af Jana Hall 14 år siden
2455
Audit Planning
Brainstorming for audit planning and process improvements.
Audit Planning/Process
Action items
Ideas on how to carve out
audits to be more manageable
and more in-depth
What areas are too broad?
What made you uncomfortable?
Justification to rotate
through audit schedule
Leadership commitments
Ways to change committments
Justification
e.g. tiers
FFIEC governed areas
Are commitments definite?
SOX
"Need to do"
Joining Projects
Due diligence
Audit team members to
become members of
project teams outside
audit deptartment
Aligning w/
Skillsets and Technical
Knowledge
what falls under
finance team scope?
Fin. team to start taking
on more operational
audit areas in 2012
e.g. vendor mgmt
Major Gaps?
Self-reporting of ERR compliance
Pick critical areas
to cover on audits
Ensuring coverage of
compensating controls w/in ERA
E.g. Password reqs
Platform-based
work programs/audits
RXP
Mainframe
More detailed reviews
Evaluation of common processes
More like Remedy audit
Impact for locations
Accurate interdependency matrix
Risk Vision review
avoid missing areas
categorize
Application audits
ClearQuest
RMS
Endevor
Client contract risk
Central repository
no central handle on
contract mgmt or compliance
Scoping
Ensure testing addresses risks
Include product overview
during scoping call
Understand product
before audit fieldwork
Value-add - including all areas
committment to org.
Understand and document why and what
Challenges w/ federal examiners
Potential risk
Leverage Call
Program
Running ideas of what is
going on within BU
ETG involvement
understanding per BU
Process-based
Ensuring ownership
of functional areas
Vendor mgmt
Code Migration
e.g. Vendor Management or BCP
Sample across BUs
Limitations until initiatives
are implemented
