3. What Is Your Primary Audit Management Challenge? Audit Planning Managing and Closing Audit Observations Time Organizational Support of The Audit Process Risk Management All of The Above POLLING QUESTION
5. Xybion Corporation Fast Facts Founded in 1977 Preclinical Lab Management And Drug Safety Solutions Corporate Headquarters â Bensalem, PA Corporate Preclinical R&D Solutions GRC/ECM Solutions Enterprise Asset Management Services & Solutions New Markets Satellite Locations Quebec City, Canada Germany India Center of Excellence Innovative Development & Testing COE In India Delivers Quality Testing & Development Services Internal Product Development & Support Value Proposition Proven GRC and Quality Platform YOUR PARTNER OF CHOICE FOR INTEGRATED GRC
7. An Audit Is A Formal Review Of Some Of The Controls, With Full Testing And A Formal Report An Audit Can Be Of All Of An Entity (Typical), Or Some Processes In An Entity, Or Even One Or More Processes Across Entities Auditing: A Practical Definition
8. Audits Are Process-Oriented c t A n a D l P o Check Enterprise Audit Management Quality Management System Processes
10. Internal Auditing Internal Auditing Is Designed To: Provide The Most Effective And Efficient Deployment Of Internal Audit Resources In A Manner That Addresses: Areas Of Highest Relative Risk Core Business Activities Broad Coverage Across The Spectrum Of Business Operations.
11.
12. Adopted Voluntarily To Identify And Correct Compliance Problems Before Inspectors Arrive
18. Benefits of Integration Better Resource Management Improve Resource Utilization People, Equipment, Facilities, Materials, Energy Reduce Time Required Minimal Duplication Of Efforts Commonize Documentation Integration & Simplification Of Procedures And Instructions Cost Avoidance/Savings Identification Of Cost Reduction Opportunities Employee Empowerment Easier To Understand, Follow And Use
19. Benefits of Integration Better Risk Management Reduction, Prevention and Control of: Quality Failures Accidents, Injuries, Illness, Deaths Property & Equipment Damage Or Loss Environmental Incidents And Accidents Potential Prosecution And Fines Damage To Public Image Loss Of Employee Morale
20. Benefits of Integration Competitive Edge International Markets Level Playing Field Customer & Industry And Governmental Standards Financial Performance Insurance Opportunities Due Diligence Reduced Costs and Improved Profitability
21. Analyzing Your Compliance Processes & Controls Do You Know What Your Organization Is Doing To Comply With Both Mandated Legal And Regulatory Requirements? Are You Confident That Your Compliance Processes And Controls Are Effective? Are You Prepared In The Event Of Non-compliance?
23. Transform The Internal Audit Department From Its Traditional Roleâperforming Checklist Activitiesâto One That Focused On Corporate And Business Unit Goals, Strategies And Risk Management Processes. To Achieve This Restructuring, Ask These Fundamental Questions: How Do We Define Internal Control? What Best Practices Should We Incorporate Into Auditâs Evolving Role? How Can Internal Audit Become An Integral Part Of Risk Management Processes And Maintain Independence? What Should The Departmentâs Strategic Plan Be? How Should The Audit Group Deliver Its Services And Communicate Its Observations? Transformation To Progressive Audit Management
24. Audit Management Challenges & Opportunities Doing More with Less Creating the Integrated Auditor Adapting to New Organizational Environments "Tuning In" on an Organization's Strategic Relationships Auditing in a Highly Automated Environment Text Effectively Usage of Automation to Audit Addressing Management Concern with the Cost and Other Effects of Fraud Finding New Tools to Meet the Audit Challenge Meeting the Challenges Created by the New Economy Effective Usage of Both Internal and External Resources
25. Traditional vs. Progressive Auditing Progressive Best Practices Traditional Audit Focus Transaction-based Financial Account Focus Compliance Objective Policies And Procedures Focus Multiyear Audit Coverage Policy Adherence Budgeted Cost Center Career Auditors Methodology: Focus On Policies, Transactions And Compliance Business Focus Process Based Customer Focus Risk Identification, Process Improvement Objective Risk Management Focus Continual-risk-reassessment Coverage Change Facilitator Accountability For Performance Improvement Results Opportunities For Other Management Positions Methodology: Focus On Goals, Strategies And Risk Management Processes
26. Achieving Audit Excellence Auditor Skills Required to Succeed First Class Consulting Skills Marketing Skills Facilitation Skills Reassessing the New Economy Environment and Auditor Roles The Nature of Change See Clearly Building Risk-based Audit Plans Using Collaborative Risk assessment Recognizing the Relationship of Empowerment and Fraud Potential Reducing Cycle time Developing and Using Audit Metrics as a Way to Achieve Auditor Excellence Performance Measurement Productivity tools Defining Audit Scope for Excellence
28. What Is Risk? Risk May Be Defined As: ââŚthe threat or possibility that an action or event will adversely or beneficially affect an organisationâs ability to achieve its objectivesâŚâ
29. What Is Risk Management? Risk Management May Be Defined As: ââŚthe systematic application of management policies, practices and procedures to the task of analysing, assessing, treating, monitoring and reporting on risksâŚâ
30. Benefits of Risk Management Supports Strategic Plan Enhanced Communication Minimizes Risk Effective Use of Resources Reassures Stakeholders Continuous Improvement Audit Focus
31. The Risk Assessment Process Gather Information Interviews With Management And Staff Data/Financial Analysis Group Interviews Questionnaires Consider âContemporary Issuesâ Consider âCore Audit Topicsâ Assess The Universe
32.
33. But Risks And Controls Might Be Continually Assessed Whether Or Not You Carry Out A Formal Audit
40. 4 Key Elements of Effective Audit Management Program Integrated Performance Information (Financial And Non-financial, Historical, And Prospective); A Sound Approach To Risk Management; Appropriate Control Systems; And A Shared Set Of Ethical Practices And Organizational Values, Beyond Legal Compliance.
49. Yet Even SECâsAdditional Safeguards Have Been Proven Inadequate To Ensure Transparency And Auditor Independence
50.
51. Audits Are Typically Confidential, Yet Goal Of Such Audits Is To Assure Sustained Compliance Confusion Rendered By This Choice Contrasts Sharply With Openness Of Financial Reporting Auditors Should Consider How Public Reporting Can Be More Explicitly Addressed Financial Audit Considerations: Improve Transparency
56. Best Practice 5:Monitor Business Activities And Key Performance Indicators Continuously Compliance Balanced Scorecard Approach Define compliance KPIâs Monitor Measure Control Assurance and Audit Operational Review
58. Audit Findings & Observations Findings Can Be Categorized, Prioritized, And Granularized In Order To Find The Problem Areas. Attachments and evidence can also be included with a finding
60. Best Practice 6: Coordinate With Other Risk Management Functions Leverage The Work Of Other Departments Where Possible By Reviewing The Scope Of Their Activity And Considering Their Results In Your Approach.
61. Frequency Of Audits On A Business Areaâs Risk Factors: Previous Poor Audit Ratings Significant Changes In Personnel. Focus On The Highest Risk Priorities Devote Appropriate Resources To New And Changing Areas Train Managers To Update Their Own Risk Assessment Systems And Methodologies Implement Steps To Monitor Quality Control And Segregation Of Duties. Best Practice 7: Develop The Audit Plan Based On Risk Priorities.
62. Under an audit program you can create audits, schedule your resources and determine if any conflicts occur
63. The audit plan or audit preparation form is configurable so you can choose the fields are part of the plan, including attachments & documents
65. Questionnaires or checklists are completely configurable by you, including the answer types and scoring: scores are automatically computed
66. Best Practice #9: Adopt Appropriate Technology - Integrated Compliance Process Control âEven as integrated approaches to compliance management have developed, new technologies have been introduced to facilitate such processes by automating and uniting common governance, risk and compliance activities⌠into one unified platformâŚâ Adam Turteltaub â GRC 360° Fall, 2005
67.
68. Create The Audit Plan By Identifying Audit Entities And Performing A Formal Risk Assessment.
69. Ensure Your Auditors Update Risk Assessments And Monitor The Risk Indicators On An Ongoing Basis.
76. Audit Reporting Made Easy eQCM makes creating the audit report easy. You can add more information into the fields/sections you choose and then auto-generate the report with the click of a button: it allows reformatting and a helpful preview screen.
77. On Demand Audit Information All the audit information is accessible for users with permissions via a search panel. Configurable reports are available from the search panel.
78. Close The Loop! Audit Notifications Audit participants can be notified and âacceptâ whether they will be available
79. Effective Management of Audit Workload With eQCM, the user only has to look in one place to see the tasks they must doâthe workload