Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright © 2002 Open Applications Group, Inc. All rights reserved Project Definition Project name - RiskML Project Leader name – ? Date – 9/12/03.

Published byTamsyn Chase Modified over 8 years ago

Similar presentations

Presentation on theme: "Copyright © 2002 Open Applications Group, Inc. All rights reserved Project Definition Project name - RiskML Project Leader name – ? Date – 9/12/03."— Presentation transcript:

1 Copyright © 2002 Open Applications Group, Inc. All rights reserved Project Definition Project name - RiskML Project Leader name – ? Date – 9/12/03

2 Copyright © 2002 Open Applications Group, Inc. All rights reserved Agenda Charter Key Deliverables Summary Scenario Diagram Business Workflow BOD’s/Nouns to be added BODs to be changed Project Team Planned Schedule Assumptions, Dependencies, and Issues Outside Resources Questions Next Steps

3 Copyright © 2002 Open Applications Group, Inc. All rights reserved RiskML Charter Sarbanes Oxely: –New Reporting Requirements Sufficient and adequate Internal Controls –Independence Requirements External Audit – Attestation (Section 404) Annually Management Certification (Section 302) Quarterly –Penalties Personal and Criminal liability of the Signing Officers

4 Copyright © 2002 Open Applications Group, Inc. All rights reserved New Enterprise Component

5 Copyright © 2002 Open Applications Group, Inc. All rights reserved Process (Kinda) Risk and Control Library ApplicationsControlsManualControls Risk Assurance Services External Auditor Process and Procedures Control Testing Management Certification Auditor Attestation

6 Copyright © 2002 Open Applications Group, Inc. All rights reserved Evaluate Overall Effectiveness,Identify Matters for Improvement, and Establish Monitoring Systems Organize a Project Team to Conduct The Evaluation Evaluate Internal Control at the Entity Level Understand/Agree on Definition Of Internal Control Understand & Evaluate Internal Controls at the Process, Transaction or Application Level Report on Internal Control Business Workflow (Kinda)

7 Copyright © 2002 Open Applications Group, Inc. All rights reserved Big Assumptions There is no prevailing IP in the structure of the Risk and Control library though there is diverse content captured by audit firms as an embodiment of their expertise. The applications built by the software vendors are the true embodiment of their expertise and the structure of the Risk and Control library used is essentially public domain through the COSO framework. On implementation of a risk and control library, there is an allied need for a standard mechanism for publication offered by the audit firms to keep the libraries up to date, even though services are always required to provide assurance around the risks. There would be a real market need for a standardized vocabulary to describe a risk and control library facilitating risk library information exchange and a standardized mechanism for publication.

8 Copyright © 2002 Open Applications Group, Inc. All rights reserved So what is COSO?   Internal Audits   Messages from Senior Management   Policies and Procedures   Code of Ethics The process which ensures that relevant information is identified and communicated in a timely manner The policies and procedures that help ensure that actions are identified to manage risk are executed and timely The control conscience of an organization. The “tone at the top” The evaluation of internal and external factors that impact an organization’s performance   Business Risk Management   Process Risk Management   Internal Audit Risk Assessment   Disclosure Committee   Delegation of Authority   Approvals   Common Processes and Systems   Segregation of Duties   Account Reconciliations   Information Technology Controls   Code of Ethics   Documented Policies and Procedures   Cultural Assessment   Training   Management Analysis The process to determine whether internal control is adequately designed, executed effective and adaptive

9 Copyright © 2002 Open Applications Group, Inc. All rights reserved Big Conclusions With the advent of recent legislation there is increased likelihood of ERP customers and Audit Firms exchanging a great deal of risk and control information. The separation of the External Audit from the Risk Assurance activity will mean that Audit firms will be exchanging risk and control information. Mapping different formats from different audit firms and different ERP solutions is inefficient, expensive and adds no value to the parties involved.

10 Copyright © 2002 Open Applications Group, Inc. All rights reserved Biggest Conclusion It is very likely that an XML Standards consortium will fill the market need for standardization. The charter of this group is to form this consortium and solve the problem.

11 Copyright © 2002 Open Applications Group, Inc. All rights reserved Proposed Scope What is in scope –Exchange of Risk and Controls Matrix Account Process Risk Control Issue What is out of scope –Assurance Reporting

12 Copyright © 2002 Open Applications Group, Inc. All rights reserved Key Deliverables Summary Class Diagram Use Case Diagram XML Schema Definition Surrounding Documentation

13 Copyright © 2002 Open Applications Group, Inc. All rights reserved BODs/Nouns to be added Financial Statement Process Objective Risk Control Testing Procedure

14 Copyright © 2002 Open Applications Group, Inc. All rights reserved BODs to be changed To Be Determined

15 Copyright © 2002 Open Applications Group, Inc. All rights reserved Project Team ? – Project Leader Nigel King – Oracle Worker Arthur Stewart – E&Y Worker Bastin Gerald – Oracle Worker Sampathkumar – Worker Mike Rowell – OAG Worker Sohail Siddiqui – PWC Worker Sean Spillane – Deloitte Worker Brad Straw – PWC Worker

16 Copyright © 2002 Open Applications Group, Inc. All rights reserved Planned Schedule 1st Draft delivery December ‘03 1st Review Jan ‘04 2nd Review and Vote in Mar ‘04.

17 Copyright © 2002 Open Applications Group, Inc. All rights reserved Assumptions, Dependencies and Issues Assumptions –Will have enough people/time committed to making this happen Dependencies –We need the ongoing buy in of the Risk Assurance community. Issues –The Risk Assurance firms provide services around the risks and assurance thereon. The Risk library in “Abstract” has little assurance value.

18 Copyright © 2002 Open Applications Group, Inc. All rights reserved Outside Resources XBRL Community for Financial Statement Definition (Feelers out) Institute of Internal Auditors for Domain Expertise (Feelers out) Public Company Accounting Oversight Board for Authority (Feelers out) XBRL (For Process Definition)

19 Copyright © 2002 Open Applications Group, Inc. All rights reserved Questions? * This is the time to address any questions not asked during the presentation.

20 Copyright © 2002 Open Applications Group, Inc. All rights reserved Next steps Decision on Project –Approved/not Approved? Call for Team Members Schedule Meeting –Conference Call –Face to Face Set up eGroup (Done - RiskML@Yahoogroups.com) Assign OAGI Architect

Download ppt "Copyright © 2002 Open Applications Group, Inc. All rights reserved Project Definition Project name - RiskML Project Leader name – ? Date – 9/12/03."

Similar presentations

Chapter 10 Accounting Information Systems and Internal Controls

Chapter 10 Accounting Information Systems and Internal Controls
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Core principles in the ASX CGC document. Which one do you think is the most important and least important? Presented by Casey Chan Ethics Governance &

Core principles in the ASX CGC document. Which one do you think is the most important and least important? Presented by Casey Chan Ethics Governance &
Open Standards that Open Markets™ © Open Applications Group © Open Applications Group, 2014 All Rights Reserved OAGi Semantic Refinement Method and Tool.

Open Standards that Open Markets™ © Open Applications Group © Open Applications Group, 2014 All Rights Reserved OAGi Semantic Refinement Method and Tool.
Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.
Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, 2002. Established.

Sarbanes-Oxley Act. 2 What Is It? Act passed by Congress in response to the recent and continuing corporate scandals. Signed into law July 30, Established.
1 Sarbanes-Oxley Section 404 June 29, 2005. 2  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.

1 Sarbanes-Oxley Section 404 June 29,  SOX 404 Background 3  SOX 404 Goals 4  SOX 404 Requirements 5  SOX 404 Assertions 6  SOX 404 Compliance.
SOX and IT Audit Programs John R. Robles Thursday, May 31, 2007 Tel: 787-647-396.

SOX and IT Audit Programs John R. Robles Thursday, May 31, Tel:
Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.
Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.

Standar Pekerjaan Lapangan: Pemahaman Memadai atas Pengendalian Intern Pertemuan 5.
IS Audit Function Knowledge

IS Audit Function Knowledge
Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.

Internal Control Pertemuan 05 s.d 06 Matakuliah: F0712 / Lab Sistem Informasi Akuntansi Tahun: 2007.
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Quality evaluation and improvement for Internal Audit

Quality evaluation and improvement for Internal Audit
Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.

Internal Control. COSO’s Framework Committee of Sponsoring Organizations 1992 issued a white paper on internal control Since this time, this framework.
Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.

Chapter 4 IDENTIFYING RISKS AND CONTROLS IN BUSINESS PROCESSES.
Purpose of the Standards

Purpose of the Standards
INTERNAL CONTROL OVER FINANCIAL REPORTING

INTERNAL CONTROL OVER FINANCIAL REPORTING
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.

Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
Chapter 4 Internal Controls McGraw-Hill/Irwin

Chapter 4 Internal Controls McGraw-Hill/Irwin

Similar presentations

Ads by Google