| Efficiently and Sustainably Addressing Audit Findings |
|
Many organizations believe their controls are in good shape until an adverse audit finding. These can have a dramatic effect on priorities in an organization as rapid action must be taken to secure permanent resolution to issues found by external or internal audit. When these issues arise, especially in systemic failures (which are usually related to the application support for key processes, such as Finance) the human effort to address them can be enormous and require lengthy activities. If these activities are one-time remediation projects, the underlying control is often not addressed and arises again after another year of dynamic business and organization change. The opportunity lies in deploying efficient and effective technology and processes to identify the real issues (without wasting time on ‘false positives’), rapidly remediate and implement automated preventive controls where possible. Some of the key audit findings that repeatedly arise include user access to sensitive applications and data (Access Certification, Segregation of Duties, Sensitive Access, Emergency Access etc), application configurations that do not support the key controls, master or static data which is uncontrolled, duplicated or inappropriately changed and business transactions that fail the most generally accepted accounting control principles. Of course, it is much less painful to address this process BEFORE the audit findings raise the temperature of the stakeholders! |
You are here :
Home 
ISSUES WE ADDRESS Issues We Address Efficiently and Sustainably Addressing Audit Findings
ISSUES WE ADDRESS Issues We Address Efficiently and Sustainably Addressing Audit Findings