standardizing your compliance activities to implement
play

Standardizing Your Compliance Activities to Implement Data Analytics - PowerPoint PPT Presentation

Sep 29, 2023 •121 likes •427 views

Standardizing Your Compliance Activities to Implement Data Analytics and RPA #AuditBoardWebinars Jason Sechrist Director of Audit and Compliance Solutions AuditBoard Former Head IT Compliance and Internal Audit Volunteer Board/Audit

  1. Standardizing Your Compliance Activities to Implement Data Analytics and RPA #AuditBoardWebinars

  2. Jason Sechrist Director of Audit and Compliance Solutions AuditBoard Former Head IT Compliance and Internal Audit ▪ Volunteer Board/Audit Committee Member ▪ 16 years of IT Security Experience ▪ PwC / IT Risk Assurance / IT Consulting ▪ USAF Weather Systems ▪

  3. ▪ Define and differentiate data analytics, robotic process automation, and AI Learning ▪ Discuss best practices to standardize Objectives compliance activities in preparation for implementing RPA ▪ Understand how to leverage Data Analytics & RPA in IT Compliance to eliminate manual, redundant compliance activities, and improve overall efficiency and quality for control activities 3

  4. Define and Differentiate Data Analytics, Robotic Process Automation, and Artificial Intelligence

  5. Leveraging digital capabilities is a popular topic for internal audit teams, but many struggle to identify the right capability to use. 5

  6. There are several key considerations when selecting what controls are eligible for analytics or automation. 6

  7. With increased demand on the IA function, RPA and analytics present great opportunities to create efficiencies and drive value but often fall short of providing the anticipated value. 7

  8. Companies are realizing significant value from adopting innovative technologies and insight tools. 8

  9. A challenge for many organizations is the lack of resources and skill sets to drive a digital transformation journey forward 9

  10. Data Analytics

  11. Where to Start: Define what questions you want to answer using Data Analytics Sample Questions IT Audit/Compliance leaders should ask: • Where should your team be spending resources, personnel, and time? • What assets and what processes should I be prioritizing in my audit plan? • Could I use analytics to assess the effectiveness of controls? • Do I have a broad scope of things to assess (i.e. millions of transactions you need to sample from) where RPA could point out outliers and anomalies where you might find meaningful findings 11

  12. Where to Start: Gathering Your Resources • Is there a data governance committee at your organization you can work with? • Can they help you identify what data you have, where it’s stored, and how it’s formatted? • Is there standardization around sources? • What technology is being used in different systems (will depend on the data and where it’s coming from) • Can I extract the data myself, or do I need a system administrator to get the data from the system? 12

  13. Types of data sources that are helpful for doing data analytics in an IT Compliance context: Understanding the environment: • Where does the data reside? • Do you know path from source to data warehouse? Pull information from systems into a data analytics platform: • About assets (physical and data assets) from an inventory • Policy info from a content management tool • Controls/risks from GRC platforms and Jira • HR/Personnel data from TriNet or Workday 13

  14. Where to Start: Data Completeness & Accuracy Data analytics will not be successful without a good data warehouse • GIGO: The data you work with is only as good as the source • Agreement on source of truth • Dealing with post-acquisition 14

  15. Data Analytics Uses in IT Compliance Example: 15

  16. Data Analytics Uses in IT Compliance Example: 16

  17. Robotic Process Automation

  18. Benefits of RPA Accurate Available 24/7 Consistent Instantly Scalable More time for creative, insightful, value-add activity 18

  19. Challenges: Top reasons RPA fails during first implementation 1 2 Weak or no executive sponsorship Underestimate change management 3 4 Inadequate data completeness and Introduced too early within the accuracy transformation process 19

  20. Challenges: Top reasons RPA fails during first implementation Challenge 1 Weak or no executive sponsorship • Executive sponsorship enables the program to – Solicit support from leadership within other departments – Navigate a politically sensitive environment – Effectively escalate when encountering resistance 20

  21. Challenges: Top reasons RPA fails during first implementation Challenge 1 Weak or no executive sponsorship • Executive sponsorship enables the program to – Solicit support from leadership within other departments – Navigate a politically sensitive environment – Effectively escalate when encountering resistance Challenge 2 Change Management • Regardless the intentions of the program (FTE reduction, operational efficiency, etc), those impacted by RPA technology often react with anxiety upon first hearing of the tool. 21

  22. Challenges: Top reasons RPA fails during first implementation Challenge 2 Change Management • Regardless the intentions of the program (FTE reduction, operational efficiency, etc), those impacted by RPA technology often react with anxiety upon first hearing of the tool. Challenge 3 Inadequate Data Completeness and Accuracy • RPA is only as good as your data! 22

  23. Challenges: Top reasons RPA fails during first implementation Challenge 3 Inadequate Data Completeness and Accuracy • RPA is only as good as your data! Challenge 4 Introduced too early within the transformation process • Unfortunately, many companies try implementing RPA when they still have disparate, complex processes, yielding little to no ROI. • Therefore, RPA should be introduced once processes have been optimized. 23

  24. When should you implement RPA? At the Tail End of Transformation R O A S E Robotize Optimize Automate Standardize Eliminate 24

  25. The ESOAR methodology is a systematic framework used to enable transformation E Eliminate all unnecessary activities that impact time, cost, and effort. Addressing and eliminating the cause of waste and barriers to services shifts the focus to more value-added activities in your business operations, such as analysis. S Standardize similar routine processes in the same repetitive manner by using standard templates to run transactions with less time and effort. Standardization is a way to avoid the cost of ERP customization and drive best practices O Optimize using all the functions of existing tools to the maximum effect, including ERPs, processes, and workflows. Organizations often have the right tools, but don’t know to use them effectively. 25

  26. The ESOAR methodology is a systematic framework used to enable transformation A Automate standardized manual processes – oftentimes possible with existing technology. Automation reduces or eliminates manual work, while delivering increased transparency and control over the process, with extremely high levels of accuracy. R Robotize to drive efficiency in any remaining manual, repetitive, rule-based activities by simulating the activities of a human operator. Through a structured review of operations ESOAR allows us to understand current process drivers and enables next level of growth through transformation 26

  27. RPA Uses in IT Compliance 27

  28. Final Thoughts

  29. Organizations should start their digital transformation journey by defining specific objectives, measurable goals, and metrics that can be used to track against those items 29

  30. Thank You! Contact: jsechrist@auditboard.com

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Maspex is using AWS services for AWS allows us implement marketing activities IT

Maspex is using AWS services for AWS allows us implement marketing activities IT

Maspex is able to build and implement marketing campaigns on AWS in less than 30 minutes Maspex is using AWS services for AWS allows us implement marketing activities IT infrastructure for marketing AWS Auto Scaling and

90 views • 5 slides
T Towards a High-Level Programming d Hi h L l P i Language for Standardizing and Language

T Towards a High-Level Programming d Hi h L l P i Language for Standardizing and Language

T Towards a High-Level Programming d Hi h L l P i Language for Standardizing and Language for Standardizing and Automating Biology Protocols Vaishnavi Ananthanarayanan and William Thies Microsoft Research India Mi ft R h I di First

558 views • 28 slides
DY9 ROUND ONE DSRIP APRIL REPORTING April 15, 2020 KEY ACTIVITIES UPDATE Compliance Audit

DY9 ROUND ONE DSRIP APRIL REPORTING April 15, 2020 KEY ACTIVITIES UPDATE Compliance Audit

DY9 ROUND ONE DSRIP APRIL REPORTING April 15, 2020 KEY ACTIVITIES UPDATE Compliance Audit Requests Myers & Stauffer is the contracted compliance monitoring auditor New rounds of compliance audits are now ongoing Not all RHP 4

242 views • 22 slides
ON-FARM RESEARCH AND EXTENSION ACTIVITIES TO IMPLEMENT MB ALTERNATIVES: AN AREA WIDE INITIATIVE

ON-FARM RESEARCH AND EXTENSION ACTIVITIES TO IMPLEMENT MB ALTERNATIVES: AN AREA WIDE INITIATIVE

ON-FARM RESEARCH AND EXTENSION ACTIVITIES TO IMPLEMENT MB ALTERNATIVES: AN AREA WIDE INITIATIVE UPDATE R. M. Welker* 1 , J. G. Driver 1 , J.P. Smith 2 , and C.A. Schiemann 3 and F. J. Louws 1 1 Department of Plant Pathology, North Carolina State

221 views • 3 slides
Spotted Lanternfly Quarantine, Permit, Compliance Why Implement A Quarantine? Safeguard

Spotted Lanternfly Quarantine, Permit, Compliance Why Implement A Quarantine? Safeguard

Spotted Lanternfly Quarantine, Permit, Compliance Why Implement A Quarantine? Safeguard Pennsylvania Slow the spread of Spotted Lanternfly Assure Trading Partners Let science and technology advance Pennsylvania Known

423 views • 24 slides
1 Identification of High -Risk Customers Look at new and existing customers Consider

1 Identification of High -Risk Customers Look at new and existing customers Consider

Presentation for the Bank Compliance Association of Connecticut (BCAC) September 21, 2016 FDIC New York Region BSA Examinations in 2015: to p Program violation of 326.8(b)(1) - Failure Implement Adequate BSA Compliance

406 views • 4 slides
Contractual Compliance Update Contractual Compliance | ICANN 55 | 9 March 2016 Agenda

Contractual Compliance Update Contractual Compliance | ICANN 55 | 9 March 2016 Agenda

Contractual Compliance Update Contractual Compliance | ICANN 55 | 9 March 2016 Agenda Contractual Compliance Audit Activities Update Questions & Answers | 3 Contractual Compliance Audit Activities Update Link to the ICANN

179 views • 17 slides
Entrustable Professional Activities, Competencies and Milestones: Hope for Better Assessment

Entrustable Professional Activities, Competencies and Milestones: Hope for Better Assessment

Entrustable Professional Activities, Competencies and Milestones: Hope for Better Assessment Carol Carraccio, MD, MA Vice President Competency-based Assessment Programs American Board of Pediatrics Standardizing the Language Domain o of C

153 views • 11 slides
Standardizing data to analyse income inequality Anthony Shorrocks, UNU-WIDER United Nations, New

Standardizing data to analyse income inequality Anthony Shorrocks, UNU-WIDER United Nations, New

Standardizing data to analyse income inequality Anthony Shorrocks, UNU-WIDER United Nations, New York 6 May 2019 1 Standardizing data means producing new data values and/or estimating new concepts With a view towards

202 views • 6 slides
Compliance Matters Update on the Activities of the Payment Police By David R. Ross, Esq. Senior

Compliance Matters Update on the Activities of the Payment Police By David R. Ross, Esq. Senior

5/6/2019 Compliance Matters Update on the Activities of the Payment Police By David R. Ross, Esq. Senior Partner, OConnell and Aronowitz, P.C. Albany, New York The Arc of New York Compliance Conference May 7, 2019 1

279 views • 8 slides
How to implement data encryption at rest in compliance with enterprise requirements Steffen

How to implement data encryption at rest in compliance with enterprise requirements Steffen

How to implement data encryption at rest in compliance with enterprise requirements Steffen Mazanek, Louay Mresheh | 09/09/2019 Community Day 2019 Sponsors About the speakers Steffen Mazanek (AWS usergroup Dresden) Louay Mresheh AWS

945 views • 29 slides
How to Analyse an S-box, and, in the Process, Prove the Russian Standardizing Agency Wrong Lo

How to Analyse an S-box, and, in the Process, Prove the Russian Standardizing Agency Wrong Lo

How to Analyse an S-box, and, in the Process, Prove the Russian Standardizing Agency Wrong Lo Perrin Based on joint works with Biryukov, Bonnetain, Canteaut, Duval, Tian and Udovenko June 26, 2019 University of Rostock Introduction: S-Boxes

1.23k views • 83 slides
2015 Implementation Plan Constance White, Vice President of Compliance W E C C E S T E R

2015 Implementation Plan Constance White, Vice President of Compliance W E C C E S T E R

2015 Implementation Plan Constance White, Vice President of Compliance W E C C E S T E R N L E C T R I C I T Y O O R D I N A T I N G O U N C I L RAI Compliance Activities Overview Risk-based Compliance

447 views • 11 slides
SNFactory: when spectra help standardizing type Ia supernovae SNFactory E. Gangler For the

SNFactory: when spectra help standardizing type Ia supernovae SNFactory E. Gangler For the

SNFactory: when spectra help standardizing type Ia supernovae SNFactory E. Gangler For the SNFactory G. Aldering, P. Antilogus, C. Aragon, S. Bailey, C. Baltay, S. Bongard, K. Boone, C. Buton, M. Childress, N. Chotard, Y. Copin, P. Fagrelius,

621 views • 25 slides
Catching Up Step 2: Activities and Supplies Pre-Course work provides The Dog Gurus

Catching Up Step 2: Activities and Supplies Pre-Course work provides The Dog Gurus

9/29/16 Goal of Daycare 2.0 Master Mind To help you plan and implement the best possible Daycare 2.0 Program at your facility Launching Your Program Progress Not Perfec@on 2 www.safeoffleashdogplay.com Catching Up Step 2: Activities and

278 views • 3 slides
Standardizing point-of-care instrumentation: One Institutions Experience Brenda Suh-Lailam ,

Standardizing point-of-care instrumentation: One Institutions Experience Brenda Suh-Lailam ,

Standardizing point-of-care instrumentation: One Institutions Experience Brenda Suh-Lailam , PhD, DABCC, FACB Ann & Robert H. Lurie Childrens Hospital of Chica go Feinberg School of Medicine, Northwestern University Learning Objectives

776 views • 45 slides
A Statement on Standardization Orr Dunkelman 1 , Atul Luykx 2 , Lo Perrin 3 1 orrd@cs.haifa.ac.il

A Statement on Standardization Orr Dunkelman 1 , Atul Luykx 2 , Lo Perrin 3 1 orrd@cs.haifa.ac.il

A Statement on Standardization Orr Dunkelman 1 , Atul Luykx 2 , Lo Perrin 3 1 orrd@cs.haifa.ac.il 2 Atul.Luykx@esat.kuleuven.be 2 leo.perrin@uni.lu March 7, 2017 Fast Sofware Encryption 2017 ISO/IEC ISO, IEC ISO promotes worldwide

136 views • 9 slides
Blockchains, the web and standardization: the big opportunity conversation starter Keynote

Blockchains, the web and standardization: the big opportunity conversation starter Keynote

Blockchains, the web and standardization: the big opportunity conversation starter Keynote Arvind Narayanan Princeton University @random_walker Standardization: is it too soon? Are Bitcoin and other blockchains sound? Academic research on

445 views • 27 slides
Understanding and Mitigating the Tradeoff Between Robustness and Accuracy Aditi Raghunathan*

Understanding and Mitigating the Tradeoff Between Robustness and Accuracy Aditi Raghunathan*

Understanding and Mitigating the Tradeoff Between Robustness and Accuracy Aditi Raghunathan* Sang Michael Xie* Fanny Yang John C. Duchi Percy Liang Stanford University Adversarial examples Standard training leads to models that are not

619 views • 50 slides
Outline Assessing the precision of estimates of variance Estimates and standard errors

Outline Assessing the precision of estimates of variance Estimates and standard errors

Outline Assessing the precision of estimates of variance Estimates and standard errors components Summarizing mixed-effects model fits Douglas Bates A simple (but real) example Department of Statistics University of Wisconsin Madison A

371 views • 7 slides
Gaussian Multiscale Spatio-temporal Models for Areal Data Marco A. R. Ferreira (University of

Gaussian Multiscale Spatio-temporal Models for Areal Data Marco A. R. Ferreira (University of

Gaussian Multiscale Spatio-temporal Models for Areal Data Marco A. R. Ferreira (University of Missouri) Scott H. Holan (University of Missouri) Adelmo I. Bertolde (UFES) Outline Motivation Multiscale factorization The multiscale

974 views • 68 slides
Unit 2: Probability and distributions Lecture 3: Normal distribution Statistics 101 Thomas

Unit 2: Probability and distributions Lecture 3: Normal distribution Statistics 101 Thomas

Unit 2: Probability and distributions Lecture 3: Normal distribution Statistics 101 Thomas Leininger May 23, 2013 Announcements Announcements 1 Normal distribution 2 Normal distribution model 68-95-99.7 Rule Standardizing with Z scores

706 views • 67 slides
Introduction to Business Statistics QM 120 Chapter 6 Spring 2008 Chapter 6: Continuous

Introduction to Business Statistics QM 120 Chapter 6 Spring 2008 Chapter 6: Continuous

DEPARTMENT OF QUANTITATIVE METHODS & INFORMATION SYSTEMS Introduction to Business Statistics QM 120 Chapter 6 Spring 2008 Chapter 6: Continuous Probability Distribution 2 When a RV x is discrete, we can assign a positive probability to

646 views • 25 slides
The Normal Distribution The normal distribution plays a central role in probability theory and in

The Normal Distribution The normal distribution plays a central role in probability theory and in

ST 380 Probability and Statistics for the Physical Sciences The Normal Distribution The normal distribution plays a central role in probability theory and in statistics. It is often used as a model for the distribution of continuous random

197 views • 16 slides

More recommend