bwise - iiabel · nasdaq guiding principles 2 ... bwise® grc platform ann green internal audit...
Post on 08-Jul-2020
1 Views
Preview:
TRANSCRIPT
BWise
Audit Software Watch Day Brussels
October 15th, 2014
Marcel Starink, Vice President
2
Nasdaq
guiding principles
2
INTEGRITY Build and maintain trust among the investing public through proper market regulation and ethical market operation.
TRANSPARENCY Provide open market information to traders, investors and regulators alike.
EFFECTIVENESS Maximize market efficiency through technology and innovation.
PASSION Dedicate ourselves tirelessly to our company,
customers, and our partners.
INNOVATION Support capital formation to fund the world’s growth and prosperity.
4
BWISE
INTEGRATED GRC
4
5
Control
+ ROI
Integrated GRC + BWise Software
Architecture
BWise solutions and functionality
Features & Functions, demos, proof of concepts
Boardroom
Silo Managers
Audit
IT
Legal
Ris
k
C
om
plia
nce
Susta
inabili
ty
5
Integrated GRC awareness The Enterprise
6
The 4 levels in Risk Management
7
Common Risk Language
8
Frameworks drive Reporting
9
GRC Journey evolution
9
Level o
f au
tom
atio
n
Au
tom
ate
d
Man
ual
Tim
elin
e: m
ed
ium
-term
(1 –
3 y
ea
rs)
Balanced Risk & Performance Management
Continuous Monitoring and Audit Analytics
Integrated GRC
Silo-Based Automation (GRC Tools)
Manual Processes
Confidential information – Copyright 2012 BWise
10
Gerard Parker
Risk Management (RM)
Michael Bauer
Internal Control (IC)
Jackie McLaren
Compliance &
Policy Mngt (CPM)
Damian Thomson
IT GRC
Kim Lee
Sustainability
Performance
Management (SPM)
BWise® GRC Platform
Ann Green
Internal Audit (IA)
10
11
BWISE
THE BUSINESS CASE
11
12
the Risk landscape
Heathrow Terminal 5: BA apologises for chaos
Travel chaos at Heathrow Airport's new Terminal 5 worsened
today as the chief executive of British Airways admitted
the disruptions will continue until at least tomorrow.
PARIS — Société Générale, one of
the largest banks in Europe, was
thrown into turmoil Thursday after
it disclosed that a rogue employee
executed a series of “elaborate,
fictitious transactions” that cost the
bank more than $7 billion, the
biggest loss ever recorded by a
single trader.
Toxic baby milk shocks China Published: Thursday, 18-Sep
In China's latest food scare 6,000
babies have been poisoned and three
babies have died from drinking baby
milk tainted by the industrial chemical
melamine.
Melamine is a chemical used in plastics
and officials say they suspect it was
added to milk and then sold to
companies that produced infant
formula to possibly give the milk the
appearance of being higher in protein.
JPMorgan Scandal Puts Spotlight
on Operational Risks
Dangers involving people, processes and
systems are now a greater danger to big banks
than credit risk, according to Comptroller Thomas
Curry. The statement may be one of many
knockoff effects of JPMorgan Chase's recent
trading loss.
13
Non-Compliance Financial Consequences
• Siemens: $800M for FCPA violation
• $15.33M BNP Paribas security services for internal fraud by an employee
• $277K fines for 3 US movie theatres for violating US Child Labor regulations
• Examples: http://www.sec.gov/news/press.shtml
• http://www.fsa.gov.uk/pages/about/media/facts/fines/index.shtml.
14
C-Level: Held Personally Responsible
15
C-Level: Why GRC is Top-of-Mind (Forrester)
1. Cost reduction
2. Loss prevention from operations and prevention of fines
3. Easier compliance
4. Balance business performance and risk
• But also….
– Organizational reputation
– Personal reputation
– Personal fines
Tired of balancing?
Risk Management in
Control with BWise
16
Benefits of integrated GRC tools
1. Integrated view on all corporate risks, including risk of non-compliance
2. Efficient assessments in the business, asking questions once and
reusing answers (one version of the truth)
3. Single risk and control framework and risk language throughout the
company and integrated GRC reporting available to everyone
4. Implementation of one platform, not many point solutions, saving costs
5. Saving on external auditing
Companies spend 5% or more of revenue on compliance, saving costs
quickly goes into the millions…
17
BWISE
INTERNAL AUDIT
17
Maintain Audit Universe
Workpaper Management
Audit Reporting
Findings & Issue Tracking
Yearly Audit Plan
Detailed Audit Planning
Audit Analytics
Audit Preparation
The Audit Cycle
19
Audit Dashboard
20
Evolving IIA standards
• “The CAE must establish risk-based plans to determine
the priorities of the internal audit activity, consistent with
the organization's goals”
• “Reporting must also include significant risk exposures
and control issues”
• “The internal activity must assist the organization by
identifying and evaluating significant exposures to risk
and contributing to the improvement of risk management
and control systems”
21
Risk based audit
• Leveraging ERM risk register
• Risk based audit planning
– Based on risk assessment
– Data analysis: risk & control data
– Audit cycles
• Risk based audit scoping
– Based on risk assessment
– Data analysis
• Making use of other GRC domains in the integrated
platform
22
The Future of Audit
22
Data Analytics
Traditional
Auditor
Traditional
Audit Analytics
Continuous
Monitoring
Audit Analytics
23
THANK YOU
23
Audit Software Watch Day
October 15th, 2014
Marcel Starink - Vice President
marcel.starink@bwise.com
top related