continuous auditing continuous monitoring of business controls discussant’s comments presented by:...

Continuous Auditing

Continuous Monitoring Of Business Controls

Discussant’s Comments

Presented by: Clyde Rogers – October, 2005

Overview

• High Level of Interest by Business Executives, Academics, Auditors and Technology Vendors

• Response to Changing Regulatory and Stakeholder Expectations and Requirements such as COSO and Sarbanes/Oxley

• Identification and Reporting of Information on “holistic/complete portfolio”, “process” and “close to or at real time”

Status – Next Steps

• Day to Day Practitioners Need to Move Implementation Phase Forward

• Siemens Project- Good Start. The Need was Identified by Siemens

• Brand Profile of Siemens and Rutgers

• High Quality Work in IT Area

• Leverage Point is the Business Case

Significant Benefits/Learning

• Pilot Scope aligned and formalized with Internal & External Audit

• Supported Year-End and Sarbanes/Oxley Compliance

• Risk Ranking and Weighting of Exceptions

• Gaining Access & Impact on Enterprise Systems

• Protecting Client Data

• Management of Alarm Floods

Recommendations

• Expand Participants such as Business Owners, Enterprise Risk & Governance and Audit – “Enterprise Wide”

• Additional Time is Worth the Effort – Build Consensus – Clarify Roles & Responsibilities

• Align to COSO Framework and SOX - Audit to Focus on Management’s Monitoring Model/Processes & Attestation

• Leverage Client Tools, Mapping, Risk Rankings & Duplication – Additional Savings/Effectiveness

Summary

• Continuous Auditing supports COSO, Sarbanes/Oxley

• Improves Effectiveness in the Management of Risk & Compliance

• Significant Cost Savings

• Technology is a Major Enabler

• Enterprise Wide Approach & Model