financial audit scoping tool blueprint for oracle grc audit scoping tool blueprint for oracle grc...

Download Financial Audit Scoping Tool Blueprint for Oracle GRC   Audit Scoping Tool Blueprint for Oracle GRC Applications ... Audit Scoping Accounts-Based Audit Scoping ... Financial Audit Scoping Tool

Post on 08-Apr-2018

219 views

Category:

Documents

6 download

Embed Size (px)

TRANSCRIPT

  • Financial Audit Scoping Tool

    Blueprint for Oracle GRC Applications

    Implement Audit Standard 5 (AS5) scoping to streamline financial

    reporting compliance

  • Financial Audit Scoping Tool Blueprint Overview

    Business Challenges

    Solution Details

    Challenges, Capabilities & Benefits

    Process Flows

    Capabilities Details

    Related Requirements Coverage

    Oracle Blueprints for Oracle GRC Applications

    Financial Audit Scoping ToolAgenda

  • Blueprint purpose: Integrate Oracle Enterprise GRC Manager with Hyperion Financial

    Management to allow auditors and managers to evaluate business

    process risk based on its impact on financial balances

    Blueprint benefit: Helps customers implement Audit Standard 5 (AS5) scoping to streamline

    financial reporting compliance

    Reduce external audit fees by providing a methodical, rule-based

    selection criteria that aligns financial audit activities with controls

    Blueprint items: Auditor Workbench with robust, integrated controls selection based on

    accounts, organizations, financial balances and risk-based criteria

    Pre-built analytics of in-scope controls for assessments

    Automated creation and initiation of EGRCM Controls Assessments

    Financial Audit Scoping Tool Solution Summary

  • Financial Audit Scoping Tool Blueprint Overview

    Business Challenges

    Solution Details

    Challenges, Capabilities & Benefits

    Process Flows

    Capabilities Details

    Related Requirements Coverage

    Oracle Blueprints for Oracle GRC Applications

    Financial Audit Scoping ToolAgenda

  • SEC fact:

    Auditing Standard No. 5 (AS5) directs auditors to focus on those areas that present the

    highest risk, such as the financial statement close process and controls designed to prevent

    fraud by management.Source: SEC Approves PCAOB Auditing Standard No. 5, July 2007

    Percentage of Internal Control

    Weaknesses by Category

    Personnel

    Issues

    17%

    Financial

    Close and

    Controls

    37%

    Significant

    Account

    Level

    40%

    Other

    6%

    Source: Market Reactions to the Disclosure of Internal Control Weaknesses and to the

    Characteristics of those Weaknesses Under Section 302 o the Sarbanes Oxley Act Of 2002,

    July 2007

    Financial Audit Scoping Tool CFOs struggle to improve governance of their financial processes

  • Financial Audit Scoping ToolFrequency and Complexity of Transaction

  • Top-Down, Risk-Based Approach for Identifying Significant

    Accounts and Key Controls to Audit

    Focuses Testing on Risk Exposure rather than Coverage

    Reduces Control Testing Audit Costs

    Fine Tunes the Definitions of Material Weakness and

    Significant Deficiency

    Guidance is Designed to Facilitate more Efficient External

    Auditing including

    Scaling of the Audit for the Size and Complexity of the

    Company

    Removes Requirements to Evaluate Managements Process

    7

    Financial Audit Scoping ToolBest Practices to Reduce Level of Effort

  • Financial Audit Scoping Tool Blueprint Overview

    Business Challenges

    Solution Details

    Challenges, Capabilities & Benefits

    Process Flows

    Capabilities Details

    Related Requirements Coverage

    Oracle Blueprints for Oracle GRC Applications

    Financial Audit Scoping ToolAgenda

  • Financial Audit Scoping Tool GRC Fundamental to Financial Close

    Ledger

    Close

    Data

    AssuranceConsolidation

    Internal

    Managemen

    t Reporting

    External

    Financial

    Reporting

    Filing

    Documentatio

    nFinancial Processes, Risks & Controls

    Assessment Control Effectiveness Orchestration Misstatement Risk Modeling

    TestingProcess-Based

    Audit Scoping

    Accounts-Based

    Audit Scoping

    Risk-Based

    Audit Scoping

    Investigation Suspicious Financial Transaction Analysis & Monitoring

    Remediation Risk Mitigation Planning, Tracking and Evidencing

    Certification Internal Controls over Financial Reporting 302 Certification

    Close

    Compliance

  • Key Capabilities:

    A unified workbench that brings HFM and EGRCM data together

    into a single workspace

    Consolidated significant accounts in HFM that are mapped to

    controls in EGRCM are readily identified, as well as associated risks

    Controls that are identified as in-scope are easily assigned to

    testers in an assessment plan

    Executive dashboards with the financial coverage of the

    assessment plan, as well as the type and nature of the controls that

    are in scope

    EGRCM Capabilities:

    EGRCM enables customers to manage GRC-related business

    processes across the enterprise and HFM enables customers to

    centralize financial reporting and enterprise consolidations.

    Financial Audit Scoping Tool Solution Details

  • 11

    Customer Challenge Solution Benefit

    Reducing the cost of controls

    assessments

    FAST integrates with the EGRCM controls component. Using FAST auditors can

    easily perform a top-down approach to deciding which controls should be in-

    scope for any given assessment

    Integrating Financial close data with

    Controls data

    FAST integrates with Hyperion Financial Management. It includes a interactive

    workbench that shows users how many controls are associated with monitored

    reported financial amounts, thereby easily identify controls for significantly large

    accounts

    Understanding whether the in-scope

    controls as mitigating the most relevant

    risks

    FAST integrates with the EGCRM risk component. Evaluating controls by their

    related risks helps the auditor understand managements evaluation of the

    significance of any given risk and the likelihood and impact of any given risk.

    Designing a controls assessment that

    is repeatable and applies consistent

    decision criteria

    FAST enables an iterative controls scoping processes based on multiple

    criteria. Once satisfied with the composition of the controls assessment, the in-

    scope controls and can export, reloaded and modified for the next audit cycle.

    Designing a controls assessment that is

    composed of a certain controls

    properties such as costs, control

    methods and control types

    FAST includes tables and graphical analysis that intuitively displays the

    composition of the in-scope controls to achieve the proper coverage, cost and

    make up of key controls, automated and manual controls and detective and

    preventive controls

    Automatically produce a controls

    assessment plan based on an

    iterative, robust selection criteria

    FAST will programmatically setup a Controls Assessment plan that includes

    multiple assessment activities, controls and steps that are managed and

    monitored to completion in EGRCM.

    Financial Audit Scoping ToolCustomer Challenges & Benefits Summary

  • 12

    Financial Audit Scoping ToolCapability Summary

    Solution Capability Value Driver Stakeholder

    Integrates with Hyperion

    Financial Management

    Identify controls by Significant Accounts

    Incorporates financial account balances and

    organizational structure

    Internal Audit Manager

    SOX Program Office (PMO)

    Financial Consolidations Manager

    Financial IT Admin

    Integrates with Enterprise

    GRC Manager

    Captures Exec Mgt as well as Line of Business

    and Audits evaluation of risk, the level or risk.

    Identify controls by multiple perspectives and

    business processes

    Internal Audit Manager

    SOX PMO

    IT Admin

    Single workbench view of

    Financial, Risk and Controls

    data and information

    Ease of use

    360-view across Functional Areas

    360-view across Business Processes

    Internal Audit Manager

    SOX PMO

    IT Admin

    Iteratively controls scoping

    and filtering

    Rules-based criteria when selecting in-scope

    controls

    Visibility and insight into controls coverage

    Internal Audit Manager

    SOX PMO

    IT Admin

    Automatic generation of

    EGRCM Controls

    Assessment Plans

    Increased effectiveness of controls assessment

    by focusing on the right controls

    Closed-loop, top-down assessment process

    Executive Management

    Line of Business Manager

    Internal Audit / SOX PMO

  • 1 - Assessment Template

    4 - Template Activities

    2 - Delegation Models

    1 - Object Class

    1 - UDTs

    6 - Hyperion Perspective Items

    2 - Perspective Trees

    6 Preconfigured Charts

    EGRCMAdministrator

    EGRCM Risk

    Manager

    EGRCM Risk

    Manager

    EGRCMRisk

    Analyst

    Setup HFM Connection

    Create POV Validate HFM data

    Query controls using FASTworkbench

    Validate Coverage Create Assessment

    Complete AssessmentTasks

    EGRCMRisk

    ManagerReport on Compliance

    Tie controls to HFMperspectives

    Financial Audit Scoping Tool Business Process

  • Assess multiple risk types across lines of business

    Leverage flexible quantitative and qualitative analysis models

    Monitor risks to key objectives and performance indicators

    Manage incidents and track losses and recoveries

    Risk Management Process

    Assess multiple risk classes a

Recommended

View more >