski@rutgers.edu)

Download ppt "© Copyright 2013 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Continuous Assurance Model."

Similar presentations

Technology Applications in the Age of Integrity Integrity Forum 2006 Tony Murphy Vice President, Worldwide Sales ACL Services Ltd.

Technology Applications in the Age of Integrity Integrity Forum 2006 Tony Murphy Vice President, Worldwide Sales ACL Services Ltd.
Anatomy of a Deal Paladion Baskar Natarajan, BCS Sales Specialist, HP Arghya Sinha, Sales Lead, Precision Infomatics Rajeev Hirennavar, Solution Architect,

Anatomy of a Deal Paladion Baskar Natarajan, BCS Sales Specialist, HP Arghya Sinha, Sales Lead, Precision Infomatics Rajeev Hirennavar, Solution Architect,
Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.

Sodexo.com Group Internal Audit. page 2 helps an organization accomplish its objectives by bringing a systematic, disciplined approach to evaluate and.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Security Services Svetlana.

© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Security Services Svetlana.
© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.

© 2006 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice Privacy Management for a Global Enterprise.
Sarbanes-Oxley Compliance Process Automation

Sarbanes-Oxley Compliance Process Automation
The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions.

The TRUTH About SOX, Auditors & Oracle Applimation is the leading provider of Application Lifecycle Management solutions.
Forensic and Investigative Accounting

Forensic and Investigative Accounting
Global E-Business: How Businesses Use Information Systems

Global E-Business: How Businesses Use Information Systems
IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS

IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESS
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Anywhere 10.02 Defect.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Anywhere Defect.
Best Practices for User Access Controls and Segregation of Duties Presented by: Jeffrey T. Hare, CPA CISA CIA ERP Seminars.

Best Practices for User Access Controls and Segregation of Duties Presented by: Jeffrey T. Hare, CPA CISA CIA ERP Seminars.
Role of the IAAM Investment Strategy Team Investment Strategist Process Conduct Capital Markets Research and Analysis Identify Asset Classes Develop Return,

Role of the IAAM Investment Strategy Team Investment Strategist Process Conduct Capital Markets Research and Analysis Identify Asset Classes Develop Return,
© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.

© 2008 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. HP Automates Infrastructure Outsourcing.
Information Technology Audit

Information Technology Audit
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Automatically control.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. Automatically control.
1 ©2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice ©2010 Hewlett-Packard Development.

1 ©2010 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice ©2010 Hewlett-Packard Development.
© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. PCI Compliance & Technology.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. PCI Compliance & Technology.
Chapter 20 20-1 © 2012 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2012 Pearson Education, Inc. Publishing as Prentice Hall.
Fresno County Employees’ Retirement Association Presentation to the Board of Retirement Yolanda Diaz, Vice President 3 December 2008.

Fresno County Employees’ Retirement Association Presentation to the Board of Retirement Yolanda Diaz, Vice President 3 December 2008.

Similar presentations

Ads by Google