![Page 1: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/1.jpg)
BWise
Audit Software Watch Day Brussels
October 15th, 2014
Marcel Starink, Vice President
![Page 2: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/2.jpg)
2
Nasdaq
guiding principles
2
INTEGRITY Build and maintain trust among the investing public through proper market regulation and ethical market operation.
TRANSPARENCY Provide open market information to traders, investors and regulators alike.
EFFECTIVENESS Maximize market efficiency through technology and innovation.
PASSION Dedicate ourselves tirelessly to our company,
customers, and our partners.
INNOVATION Support capital formation to fund the world’s growth and prosperity.
![Page 3: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/3.jpg)
4
BWISE
INTEGRATED GRC
4
![Page 4: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/4.jpg)
5
Control
+ ROI
Integrated GRC + BWise Software
Architecture
BWise solutions and functionality
Features & Functions, demos, proof of concepts
Boardroom
Silo Managers
Audit
IT
Legal
Ris
k
C
om
plia
nce
Susta
inabili
ty
5
Integrated GRC awareness The Enterprise
![Page 5: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/5.jpg)
6
The 4 levels in Risk Management
![Page 6: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/6.jpg)
7
Common Risk Language
![Page 7: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/7.jpg)
8
Frameworks drive Reporting
![Page 8: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/8.jpg)
9
GRC Journey evolution
9
Level o
f au
tom
atio
n
Au
tom
ate
d
Man
ual
Tim
elin
e: m
ed
ium
-term
(1 –
3 y
ea
rs)
Balanced Risk & Performance Management
Continuous Monitoring and Audit Analytics
Integrated GRC
Silo-Based Automation (GRC Tools)
Manual Processes
Confidential information – Copyright 2012 BWise
![Page 9: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/9.jpg)
10
Gerard Parker
Risk Management (RM)
Michael Bauer
Internal Control (IC)
Jackie McLaren
Compliance &
Policy Mngt (CPM)
Damian Thomson
IT GRC
Kim Lee
Sustainability
Performance
Management (SPM)
BWise® GRC Platform
Ann Green
Internal Audit (IA)
10
![Page 10: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/10.jpg)
11
BWISE
THE BUSINESS CASE
11
![Page 11: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/11.jpg)
12
the Risk landscape
Heathrow Terminal 5: BA apologises for chaos
Travel chaos at Heathrow Airport's new Terminal 5 worsened
today as the chief executive of British Airways admitted
the disruptions will continue until at least tomorrow.
PARIS — Société Générale, one of
the largest banks in Europe, was
thrown into turmoil Thursday after
it disclosed that a rogue employee
executed a series of “elaborate,
fictitious transactions” that cost the
bank more than $7 billion, the
biggest loss ever recorded by a
single trader.
Toxic baby milk shocks China Published: Thursday, 18-Sep
In China's latest food scare 6,000
babies have been poisoned and three
babies have died from drinking baby
milk tainted by the industrial chemical
melamine.
Melamine is a chemical used in plastics
and officials say they suspect it was
added to milk and then sold to
companies that produced infant
formula to possibly give the milk the
appearance of being higher in protein.
JPMorgan Scandal Puts Spotlight
on Operational Risks
Dangers involving people, processes and
systems are now a greater danger to big banks
than credit risk, according to Comptroller Thomas
Curry. The statement may be one of many
knockoff effects of JPMorgan Chase's recent
trading loss.
![Page 12: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/12.jpg)
13
Non-Compliance Financial Consequences
• Siemens: $800M for FCPA violation
• $15.33M BNP Paribas security services for internal fraud by an employee
• $277K fines for 3 US movie theatres for violating US Child Labor regulations
• Examples: http://www.sec.gov/news/press.shtml
• http://www.fsa.gov.uk/pages/about/media/facts/fines/index.shtml.
![Page 13: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/13.jpg)
14
C-Level: Held Personally Responsible
![Page 14: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/14.jpg)
15
C-Level: Why GRC is Top-of-Mind (Forrester)
1. Cost reduction
2. Loss prevention from operations and prevention of fines
3. Easier compliance
4. Balance business performance and risk
• But also….
– Organizational reputation
– Personal reputation
– Personal fines
Tired of balancing?
Risk Management in
Control with BWise
![Page 15: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/15.jpg)
16
Benefits of integrated GRC tools
1. Integrated view on all corporate risks, including risk of non-compliance
2. Efficient assessments in the business, asking questions once and
reusing answers (one version of the truth)
3. Single risk and control framework and risk language throughout the
company and integrated GRC reporting available to everyone
4. Implementation of one platform, not many point solutions, saving costs
5. Saving on external auditing
Companies spend 5% or more of revenue on compliance, saving costs
quickly goes into the millions…
![Page 16: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/16.jpg)
17
BWISE
INTERNAL AUDIT
17
![Page 17: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/17.jpg)
Maintain Audit Universe
Workpaper Management
Audit Reporting
Findings & Issue Tracking
Yearly Audit Plan
Detailed Audit Planning
Audit Analytics
Audit Preparation
The Audit Cycle
![Page 18: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/18.jpg)
19
Audit Dashboard
![Page 19: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/19.jpg)
20
Evolving IIA standards
• “The CAE must establish risk-based plans to determine
the priorities of the internal audit activity, consistent with
the organization's goals”
• “Reporting must also include significant risk exposures
and control issues”
• “The internal activity must assist the organization by
identifying and evaluating significant exposures to risk
and contributing to the improvement of risk management
and control systems”
![Page 20: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/20.jpg)
21
Risk based audit
• Leveraging ERM risk register
• Risk based audit planning
– Based on risk assessment
– Data analysis: risk & control data
– Audit cycles
• Risk based audit scoping
– Based on risk assessment
– Data analysis
• Making use of other GRC domains in the integrated
platform
![Page 21: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/21.jpg)
22
The Future of Audit
22
Data Analytics
Traditional
Auditor
Traditional
Audit Analytics
Continuous
Monitoring
Audit Analytics
![Page 22: BWise - IIABel · Nasdaq guiding principles 2 ... BWise® GRC Platform Ann Green Internal Audit (IA) 10 . 11 BWISE THE BUSINESS CASE 11 . 12 the Risk landscape ... security services](https://reader034.vdocuments.us/reader034/viewer/2022042413/5f2da9957a3b751d486a5f77/html5/thumbnails/22.jpg)
23
THANK YOU
23
Audit Software Watch Day
October 15th, 2014
Marcel Starink - Vice President