The Complete Picture: Integrated AuditsLevel: Intermediate
The presentation will focus on they key stages of an Integrated Audit and challenges that occurred along the way including how to get ahead of them:
Have you ever reviewed a new program and couldn’t decide whether to focus on the business side or the IT side? Or were both areas so critical to the functioning of the program, that you had to do both?
There will be a background section that will give context around why the soundness of this benchmark in all aspects was important not only for the Canadian Financial System but also for the reputation of the Bank.
Gaining an understanding of the business through involvements in the working group and the importance of this relationship building stage.
Mapping out the Process
Leveraging the work of international partners
Identifying Key Risks at Each Process Stage
Identifying the Need for an Integrated Audit
Identifying the Integrated Audit Team and Leveraging an Agile Approach
Identifying all key business areas across the bank and key contacts
Challenging the Business on the Testing Approach
Audit Needs to be at the Table
Identification of Risk Owners (IT or the Business)
Being Agile: When is the right time for audit to conduct its work
Ensuring all key risks areas are identified are signed off prior to go-live or risks accepted (hint: identify this early)
Relying or not relying on Expertise in the Second Line of Defence
Leveraging prior year audits to reduce audit scope
Collaborative Recommendations (Multiple Business Owners)
Certifying and Providing Assurance Statements
Integrated audits give an end-to-end view of a process and address risks to meeting program objectives including:
Business Processes and Controls
Information Technology Applications and Information Technology Infrastructure (Operating Systems, Databases and Associated Servers)
Reporting and Monitoring