Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

PAWS - Pentana Audit Work System software


Published on

PAWS - Pentana Audit Work System software presentation

Published in: Business, Economy & Finance
  • Be the first to comment

PAWS - Pentana Audit Work System software

  1. 1. PAWS Pentana Audit Work System Audit and Risk Management Software and Services
  2. 2. Clients
  3. 3. <ul><ul><li>Who are they? </li></ul></ul><ul><ul><ul><li>Risk managers </li></ul></ul></ul><ul><ul><ul><li>Internal Auditors </li></ul></ul></ul><ul><ul><ul><li>Other Assurance Providers </li></ul></ul></ul><ul><ul><li>What do they do? </li></ul></ul><ul><ul><li>Why do they want PAWS software? </li></ul></ul>Users
  4. 4. <ul><ul><li>Automates and speeds up the process, notably report generation </li></ul></ul><ul><ul><li>Enable timely management review of work, particularly when reviewers are off-site </li></ul></ul><ul><ul><li>In-house development rarely works, is resource-dependent, expensive and often badly documented </li></ul></ul><ul><ul><li>A package should incorporate industry best-practice and lessons learnt in other companies </li></ul></ul><ul><ul><li>Enables better co-ordination between risk management, internal audit and other assurance providers </li></ul></ul>Some general reasons
  5. 5. <ul><ul><li>Conduct reviews to ensure that risks have been identified correctly and that risk mitigation is appropriate throughout the organisation </li></ul></ul><ul><ul><li>Check that key controls are working properly </li></ul></ul><ul><ul><li>Make recommendations to improve the controls in terms of both efficiency and effectiveness </li></ul></ul><ul><ul><li>Ensure that action is taken to rectify any weaknesses found </li></ul></ul><ul><ul><li>Report to the company’s Audit Committee on the overall effectiveness of management </li></ul></ul><ul><ul><li>Co-ordinate all the assurance activities in the company. </li></ul></ul>Internal auditors
  6. 6. <ul><ul><li>PAWS makes it much easier to reuse previous audit work. Setting up a traditional paper audit file is very time-consuming </li></ul></ul><ul><ul><li>Manual action tracking is very resource-hungry and frustrating. Often this is the key feature IA teams are looking for. </li></ul></ul><ul><ul><li>The system allows auditors to work off-site much more easily. </li></ul></ul><ul><ul><li>Audit reports can be generated very quickly, making them more useful to management. </li></ul></ul><ul><ul><li>Helps co-ordination with other assurance providers and the risk management team, reducing duplication and misunderstanding. </li></ul></ul><ul><ul><li>Enables IA assessment of risk to feed directly into the risk register. </li></ul></ul>Specific reasons - IA
  7. 7. <ul><ul><li>The official IRM definition of Risk Management: </li></ul></ul><ul><ul><li>Risk Management is the process which aims to help organisations understand, evaluate and take action on all their risks with a view to increasing the probability of their success and reducing the likelihood of failure. </li></ul></ul><ul><ul><li>Risk management gives comfort that the business is being effectively managed and helps the organisation confirm its compliance with corporate governance requirements. </li></ul></ul><ul><ul><li>Initially many organisations put Risk Management into the Internal Audit Department. Only recently are the two functions separating, although obviously still closely linked. Some companies still only have one function. </li></ul></ul>Risk management
  8. 8. <ul><ul><li>Create and verify the organisation’s risk profile by undertaking regular (usually quarterly) reviews and interviews </li></ul></ul><ul><ul><li>Gather information that might affect the risk profile: </li></ul></ul><ul><ul><ul><li>internal such as acquisitions or change in management </li></ul></ul></ul><ul><ul><ul><li>external such as changes in legislation or public opinion. </li></ul></ul></ul><ul><ul><li>Determine risk appetite and risk treatment </li></ul></ul><ul><ul><ul><li>How much risk can we tolerate? </li></ul></ul></ul><ul><ul><ul><li>How much do we need/want to spend on risk mitigation? </li></ul></ul></ul><ul><ul><ul><li>How do we mitigate risk? Controls? Insurance? Other? </li></ul></ul></ul>Risk managers
  9. 9. <ul><ul><li>Business Risk Self Assessment is becoming increasingly popular but is a very resource-heavy activity. PAWS makes it much easier to co-ordinate and monitor. </li></ul></ul><ul><ul><li>Internal Audit will always use the latest risk register and therefore focus their resources on the correct risks. </li></ul></ul><ul><ul><li>Good visual risk reports that senior management can understand at a glance. </li></ul></ul><ul><ul><li>Helps thinking on risk appetite, which can be a difficult concept to get to grips with. </li></ul></ul>Specific reasons - RM
  10. 10. <ul><ul><li>Health and Safety </li></ul></ul><ul><ul><li>Compliance </li></ul></ul><ul><ul><li>Security </li></ul></ul><ul><ul><li>Claims Inspectors </li></ul></ul><ul><ul><li>External Audit, etc. </li></ul></ul>Assurance providers <ul><ul><li>Conduct reviews to ensure that specific areas of risk have been addressed </li></ul></ul><ul><ul><li>Usually require specialist technical knowledge </li></ul></ul><ul><ul><li>Make recommendations to improve the controls in terms of both efficiency and effectiveness </li></ul></ul><ul><ul><li>Ensure that action is taken to rectify any weaknesses found </li></ul></ul>
  11. 11. <ul><ul><li>PAWS makes it much easier to reuse previous review work or set up and copy standard reviews which are often very specific or technical. </li></ul></ul><ul><ul><li>Electronic storage of working papers, particularly photographs, a big benefit </li></ul></ul><ul><ul><li>External Auditors can quickly assess the risk profile and the assurance work undertaken. </li></ul></ul>Specific reasons - Assurance
  12. 12. Risk Assessment Audit Plan Audit Schedule Audit 1 Audit 2 Audit 3 Suggested IA Process 1)
  13. 13. Plan Audit (staff, scope) Assess Risks and controls Interview Key Business Personnel Interviews Create Control Test Plan Data Analysis Testing (walkthru, sampling, etc) Findings Audit Report Actions Follow-ups Suggested IA Process 2)
  14. 14. <ul><li>Integration </li></ul><ul><ul><ul><li>Audit Planning </li></ul></ul></ul><ul><ul><ul><li>Risk Assessment </li></ul></ul></ul><ul><ul><ul><li>Work paper Management </li></ul></ul></ul><ul><ul><ul><li>Resource planning & time tracking </li></ul></ul></ul><ul><ul><ul><li>Issue and action tracking </li></ul></ul></ul><ul><li>Flexible reporting </li></ul><ul><ul><ul><li>Standard, report designer, Word/Excel links, custom reporting </li></ul></ul></ul>Pentana
  15. 15. <ul><li>Audit trails and history </li></ul><ul><li>System-enforced IAD standards </li></ul><ul><li>Improved security & control </li></ul><ul><li>Highly configurable user interface </li></ul><ul><li>Experienced audit-based assistance </li></ul><ul><li>May appear complex initially, but </li></ul><ul><ul><li>Needed to meet client requirements </li></ul></ul><ul><ul><li>Many functions can be hidden or made simpler through use of role based security </li></ul></ul>PAWS
  16. 16. PAWS
  17. 17. <ul><li>Technical proof of concept </li></ul><ul><li>Appoint a champion </li></ul><ul><li>Install on test/production server </li></ul><ul><li>Audit configuration </li></ul><ul><li>Pilot use </li></ul><ul><li>Reports and templates </li></ul><ul><li>Data conversion/interfaces </li></ul><ul><li>Training </li></ul>Implementation
  18. 18. Info: [email_address]