Process monitoring and_audit_sadhana

0 views

Published on

Published in: Business, Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
0
On SlideShare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
21
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Process monitoring and_audit_sadhana

  1. 1. P R E PA R E D B Y: S A D H A N A S I N G H M . T E C H ( S . E . ) PROCESS MONITORING AND AUDIT
  2. 2. CONTENTS  INTRODUCTION ABOUT AUDIT  ATTRIBUTES OF AN AUDIT FINDING  REASONS FOR AUDIT  CHARACTERISTICS OF AUDIT  KEY STEPS TO IMPLEMENTING CONTINUOUS AUDITING  AUDIT PROCESS  TYPES OF AUDITING  INTRODUCTION ABOUT MONITORING  CHARACTERISTICS OF MONITORING  RESEARCH PAPER 2 Process Monitoring and Audit
  3. 3. INTRODUCTION ABOUT AUDIT  Provides the means to understand performance versus established standards and identify areas for continued improvement.  Is a formal, systematic and disciplined approach designed to evaluate and improve the effectiveness of processes and related controls.  Is governed by professional standards, completed by individuals independent of the process being audited, and normally performed by individuals with one of several acknowledged certifications. 3 Process Monitoring and Audit
  4. 4. ATTRIBUTES OF AN AUDIT FINDING  CRITERIA: What should be  CONDITION: What is  CAUSE: Why the condition happened  EFFECT: The difference and significance between what is and what should be  RECOMMENDATION: Actions needed to correct the cause 4 Process Monitoring and Audit
  5. 5. REASONS FOR AUDIT  Verify processes  Assess successful process implementation  Judge effectiveness of target levels  Reduce and eliminate problem areas  Report non-conformance and corrections  Report good practices  Continual improvement 5 Process Monitoring and Audit
  6. 6. CHARACTERISTICS OF AUDIT  Formal review governed by professional standards  Completed by professionals independent of the operation  Formal, systematic and structured approach  Involves planning, sampling, testing, and validating  Formal communication with recommendations and corrective action measures  Documented follow-up of corrective actions  Audit accountability is typically to the Chief Audit Executive and the Audit Committee  Involves routine, formal communication to the Board and Management 6 Process Monitoring and Audit
  7. 7. KEY STEPS TO IMPLEMENTING CONTINUOUS AUDITING  Establishing priority areas.  Identifying monitoring and continuous audit rules.  Determining the process' frequency.  Configuring continuous audit parameters.  Following up.  Communicating results. 7 Process Monitoring and Audit
  8. 8. 8 Process Monitoring and Audit
  9. 9. AUDIT PROCESS Three elements:  Preaudit activities, those done in planning and preparing for the audit.  Onsite audit activities by the audit team, from gathering for and beginning the audit to reporting to management the results of the audit.  Postaudit activities, which include documenting the audit in an appropriate report format and then developing and executing a corrective action plan to address the improvement opportunities identified by the audit team. 9 Process Monitoring and Audit
  10. 10. TYPES OF AUDITING INTERNAL AUDIT Performed by trained employee EXTERNAL AUDIT Independent audit organization Certification 10 Process Monitoring and Audit
  11. 11. INTRODUCTION ABOUT MONITORING  Is an on-going process usually directed by management to ensure processes are working as intended.  Is an effective detective control within a process.  Is the routine, daily assessment of ongoing activities and progress, while evaluation is the periodic assessment of overall achievements.  Looks at what is being done, whereas evaluation examines what has been achieved or what impact has been made. 11 Process Monitoring and Audit
  12. 12. CHARACTERISTICS OF MONITORING  Often less structured than auditing, though audit techniques may be employed  Usually completed by operations or compliance personnel  Involves on-going checking and measuring  Can be periodic spot checks, daily/weekly/monthly tests  May identify the need for an audit  Accountability for monitoring is typically to operations leadership  Typically completed by department staff and communicated to department management  If completed in relation to a compliance work plan, formal communication to Chief Compliance Officer and Compliance Committee  May involve internal audit or compliance 12 Process Monitoring and Audit
  13. 13. RESEARCH PAPER SLO Auditing Task Analysis, Decomposition, and Specification -Hasan and Burkhard Stiller 13 Process Monitoring and Audit
  14. 14. CONTENT  INTRODUCTION  AUDIT TASK  AUDIT TASK DECOMPOSITION  AUDIT SPECIFICATION 14 Process Monitoring and Audit
  15. 15. INTRODUCTION  Is a widely applied concept for investigating the adequacy of a system against a set of requirements.  Traditional areas of auditing comprise financial auditing, compliance auditing with respect to governmental laws and regulations, and quality audits.  For Internet services two auditing areas are important: security and Service Level Management (SLM).  SLM deals with service levels as specified in an agreement between a customer and a service provider, termed Service Level Agreement (SLA). 15 Process Monitoring and Audit
  16. 16. AUDIT TASK  An audit is defined generally as a "systematic and independent examination of facts on system activities to determine the degree of compliance with a pre-defined set of specifications".  The pre-defined set of specifications is called a compliance specification. Based on this compliance specification an audit is applied to a set of related facts on a specific matter of interest.  The resulting degree of compliance constitutes the main part of an audit report. An audit report can be seen as a "derived" fact, which may or may not be used in the next audit depending on the compliance specification. 16 Process Monitoring and Audit
  17. 17.  COMPLIANCE SPECIFICATION: defines major requirements for a particular subject matter of interest to be audited.  An SLO is an example of a compliance specification.  Suppose is a QoS parameter to be audited and there are properties 1 , 2 , ..., , which are needed to describe , then, mathematically, a compliance condition for describes a function , which transforms the values of the properties to a number C representing the degree of compliance. This function is called compliance function, where the properties are variables of this function. = ( 1 , 2 , ..., ) 17 Process Monitoring and Audit
  18. 18.  FACTS AND AUDIT REPORT: A fact is a piece of information presented as having an objective reality, whereas an audit report stores information that characterizes examined list of facts and describes the outcome of the compliance examination.  A fact and an audit report is expressed using a list of Name-Value- Pairs, so that a generic auditing system can correctly interpret the values. 18 Process Monitoring and Audit
  19. 19.  AUDIT FUNCTION: An audit can be seen mathematically as a function with a compliance specification, facts, and previous audit reports as its input parameters and new audit reports as its results.  The function 0 is termed audit function and contains the audit algorithm to perform an audit task. = ( , , ) 19 Process Monitoring and Audit
  20. 20. 20 Process Monitoring and Audit
  21. 21. AUDIT TASK DECOMPOSITION 21 Process Monitoring and Audit
  22. 22.  Facts filtering: In order to audit a specific QoS parameter, only its related facts are required. The task to obtain these related facts is called filtering.  Facts grouping: For each QoS parameter, auditing is applied to each complete fact-list, e.g., facts associated to a PoP and a stream type in a particular time interval are audited separately from facts associated to other PoP, other stream types, or other time intervals. The task to sort a list of related facts to obtain a complete fact-list for each setting and time interval is called grouping.  Property values calculation: This subtask determines the value of each property of the QoS parameter from each complete fact-list. 22 Process Monitoring and Audit
  23. 23.  Compliance calculation: For each complete fact-list, this subtask calculates from the property values the degree of compliance according to the compliance condition of the compliance specification.  Report’s attributes calculation: If an audit report is to be generated, this subtask determines the name and the value of each attribute of the audit report. Some systems may want to generate an audit report only if there is a violation to the compliance specification. The inputs of this subtask may come from any output of the previous subtasks: facts grouping, property values calculation, and compliance calculation.  Report generation: This subtask generates a complete audit report from report attributes. 23 Process Monitoring and Audit
  24. 24. AUDIT SPECIFICATION  Facts Filtering Function Specification (FFSpec): a specification of a filter function to obtain a certain fact base from NewFacts.  Facts Grouping Function Specification (GFSpec): a specification of a grouping function to obtain complete factlists from a fact base.  Property Function Specification (PFSpec): a specification of a property function.  Compliance Function Specification (CFSpec): a specification of a compliance function.  Report’s Attribute Function Specification (AFSpec): a specification of a function which returns a report’s attribute value. 24 Process Monitoring and Audit
  25. 25.  : Compliance Calculation Specification (CCSpec) for Q, i.e., a specification to calculate the degree of compliance for Q by defining which FFSpec, GFSpec, PFSpecs, and CFSpec to be used.  : Report Composition Specification (RCSpec) for Q, i.e., a specification that defines a list of attribute names which compose an audit report, and assigns to each attribute a specification which is used to generate the attribute values. 25 Process Monitoring and Audit
  26. 26. CONCLUSION  Auditing tasks is the determination of compliance of facts with pre-defined specifications.  Auditing is the review of an organization’s quality system in order to achieve quality throughout the process.  Audits are the most effective when performed by qualified professionals who work together and are focussed on clear objectives. 26 Process Monitoring and Audit
  27. 27. THANK YOU 27 Process Monitoring and Audit

×