The Future of Auditing and Fraud Detection – Re-imagining the art and science of auditing and fraud detection is coming to the forefront of risk management functions. What was seen as a “nice to have” a few years ago has become a “must have” as digital transformation and data surrounds all aspects of the organization.
Specific learning objectives include:
o See how analytics can maximize the annual audit plan and better ensure focus is placed on top organizational risks.
o Establish a framework to using analytics and automation across the entire audit lifecycle.
o Use the general ledger as a case study to provide a digital road map for analytics for detecting fraud (and errors) within the organization.
o Define the top company areas for data integration from structured, unstructured and external data sources.
o Highlight culturally what audit and fraud detection functions must do to embrace continuous embedded analytic reviews.
Data Analytics for Internal Auditors - Understanding SamplingJim Kaplan CIA CFE
Since the spread of IT systems has made it a pre-requisite that auditors as well as management have the ability to examine high volumes of data and transaction in order to determine patterns and trends. In addition, the increasing need to continuously monitor and audit IT systems has created an imperative for the effective use of appropriate data mining tools.
While a variety of powerful tools are readily available today, the skills required to utilize such tools are not. Not only must the correct testing techniques be selected but the effective interpretation of outcomes presented by the software is essential in the drawing of appropriate conclusions based on the data analysis. This 6 webinar series, based on Richard Cascarino’s book “Data Analytics for Internal Auditors” covers these skills and techniques.
Webinar 1 Understanding Sampling
Judgmental vs Statistical Sampling
Probability theory in Data Analysis
Types of Evidence
Population Analysis
Correlations and Regressions
IT Fraud Series: IT Fraud and Countermeasures - July 20, 2017
Description
Webinar Series Overview: In today’s world, fraud investigations have become an everyday part of corporate life and the auditor must gain expertise in this area.
The 8 part series will cover the tasks of the fraud auditor, Forensic techniques and tools and the abilities required of the fraud auditor, the type and nature of common frauds, investigating fraud, computer fraud and control, white collar crime, the auditor in court.
This session IT Fraud and Countermeasures
• Investigating by computer
• Document collection and analysis
• Interviewing skills
• Documenting evidence
• Testifying as a witness
Caveon Webinar Series - Lessons Learned from Using Statistics to Invalidate ...Caveon Test Security
The document summarizes a webinar discussing using statistics to invalidate test scores due to potential cheating. It includes questions from a moderator and answers from a panel on topics like the process for invalidating scores, types of statistics most useful for identifying cheating, challenges faced in implementing invalidation programs, and legal considerations around invalidations. The webinar emphasized having policies in place before conducting analyses and treating all similar cases consistently.
Kate Kenyon gave a presentation on content usability testing. She discussed testing content to identify gaps between strategy and practice, using results to inform decisions, and keeping stakeholders aligned. Testing provides quantifiable data on how content performs and business value. The goal is a regular testing process to gather usable data. Testing is part of a cycle of planning, making, testing, reviewing, and publishing content. Old processes plus some testing are insufficient; processes need to change first.
She provided examples of how she conducts testing, including mapping the landscape, prioritizing what to test, writing test cases, running tests, and reporting results. A case study described testing a bank's intranet to evaluate how well it supported global
This document announces a conference on risk-based monitoring in clinical trials taking place on November 5-6, 2015 in Philadelphia. The conference will discuss how risk-based monitoring involves more than just monitoring and focuses on managing risk throughout the entire clinical trial process from protocol design through analysis. Speakers will address topics like how FDA inspections have adapted to risk-based monitoring, the impact of risk-based monitoring on the role of monitors, integrating technology like eSource data capture to enable risk-based trials, and how smaller organizations can implement risk-based monitoring.
Cybersecurity breaches in the government seem to be all over the news. The sheer number and wild variety of sources for these breaches led us to wonder what federal agencies are really dealing with. SolarWinds® partnered with leading government research provider Market Connections to survey 200 federal IT and IT security professionals to find out their top cybersecurity concerns and the obstacles they face when implementing IT security strategies.
The results of our survey include:
Detailed insight into the threats, challenges, and sources of cybersecurity breaches the government faces in its IT infrastructure
Top hindrances in the implementation of appropriate IT security tools
Strategies and courses of action being deployed by federal IT professionals to remediate cybersecurity threats
These results demonstrate that a broad and concerning range of cybersecurity threats plague government agencies. Federal IT pros must consider taking a more pragmatic and unified approach to addressing the availability, performance, and security of their infrastructures.
Visit http://www.solarwinds.com/federal to learn more.
This document summarizes a presentation about setting vision and strategy for health IT leaders in dynamic times. It discusses exploring new leadership skills required for effective collaboration. It also addresses aligning technology strategies with organizational services and objectives. Additionally, it covers representing the organization to external partners to achieve business goals while leveraging technology. The presentation provides approaches for health IT leaders to develop an organizational vision and strategy that can adapt to changing conditions.
Data Analytics for Internal Auditors - Understanding SamplingJim Kaplan CIA CFE
Since the spread of IT systems has made it a pre-requisite that auditors as well as management have the ability to examine high volumes of data and transaction in order to determine patterns and trends. In addition, the increasing need to continuously monitor and audit IT systems has created an imperative for the effective use of appropriate data mining tools.
While a variety of powerful tools are readily available today, the skills required to utilize such tools are not. Not only must the correct testing techniques be selected but the effective interpretation of outcomes presented by the software is essential in the drawing of appropriate conclusions based on the data analysis. This 6 webinar series, based on Richard Cascarino’s book “Data Analytics for Internal Auditors” covers these skills and techniques.
Webinar 1 Understanding Sampling
Judgmental vs Statistical Sampling
Probability theory in Data Analysis
Types of Evidence
Population Analysis
Correlations and Regressions
IT Fraud Series: IT Fraud and Countermeasures - July 20, 2017
Description
Webinar Series Overview: In today’s world, fraud investigations have become an everyday part of corporate life and the auditor must gain expertise in this area.
The 8 part series will cover the tasks of the fraud auditor, Forensic techniques and tools and the abilities required of the fraud auditor, the type and nature of common frauds, investigating fraud, computer fraud and control, white collar crime, the auditor in court.
This session IT Fraud and Countermeasures
• Investigating by computer
• Document collection and analysis
• Interviewing skills
• Documenting evidence
• Testifying as a witness
Caveon Webinar Series - Lessons Learned from Using Statistics to Invalidate ...Caveon Test Security
The document summarizes a webinar discussing using statistics to invalidate test scores due to potential cheating. It includes questions from a moderator and answers from a panel on topics like the process for invalidating scores, types of statistics most useful for identifying cheating, challenges faced in implementing invalidation programs, and legal considerations around invalidations. The webinar emphasized having policies in place before conducting analyses and treating all similar cases consistently.
Kate Kenyon gave a presentation on content usability testing. She discussed testing content to identify gaps between strategy and practice, using results to inform decisions, and keeping stakeholders aligned. Testing provides quantifiable data on how content performs and business value. The goal is a regular testing process to gather usable data. Testing is part of a cycle of planning, making, testing, reviewing, and publishing content. Old processes plus some testing are insufficient; processes need to change first.
She provided examples of how she conducts testing, including mapping the landscape, prioritizing what to test, writing test cases, running tests, and reporting results. A case study described testing a bank's intranet to evaluate how well it supported global
This document announces a conference on risk-based monitoring in clinical trials taking place on November 5-6, 2015 in Philadelphia. The conference will discuss how risk-based monitoring involves more than just monitoring and focuses on managing risk throughout the entire clinical trial process from protocol design through analysis. Speakers will address topics like how FDA inspections have adapted to risk-based monitoring, the impact of risk-based monitoring on the role of monitors, integrating technology like eSource data capture to enable risk-based trials, and how smaller organizations can implement risk-based monitoring.
Cybersecurity breaches in the government seem to be all over the news. The sheer number and wild variety of sources for these breaches led us to wonder what federal agencies are really dealing with. SolarWinds® partnered with leading government research provider Market Connections to survey 200 federal IT and IT security professionals to find out their top cybersecurity concerns and the obstacles they face when implementing IT security strategies.
The results of our survey include:
Detailed insight into the threats, challenges, and sources of cybersecurity breaches the government faces in its IT infrastructure
Top hindrances in the implementation of appropriate IT security tools
Strategies and courses of action being deployed by federal IT professionals to remediate cybersecurity threats
These results demonstrate that a broad and concerning range of cybersecurity threats plague government agencies. Federal IT pros must consider taking a more pragmatic and unified approach to addressing the availability, performance, and security of their infrastructures.
Visit http://www.solarwinds.com/federal to learn more.
This document summarizes a presentation about setting vision and strategy for health IT leaders in dynamic times. It discusses exploring new leadership skills required for effective collaboration. It also addresses aligning technology strategies with organizational services and objectives. Additionally, it covers representing the organization to external partners to achieve business goals while leveraging technology. The presentation provides approaches for health IT leaders to develop an organizational vision and strategy that can adapt to changing conditions.
This document is a risk assessment report that contains several sections analyzing approaches to risk assessment for an organization's IT architecture. It discusses evaluating risk, qualitative and quantitative approaches, the organization's departments and how they interconnect, security certifications, and tools for conducting risk management research such as the Plus, Minus, Interesting method and applying the "what if" approach. The report provides an in-depth analysis of how to properly assess and manage risks to an organization's IT systems.
The EMR/EHR and Health IT Landscape for Sales ProfessionalsShahid Shah
This presentation was made to multiple national sale force teams who are selling EHRs and other health IT products.
Topics covered:
* Where do EMRs / EHRs fit and why?
* What are the most important considerations for customers?
* What are their top problems?
* How to approach customers with marketing messages that matter.
* How to cut through sales clutter.
Achieve Internet VP of Operations Marc Hermsmeyer and Dexcom Inc., Senior Marketing Manager Tom Hall speak about technology solutions for the Healthcare Industry using Open Source software, such as Drupal.
The Government is forcing technology innovation within the Healthcare industry yet there are very few solutions out there that are tailored for the specific requirements and needs of the Healthcare market. In past experiences with Dexcom and other Healthcare clients Achieve has leveraged the power of Drupal to create powerful solutions that drive patient outcomes, improve workflows, and remain compliant with rigorous regulatory requirements.
This presentation shines a light on the technology needs of the Healthcare market and how Drupal can meet those needs.
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...FireEye, Inc.
The law of unintended consequences strikes again. In an effort to address security risks in enterprise IT systems and the critical data in them, numerous security standards and requirement frameworks have emerged over the years. But most of these efforts have had the opposite effect — diverting organizations’ limited resources away from actual cyber defense toward reports and compliance.
Recognizing this serious problem, the U.S. National Security Agency (NSA) in 2008 launched Critical Security Controls (CSCs), a prioritized list of controls likely to have the greatest impact in protecting organizations from evolving real-world threats. This SANS Institute survey of nearly 700 IT professionals across a range of industries examines how well the CSCs are known in government and industry and how they are being used.
For the latest threat intelligence reports, visit https://www.fireeye.com/current-threats/threat-intelligence-reports.html.
For more course tutorials visit
www.newtonhelp.com
ACC 542 Week 1 Organizational Report to Stakeholders Case Study 1-22, p. 29
ACC 542 Week 2 Case Study Stingy Upstate University Case Study 5-27
High volume test automation in practiceandytinkham
A discussion of high volume test automation techniques (test automation techniques that enable a tester to run & evaluate arbitrarily many computer-assisted tests) and examples of different approaches to achieve high volume tests.
Taking the Physician's Pulse on Cybersecurityaccenture
Accenture and the American Medical Association (AMA) surveyed U.S. physicians regarding their experiences and attitudes toward cybersecurity. The findings suggest a strong need for improved cybersecurity education for physicians.
The 2016 Strategic Hospital Priorities Study examines the current direction of the industry and, in particular, how Medtech companies can capitalize on the many needs of hospital administrators.
While the healthcare market has steadily evolved since L.E.K. Consulting issued its first hospital study in 2010, many of the same trends remain in place — among them consolidation, non-acute care integration, accountability, technology enhancements and novel pricing schemes.
This Executive Insights addresses a number of key topics, including:
Hospital administrator’s chief priorities
Most valuable medtech services
Focus on IT spending
Outlook for outsourcing
The Barriers to Military Healthcare Technology Innovation and What We Can Do ...Shahid Shah
This briefing was presented at the Military Electronic Healthcare Records Symposium in Washington DC. It answers the following questions:
* Is disruptive innovation in military healthcare technology possible?
* What does innovation in military healthcare mean?
* Where are the major areas in military healthcare where innovation is required?
With much of the federal workforce engaging in some sort of business travel or remote work, organizations may benefit from implementing robust, standardized duty of care policies to better to ensure employee safety. GBC's recent survey of 431 senior-level federal employees takes a look at the current state of agency travel safety and management.
The document outlines trends in technology including increased processing power, data collection capabilities, and opportunities for applying analytics in life and physical sciences. It then summarizes the portfolio of several companies including pattern recognition, object recognition, forecasting, and expert systems applications. Examples are given of applications in industries like food processing, mass transit, and mail sorting that have led to cost savings through condition-based maintenance and reduced downtime.
Penetration testing is an essential security practice that assesses vulnerabilities in systems, networks, and web applications before attackers can exploit them. It involves gathering target information, identifying entry points, attempting to break in either virtually or for real, and reporting findings. Penetration testing should be done regularly to identify issues that vulnerability assessments and security tools may miss, as hackers develop new techniques daily. It is important for organizations of any size to conduct penetration testing to protect their business continuity, save money, and comply with regulations like GDPR.
SITEC eCommerce Class 202
Module: eCommerce Process 202
Title: Big Data Analytics: Challenges and Opportunities
Presenter: Dr: Poo Kuan Hoong, Senior Lecturer & Chairperson of Data Science Institute (Multimedia Institute)
Date: 24 May 2016
Venue: Selangor Digital Creative Centre (SDCC)
Improving Healthcare Operations Using Process Data Mining
It’s estimated that 80% of healthcare data is unstructured, which makes it challenging to do any sort of analytics to drive improvements in population health, patient care and operational efficiency. Machine learning techniques can be utilized to predict future events from similar past events, anticipate resource capacity issues and proactively identify bottlenecks and patient outcome risks. This session will provide an overview of how process data mining can be applied to healthcare and provide real-world examples of process data mining in action.
The document discusses strategies and solutions for accountable care organizations (ACOs) to improve patient outcomes and lower costs. It proposes an ACO Optimization Toolkit and ACO-ASK decision support system that use techniques like predictive modeling, text mining, and machine learning. Revenue projections show consulting revenues growing from $53 million in 2012 to over $200 million by 2018 as more ACOs adopt the solutions. The goal is to help providers succeed under new reimbursement models that emphasize quality and value over volume.
The document summarizes the results of Grant Thornton's 2012 survey of 300 chief audit executives (CAEs) in the United States. It finds that CAEs are shifting from a compliance focus to enhancing business value. While half of respondents said their organizations do not effectively use governance, risk, and compliance technology, data analytics use is growing. Emerging risks like cloud computing and cybersecurity require attention. Most CAEs expect their staffing levels to remain the same or increase and continue conducting fraud investigations and monitoring anti-corruption efforts.
All information, data, and material contained, presented, or provided on is for educational purposes only.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners.
It is not to be construed or intended as providing legal advice.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners and are for educational purposes only.
17 U.S. Code § 107 - Limitations on exclusive rights: Fair use
Notwithstanding the provisions of sections 106 and 106A, the fair use of a copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified by that section, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.
A Retrospective in Analytic Auditing and What’s Ahead
Description
The speaker will outline salient best practices in establishing an analytic program based on lessons learned looking back on the past two and a half decades. Specific learning objectives include:
o Review key dates in the last two decade’s timing that led to the advancement of audit data analytic programs.
o Highlight lessons learned over the years through case study examples.
o Outline the effective culture around the analytics program to serve as its foundation.
o Learn to apply analytics across the entire lifecycle from risk assessment, to planning, fieldwork, and reporting.
o Present analytic best practices being deployed by top performing organizations.
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Jim Kaplan CIA CFE
Join this webinar for an introduction to the Touchstone Research for Internal Audit, an unprecedented, global research of internal audit, from Wolters Kluwer TeamMate. This session will review study approach and scope, key initial findings, a look at benchmarking, and a preview of future insights. Find out what nearly 1,000 internal audit and controls professionals have to say across about the current and future state of internal audit.
Learning Objectives:
Learn the objective of the Touchstone Research for Internal Audit
Understand how the Touchstone Maturity Model can benefit Internal Audit teams
Learn why the Touchstone Research Benchmarks for Internal Audit can be a planning tool
Selecting the right Computer Assisted Audit Tool may appear to be a huge undertaking; however, following a systematic approach eases the burden. The right approach minimizes the risk of selecting a product that might not fit into your organization, which could impair your function as it sits underutilized or on the shelf. While point and click visual style tools are settling into the market, many auditors rely on the legacy step-by-step software tools such as ACL, IDEA, Excel and “add-on” tools.
Many chief auditors pursue opportunities to increase the frequency and intensity of interactions with management and realize nothing gets attention faster than finding previously undetected anomalies in company data. Finding the right issues quickly and timely improves the value of audit and can assist audit in winning more work.
Attending this webinar you will learn:
· Identify analysis and financial constraints
· Scoping and defining audit strategic objectives
· Reviewing selection field based on Technical needs
· Building a short/long term on-boarding roadmap
· Realize the lost opportunity of not including all auditors (no auditor left behind)
This document is a risk assessment report that contains several sections analyzing approaches to risk assessment for an organization's IT architecture. It discusses evaluating risk, qualitative and quantitative approaches, the organization's departments and how they interconnect, security certifications, and tools for conducting risk management research such as the Plus, Minus, Interesting method and applying the "what if" approach. The report provides an in-depth analysis of how to properly assess and manage risks to an organization's IT systems.
The EMR/EHR and Health IT Landscape for Sales ProfessionalsShahid Shah
This presentation was made to multiple national sale force teams who are selling EHRs and other health IT products.
Topics covered:
* Where do EMRs / EHRs fit and why?
* What are the most important considerations for customers?
* What are their top problems?
* How to approach customers with marketing messages that matter.
* How to cut through sales clutter.
Achieve Internet VP of Operations Marc Hermsmeyer and Dexcom Inc., Senior Marketing Manager Tom Hall speak about technology solutions for the Healthcare Industry using Open Source software, such as Drupal.
The Government is forcing technology innovation within the Healthcare industry yet there are very few solutions out there that are tailored for the specific requirements and needs of the Healthcare market. In past experiences with Dexcom and other Healthcare clients Achieve has leveraged the power of Drupal to create powerful solutions that drive patient outcomes, improve workflows, and remain compliant with rigorous regulatory requirements.
This presentation shines a light on the technology needs of the Healthcare market and how Drupal can meet those needs.
SANS 2013 Report on Critical Security Controls Survey: Moving From Awareness ...FireEye, Inc.
The law of unintended consequences strikes again. In an effort to address security risks in enterprise IT systems and the critical data in them, numerous security standards and requirement frameworks have emerged over the years. But most of these efforts have had the opposite effect — diverting organizations’ limited resources away from actual cyber defense toward reports and compliance.
Recognizing this serious problem, the U.S. National Security Agency (NSA) in 2008 launched Critical Security Controls (CSCs), a prioritized list of controls likely to have the greatest impact in protecting organizations from evolving real-world threats. This SANS Institute survey of nearly 700 IT professionals across a range of industries examines how well the CSCs are known in government and industry and how they are being used.
For the latest threat intelligence reports, visit https://www.fireeye.com/current-threats/threat-intelligence-reports.html.
For more course tutorials visit
www.newtonhelp.com
ACC 542 Week 1 Organizational Report to Stakeholders Case Study 1-22, p. 29
ACC 542 Week 2 Case Study Stingy Upstate University Case Study 5-27
High volume test automation in practiceandytinkham
A discussion of high volume test automation techniques (test automation techniques that enable a tester to run & evaluate arbitrarily many computer-assisted tests) and examples of different approaches to achieve high volume tests.
Taking the Physician's Pulse on Cybersecurityaccenture
Accenture and the American Medical Association (AMA) surveyed U.S. physicians regarding their experiences and attitudes toward cybersecurity. The findings suggest a strong need for improved cybersecurity education for physicians.
The 2016 Strategic Hospital Priorities Study examines the current direction of the industry and, in particular, how Medtech companies can capitalize on the many needs of hospital administrators.
While the healthcare market has steadily evolved since L.E.K. Consulting issued its first hospital study in 2010, many of the same trends remain in place — among them consolidation, non-acute care integration, accountability, technology enhancements and novel pricing schemes.
This Executive Insights addresses a number of key topics, including:
Hospital administrator’s chief priorities
Most valuable medtech services
Focus on IT spending
Outlook for outsourcing
The Barriers to Military Healthcare Technology Innovation and What We Can Do ...Shahid Shah
This briefing was presented at the Military Electronic Healthcare Records Symposium in Washington DC. It answers the following questions:
* Is disruptive innovation in military healthcare technology possible?
* What does innovation in military healthcare mean?
* Where are the major areas in military healthcare where innovation is required?
With much of the federal workforce engaging in some sort of business travel or remote work, organizations may benefit from implementing robust, standardized duty of care policies to better to ensure employee safety. GBC's recent survey of 431 senior-level federal employees takes a look at the current state of agency travel safety and management.
The document outlines trends in technology including increased processing power, data collection capabilities, and opportunities for applying analytics in life and physical sciences. It then summarizes the portfolio of several companies including pattern recognition, object recognition, forecasting, and expert systems applications. Examples are given of applications in industries like food processing, mass transit, and mail sorting that have led to cost savings through condition-based maintenance and reduced downtime.
Penetration testing is an essential security practice that assesses vulnerabilities in systems, networks, and web applications before attackers can exploit them. It involves gathering target information, identifying entry points, attempting to break in either virtually or for real, and reporting findings. Penetration testing should be done regularly to identify issues that vulnerability assessments and security tools may miss, as hackers develop new techniques daily. It is important for organizations of any size to conduct penetration testing to protect their business continuity, save money, and comply with regulations like GDPR.
SITEC eCommerce Class 202
Module: eCommerce Process 202
Title: Big Data Analytics: Challenges and Opportunities
Presenter: Dr: Poo Kuan Hoong, Senior Lecturer & Chairperson of Data Science Institute (Multimedia Institute)
Date: 24 May 2016
Venue: Selangor Digital Creative Centre (SDCC)
Improving Healthcare Operations Using Process Data Mining
It’s estimated that 80% of healthcare data is unstructured, which makes it challenging to do any sort of analytics to drive improvements in population health, patient care and operational efficiency. Machine learning techniques can be utilized to predict future events from similar past events, anticipate resource capacity issues and proactively identify bottlenecks and patient outcome risks. This session will provide an overview of how process data mining can be applied to healthcare and provide real-world examples of process data mining in action.
The document discusses strategies and solutions for accountable care organizations (ACOs) to improve patient outcomes and lower costs. It proposes an ACO Optimization Toolkit and ACO-ASK decision support system that use techniques like predictive modeling, text mining, and machine learning. Revenue projections show consulting revenues growing from $53 million in 2012 to over $200 million by 2018 as more ACOs adopt the solutions. The goal is to help providers succeed under new reimbursement models that emphasize quality and value over volume.
The document summarizes the results of Grant Thornton's 2012 survey of 300 chief audit executives (CAEs) in the United States. It finds that CAEs are shifting from a compliance focus to enhancing business value. While half of respondents said their organizations do not effectively use governance, risk, and compliance technology, data analytics use is growing. Emerging risks like cloud computing and cybersecurity require attention. Most CAEs expect their staffing levels to remain the same or increase and continue conducting fraud investigations and monitoring anti-corruption efforts.
All information, data, and material contained, presented, or provided on is for educational purposes only.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners.
It is not to be construed or intended as providing legal advice.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners and are for educational purposes only.
17 U.S. Code § 107 - Limitations on exclusive rights: Fair use
Notwithstanding the provisions of sections 106 and 106A, the fair use of a copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified by that section, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.
A Retrospective in Analytic Auditing and What’s Ahead
Description
The speaker will outline salient best practices in establishing an analytic program based on lessons learned looking back on the past two and a half decades. Specific learning objectives include:
o Review key dates in the last two decade’s timing that led to the advancement of audit data analytic programs.
o Highlight lessons learned over the years through case study examples.
o Outline the effective culture around the analytics program to serve as its foundation.
o Learn to apply analytics across the entire lifecycle from risk assessment, to planning, fieldwork, and reporting.
o Present analytic best practices being deployed by top performing organizations.
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Jim Kaplan CIA CFE
Join this webinar for an introduction to the Touchstone Research for Internal Audit, an unprecedented, global research of internal audit, from Wolters Kluwer TeamMate. This session will review study approach and scope, key initial findings, a look at benchmarking, and a preview of future insights. Find out what nearly 1,000 internal audit and controls professionals have to say across about the current and future state of internal audit.
Learning Objectives:
Learn the objective of the Touchstone Research for Internal Audit
Understand how the Touchstone Maturity Model can benefit Internal Audit teams
Learn why the Touchstone Research Benchmarks for Internal Audit can be a planning tool
Selecting the right Computer Assisted Audit Tool may appear to be a huge undertaking; however, following a systematic approach eases the burden. The right approach minimizes the risk of selecting a product that might not fit into your organization, which could impair your function as it sits underutilized or on the shelf. While point and click visual style tools are settling into the market, many auditors rely on the legacy step-by-step software tools such as ACL, IDEA, Excel and “add-on” tools.
Many chief auditors pursue opportunities to increase the frequency and intensity of interactions with management and realize nothing gets attention faster than finding previously undetected anomalies in company data. Finding the right issues quickly and timely improves the value of audit and can assist audit in winning more work.
Attending this webinar you will learn:
· Identify analysis and financial constraints
· Scoping and defining audit strategic objectives
· Reviewing selection field based on Technical needs
· Building a short/long term on-boarding roadmap
· Realize the lost opportunity of not including all auditors (no auditor left behind)
How analytics should be used in controls testing instead of samplingJim Kaplan CIA CFE
Sampling has existed as a standard for controls testing since controls testing began. We’ve developed algorithms to tell us how many samples we should pull and how many errors we can have and still pass the control. We’ve even developed algorithms to tell us how many more samples we can test if the control didn’t pass the first time.
If your goal is simply to do the minimum to pass a SOX audit, then these behaviors should probably continue. If your goals also include really improving the operations of the organization to make it stronger then a more holistic approach is needed, such as analysis on 100% of the population, rather than a small sample.
Most controls analytics do not require a degree in data science, but they do require the controls team begin changing its behaviors. Join us to understand what it takes to begin this change, it’s not as challenging as you might think.
Learning Objectives
Understanding the advantages of analytics vs sampling
How to Identify controls where analytics can be applied
Real life examples of controls and their associated analytics
How to effect a change
How analytics should be used in controls testing instead of sampling Jim Kaplan CIA CFE
Sampling has existed as a standard for controls testing since controls testing began. We’ve developed algorithms to tell us how many samples we should pull and how many errors we can have and still pass the control. We’ve even developed algorithms to tell us how many more samples we can test if the control didn’t pass the first time.
If your goal is simply to do the minimum to pass a SOX audit, then these behaviors should probably continue. If your goals also include really improving the operations of the organization to make it stronger then a more holistic approach is needed, such as analysis on 100% of the population, rather than a small sample.
Most controls analytics do not require a degree in data science, but they do require the controls team begin changing its behaviors. Join us to understand what it takes to begin this change, it’s not as challenging as you might think.
Learning Objectives
Understanding the advantages of analytics vs sampling
How to Identify controls where analytics can be applied
Real life examples of controls and their associated analytics
How to effect a change
Today's fast-paced and evolving business environment requires internal audit to consider its capabilities and needs to ensure appropriate strategic planning. How can CAEs develop strategic plans that result in their stakeholders viewing the audit function as “highly effective”?
Our research has found an approach that builds on three dimensions of effectiveness that must be addressed to be highly effective:
• Meeting stakeholder expectations
• Operating core processes
• Conforming to internal audit standards and applicable regulatory requirements
Learning Objectives
In this session, participants will:
• Discuss the need for and importance of strategic planning within the internal audit function
• Explore the 3 dimensions that contribute to a highly effective internal audit function
• Populate a framework to understand how processes and expectations are aligned and where changes need to occur
• Develop an initial strategic vision based on an understanding of stakeholder expectations
Visualizing data has become one of the hottest trends in analytics not only because it works to more quickly identifying anomalies but in also explaining the results to management. In this case study focused webinar, you’ll learn how to translate unwieldy files of financial data into a single compact scattergraph, pie chart, or overlay—and then “sample with pictures” by picking out the key items that merit sampling and follow-up.
Specific learning objectives include:
o Understand graph types and their different analytical strengths from an audit perspective
o Learn best practices in dahsboarding results through a review of a variety of example dashboard templates
o Be able to score records based on various audit reports to improve your effectiveness and reduce false positives in your samples
o See how to quickly turn a visualization exercise into a sampling approach by sampling multiple categories to identify highest-risk items.
o Use auto-formatting and dynamic data-grabbing tools so new data can create new graphs each audit period, at the touch of a button
o Integrate statistics into your visualizations to extract the most exceptional sample units
How to get auditors performing basic analytics using excel Jim Kaplan CIA CFE
It has been said that the definition of crazy is doing the same thing over and over again and expecting a different result. If your audit analytics program is still not meeting your expectations, you are going to have to do something different to change that outcome. The biggest hurdle organizations need to overcome is getting auditors to think differently about what analytics is. Excel might not be the ultimate analytics tool for your organization but attend this webinar to see how you can use it as a catalyst for change throughout the audit team.
Learning Objectives
Learn non-technical skills auditors need to perform audit analytics
Learn commonly used Excel functions that can be applied to audit analytics
Learn how to get auditors started down a path of thinking about analytics vs automatically pulling samples
Structuring your organization for success with data analytics Jim Kaplan CIA CFE
Webinar Description: In my years leading data analytics projects and teams, I have come across several different structures for the integration of DA. Some were at large multinational corporations and others were at small- and medium-sized organizations, including government bodies. Today, we'll look at four different models for the management of data analytics in Internal Audit departments. The key characteristics of each model will be described, as well as the strengths and weaknesses.
Participant Outcomes: By the end of this session, participants will be able to identify the model which best fits their organization.
While the use of Data Analytics produces excellent results, they’re commonly applied in a tactical way for specific functional areas within an organization. This tactical approach often falls short of realizing the full potential of Data Analytics. Going beyond initial results, a more systematic approach to Data Analytics can help drive organizational learning (human and machine) from the various remediation processes.
In this Webinar, we’ll discuss 3 areas of Analytics Automation: (1) Producing the findings, (2) Managing the findings, and (3) Learning from the findings.
Key takeaways:
· The value of Analytics Automation
· Understanding the various technologies (i.e. RPA, AI, etc.)
· Practical ideas for deploying and managing Analytics Automation
· Using a more structured approach to remediation exceptions
· Benefits of Root Cause Analysis
· Using Analytics Automation to get a broader, more complete view of your organization over time
Internal audit is a profession that struggles against the stereotypes of our past. When we explore our current processes and methodologies, one area that needs attention is executing the audit plan. If our focus is setting a plan in motion and tracking to completion each year, then we are not able to react to changes in our organizations. Financial services organizations face additional challenges in trying to balance emerging risks with the requirements of the regulatory authorities. By embracing the concept of agile auditing, we will be able to adjust more quickly and act as a more relevant partner to our organizations.
Learning Objectives
• Understand the concept of agile auditing
• Identify areas for applying agile techniques
• Discuss a strategy for successfully implementing agile audit
Internal Audit's Role in Ethics, Governance, & CultureJim Kaplan CIA CFE
The internal auditor has a unique and challenging role when it comes to improving the governance processes of their organization. Exercising objective judgment and maintaining professional integrity are essential roles of the internal auditor; however these roles may become undermined when strong political or cultural pressures are at play. This webinar will help internal auditors prepare for and successfully navigate through these pressures should they be encountered.
Learning Objectives:
• Understand how the IIA Code of Ethics applies to Internal Auditors
• Apply “IIA Standard 2110 – Governance” as a key resource
• Assess ethics in light of internal audit independence
• Gain insight to how organizational culture affects ethical behavior
• Evaluate independence and objectivity using a framework
Who will benefit:
Corporate Directors
Corporate Officers
Fraud & Forensic professionals
Audit professionals
Risk professionals
Compliance professionals
Legal professionals
Ethics professionals
Governance professionals
Finance and Accounting Professionals
This document provides an overview of data protection impact assessments (DPIAs) and the role of the data protection officer (DPO) under the General Data Protection Regulation (GDPR). It discusses when DPIAs are required, the DPIA process, how to identify and assess risks, select controls, and ensure continuous monitoring. It also outlines the DPO requirements, including the need for independence and expertise. The DPO is responsible for enabling compliance and fostering a data protection culture.
Internal auditors regularly access organization information for audit purposes. Many organizations now maintain computerized data warehouses containing useful management and financial information. Audit professionals therefore need to understand both the concepts of data warehousing as well as data mining techniques.
Data warehousing is a process for assembling and managing data from various sources for the purpose of gaining a single, detailed view of part or all of a business.
Data mining is the use of automated tools to explore and analyze large amounts of data stored in those data warehouses.
Print reports represent a valuable source of unstructured data which can be useful for internal auditors. Using print reports for data mining will be the main area covered in this Webinar.
Objectives
1. Identify the difference between data analysis and data mining Understand the importance between structured and unstructured data
2. Learn tips and best practices for data mining print reports
3. Understand how excel and IDEA handle importing different PDF formats
4. How to use templates to make future imports a one button task
World class auditors know one of the best ways to fight the fraud risk is to be sure outsource agreements include a Right to Audit clause. Auditors feel good and sleep tight when their client tells them “of course we included the one we use all of the time”. The real test is when glitches and anomalies appear and management asks auditing to do a quick visit with the third party organization.
The discussion will offer insights into:
· Best practices audit clause language
· Compliance, operational and/or financial audit
· Plan in advance or surprise visit
· Books and records
· Location of audit
· Who can or should conduct the audit
· Impact of absence of a Service Level Agreement (SLA)
Everyone is talking about the disruption that will impact our work as auditors as businesses deploy technology and analytics at an accelerated pace. The agile auditor is preparing NOW for these changes and acquiring the skills necessary to practice effective analytics.
But, the huge challenge is taking that first step from where auditors are now, to where we want to go.
In this session, Dr. Appelbaum will explain how to start an analytics project by sharing a broad overview of the benefits of analytics and a framework for project creation. Special insights will be provided on data preparation, as this is a major bottleneck for many data projects, along with real case studies to demonstrate the importance of data quality and audit objective alliance.
Learning Objectives
• Learn how to build a framework for an audit analytics project and customize it based on audit objective, data and software tools available
• Discuss the issues of data quality and gain tips to prepare the data for analysis
• See these concepts with real case data and applications of projects that worked
• Have your concerns about getting started with an analytics project and how to successfully complete it addressed
How to use ai apps to unleash the power of your audit program Jim Kaplan CIA CFE
Artificial Intelligence (AI) is found in just about every industry today, and accounting and auditing are no exception. Auditors that aren’t already exploring the vast potential of AI-powered applications in their audit program will soon find these tools are the industry standard and will be left in the dust if they don’t adapt and adopt.
To learn how to easily use AI apps in audit today, join us as we welcome Deniz Appelbaum, Assistant Professor at Montclair State University, for this exclusive presentation. With deep experience in audit analytics, Big Data, blockchain, audit automation, and fraud detection, Appelbaum brings considerable practical experience with audit technology to the audit profession.
In this presentation, she will help guests:
● Gain a basic introductory understanding of AI in audit.
● Understand how AP applications can be used in the context of auditing.
● Learn how to use AI apps in an audit for specific, achievable, measurable results.
The fieldwork phase is the heart of the audit process. Everything auditors do in the planning phase drives them to do the right things in fieldwork. Everything auditors do in the reporting phase relates to what was found in fieldwork. Everything auditors do in the follow-up phase relates to the issues identified in fieldwork. This webinar will focus on the testing for control effectiveness. This includes capturing the best audit evidence and documenting quality work in the workpapers. This helps ensure that any competent third party person can re-perform the work and come to the same conclusion.
This webinar is for auditors who want to understand the key elements of the fieldwork phase of the audit process.
The learning objectives include the following:
- Learn about internal control terminology
- Learn about testing techniques and workpaper quality
- Learn about audit evidence
- Learn about workpaper documentation guidelines
Learn about Issues & Recommendations (I&Rs)
As stated in the Institute of Internal Auditors IPPF, “The internal audit activity must evaluate the potential for the occurrence of fraud and how the organization manages fraud risk (2120.A2)”.
How is your auditing function meeting this professional expectation? The time to test fraud controls is before you have a fraud. Testing fraud controls is more commonly referred to as an “anti-fraud” assessment and is typically conducted by auditors as a consulting service. How long has it been since a comprehensive review was conducted at your organization? Once completed, as the company changes over time, sections of the first review should be updated.
This webinar will cover:
· How strong are your controls?
· Are you looking for fraud or is fraud looking for you?
· The time to detect directly impacts the chances of recovery
· Shell Vendors uncovered made the headlines in 2016
· Looking for signs of complacency in the workplace
· A robust organizational COSO based framework that organizes your work from cradle to grave
· Working paper and check list recommendations
· Actual audit report sample (with author identification removed)
This document summarizes a webinar about using exploratory data analytics to focus an agile audit plan on emerging risks. It discusses dispelling common myths about data analytics and using an example of analyzing employee data to identify potential issues with gender and race pay disparities. The webinar promotes using analytics to enable control owners to conduct ongoing monitoring and shifting the audit's focus to confirming controls are appropriately designed and issues are addressed.
Controls that are designed to mitigate the risk of fraud are not perfect. Enterprise software such as Oracle and SAP may have built-in controls, but they are limited in scope to the data and processes that the software "touches". The most successful fraudsters know how to exploit interfaces between different processes and systems. Furthermore, the typical fraud case persists for 14 months prior to detection*.
Deploying data analytics for continuous testing can overcome many of the limitations of traditional fraud detection. Timely and appropriate detection will help organizations mitigate the impact of frauds. Robust fraud detection systems will also act as powerful deterrents.
*ACFE Report to the Nations: 2020 Global Study on Occupational Fraud and Abuse
Learning Objectives
In this session we will raise awareness of the various types of frauds and how they can be detected using automated data analysis techniques.
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 10
• Handling data subject access requests (DSARs).
• The roles of controllers and processors, and the relationships between them.
• Transferring personal data outside the EU and the mechanisms for compliance.
• How to become GDPR compliant using a compliance gap assessment
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 9
• Why and how to conduct a data mapping exercise.
• The rights of data subjects.
• Giving and withdrawing consent.
A recent survey report, Fraud in the Wake of COVID-19: Benchmark Report, prepared by the ACFE, explains that recent events have opened the door to increased pressure, reasonings and opportunities that can lead to occupational fraud. Across all classes of fraud schemes 68% of survey respondents reported increases in fraudulent activity as of May 2020 and 93%o reported they expect an increase in fraud over the next 12 months.
To guide auditors in running detective controls, join Mark Nigrini, West Virginia University Professor and author, and Jeffrey Sorensen, Industry Strategist, for an exclusive review of the fingerprints of fraud numbers. This two-person team will review seven categories of fraud numbers and will demonstrate how to identify these types of numbers using audit software.
In this informative and engaging presentation, attendees will:
● Learn the seven categories of fraud numbers
● Understand which categories are linked to specific types of schemes
● Optimize the steps needed to run the tests
● Interpret the results to identify audit targets
● Apply a second layer of steps to reduce the number of false positives
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 8
• The security of personal data.
• An organizational risk management framework.
• Legal requirements for a DPIA.
• How to conduct a DPIA with a DPIA tool.
Learning about outliers and how to detect them in transactions of all types.
Learning Objectives: This webinar will explain the significance of outliers when testing transactions, whether they are vendor invoices, GL postings, or travel & entertainment expenses. Examples using Arbutus Analyzer will demonstrate the best analytics for identifying outliers.
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 14 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
Implementing and Auditing General Data Protection RegulationJim Kaplan CIA CFE
This document provides an agenda and overview of a webinar on lessons learned from the General Data Protection Regulation (GDPR) and applying the GDPR's data protection principles. The webinar agenda includes discussing common data security failures, managing personal data breaches, and the seven data protection principles. It also provides background on the webinar presenter and introduces the company hosting the webinar, AuditNet.
When is a Duplicate not a Duplicate? Detecting Errors and FraudJim Kaplan CIA CFE
Webinar Overview - A look at duplicates testing and the inherent value of fuzzy data matching.
Identifying fuzzy duplicates has never been easier. Arbutus Analyzer’s versatile functionality enables even new users to detect possible duplicate payments, vendors sharing similar addresses among themselves or with your organization’s employees, and counter parties who may be on government watch lists. Our webinar includes nine different scenarios with detailed descriptions of the tests and their results.
You'll learn about:
• Identifying possible risks
• How to deploy Analyzer commands and functions
Key Presenter:
Michael Kano, ACDA, Data Analytics Consultant, Arbutus Analytics
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 6
• The role of the data protection officer (DPO).
• What constitutes personal data.
• Accountability, the privacy compliance framework and a personal information management system (PIMS).
General Data Protection Regulation for Auditors 5 of 10Jim Kaplan CIA CFE
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 5
• Certification against GDPR
• The powers of supervisory authorities
• Lead supervisory authorities
• The role of the European Data Protection Board (EDPB)
From time-to-time internal auditors are faced with situations which call for them to make an ethical decision. In addition, they may, in the middle of auditing, come across circumstances which themselves appear to be violations of a corporate
code-of-conduct.
Several laws now specifically state that internal auditors, in terms of the act, will be bound by the IIA Code of Ethics.
This webinar explores the IIA Code of Ethics as it applies to everyday situations the auditor may encounter.
The module is designed to provide the participants with an in-depth knowledge of:
Ethics theory
The IIA Code of Ethics
Applicable areas within Internal Audit
Reporting of material facts
Corporate Codes of Conduct
Auditing Corporate Ethics
Webinar contents will include:
Classes of Ethics
The role of business
Employee ethics
Honesty, Objectivity and diligence
Conflicts of Interest
Reporting of Material Facts
Corporate Codes of Conduct
Corporate Social Responsibility
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 12 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 3
• Data protection by design
• Securing personal data
• Reporting data breaches
From time-to-time internal auditors are faced with situations which call for them to make an ethical decision. In addition, they may, in the middle of auditing, come across circumstances which themselves appear to be violations of a corporate
code-of-conduct.
Several laws now specifically state that internal auditors, in terms of the act, will be bound by the IIA Code of Ethics.
This webinar explores the IIA Code of Ethics as it applies to everyday situations the auditor may encounter.
The module is designed to provide the participants with an in-depth knowledge of:
Ethics theory
The IIA Code of Ethics
Applicable areas within Internal Audit
Reporting of material facts
Corporate Codes of Conduct
Auditing Corporate Ethics
Webinar contents will include:
Classes of Ethics
The role of business
Employee ethics
Honesty, Objectivity and diligence
Conflicts of Interest
Reporting of Material Facts
Corporate Codes of Conduct
Corporate Social Responsibility
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 2 of 10
• Special categories of personal data
• The rights of data subjects, including data access requests
• Controllers and processors
Implementing and Auditing General Data Protection Regulation Jim Kaplan CIA CFE
Implementing and Auditing GDPR Series (1 of 10)
Protecting personal data has been an important issue for many years. The EU GDPR extends the data rights of individuals, and requires organizations to develop clear policies and procedures to protect personal data, and adopt appropriate technical and organizational measures. UK organizations have had to comply with the Regulation since 25 May 2018, or potentially face fines of up to 4% of annual turnover or €20 million – whichever is greater.
Learning Outcomes:
This 10 webinar series is intended to elicit a clear understanding of the core elements of the GDPR, with the ability to gain a deeper understanding by asking the trainer questions during the training.
It covers how each aspect of the Regulation can be translated into implementation actions in your organization and the auditor’s role.
Webinar 1 of 10
• Bands of penalties and range of awards for breaches
• Lawfulness of processing and consent
• The six data protection principles
Organizations are increasingly looking to their Internal Auditors to provide independent assurance about cyber risks and the organization's ability to defend against cyber attacks. With information technology becoming an inherent critical success factor for every business and the emerging cyber threat landscape, every internal auditor needs to equip themselves on IT audit essentials and cyber issues.
In part 12 of our Cyber Security Series you will learn about the current cyber risks and attack methods from Richard Cascarino, including:
Where are we now and Where are we going?
Current Cyberrisks
• Data Breach and Cloud Misconfigurations
• Insecure Application User Interface (API)
• The growing impact of AI and ML
• Malware Attack
• Single factor passwords
• Insider Threat
• Shadow IT Systems
• Crime, espionage and sabotage by rogue nation-states
• IoT
• CCPA and GDPR
• Cyber attacks on utilities and public infrastructure
• Shift in attack vectors
From time-to-time internal auditors are faced with situations which call for them to make an ethical decision. In addition, they may, in the middle of auditing, come across circumstances which themselves appear to be violations of a corporate
code-of-conduct.
Several laws now specifically state that internal auditors, in terms of the act, will be bound by the IIA Code of Ethics.
This webinar explores the IIA Code of Ethics as it applies to everyday situations the auditor may encounter.
The module is designed to provide the participants with an in-depth knowledge of:
Ethics theory
The IIA Code of Ethics
Applicable areas within Internal Audit
Reporting of material facts
Corporate Codes of Conduct
Auditing Corporate Ethics
Use Cases : Duplicate Testing & Segregation of Duties
Learning Objectives / Key Takeaways:
Learn how ATCO evolved its Internal Audit practice through embedding Data Analytics within our Audit Shop.
Identify how data-driven auditing can save time and increase audit assurance, coverage and quality.
See specific examples of how Analyzer was used to detect duplicate payments and assess Segregation of Duties.
Understand the benefits of creating procedures/scripts, to automate testing.
Beyond the Basics of A/B Tests: Highly Innovative Experimentation Tactics You...Aggregage
This webinar will explore cutting-edge, less familiar but powerful experimentation methodologies which address well-known limitations of standard A/B Testing. Designed for data and product leaders, this session aims to inspire the embrace of innovative approaches and provide insights into the frontiers of experimentation!
ViewShift: Hassle-free Dynamic Policy Enforcement for Every Data LakeWalaa Eldin Moustafa
Dynamic policy enforcement is becoming an increasingly important topic in today’s world where data privacy and compliance is a top priority for companies, individuals, and regulators alike. In these slides, we discuss how LinkedIn implements a powerful dynamic policy enforcement engine, called ViewShift, and integrates it within its data lake. We show the query engine architecture and how catalog implementations can automatically route table resolutions to compliance-enforcing SQL views. Such views have a set of very interesting properties: (1) They are auto-generated from declarative data annotations. (2) They respect user-level consent and preferences (3) They are context-aware, encoding a different set of transformations for different use cases (4) They are portable; while the SQL logic is only implemented in one SQL dialect, it is accessible in all engines.
#SQL #Views #Privacy #Compliance #DataLake
Enhanced Enterprise Intelligence with your personal AI Data Copilot.pdfGetInData
Recently we have observed the rise of open-source Large Language Models (LLMs) that are community-driven or developed by the AI market leaders, such as Meta (Llama3), Databricks (DBRX) and Snowflake (Arctic). On the other hand, there is a growth in interest in specialized, carefully fine-tuned yet relatively small models that can efficiently assist programmers in day-to-day tasks. Finally, Retrieval-Augmented Generation (RAG) architectures have gained a lot of traction as the preferred approach for LLMs context and prompt augmentation for building conversational SQL data copilots, code copilots and chatbots.
In this presentation, we will show how we built upon these three concepts a robust Data Copilot that can help to democratize access to company data assets and boost performance of everyone working with data platforms.
Why do we need yet another (open-source ) Copilot?
How can we build one?
Architecture and evaluation
Predictably Improve Your B2B Tech Company's Performance by Leveraging DataKiwi Creative
Harness the power of AI-backed reports, benchmarking and data analysis to predict trends and detect anomalies in your marketing efforts.
Peter Caputa, CEO at Databox, reveals how you can discover the strategies and tools to increase your growth rate (and margins!).
From metrics to track to data habits to pick up, enhance your reporting for powerful insights to improve your B2B tech company's marketing.
- - -
This is the webinar recording from the June 2024 HubSpot User Group (HUG) for B2B Technology USA.
Watch the video recording at https://youtu.be/5vjwGfPN9lw
Sign up for future HUG events at https://events.hubspot.com/b2b-technology-usa/
Natural Language Processing (NLP), RAG and its applications .pptxfkyes25
1. In the realm of Natural Language Processing (NLP), knowledge-intensive tasks such as question answering, fact verification, and open-domain dialogue generation require the integration of vast and up-to-date information. Traditional neural models, though powerful, struggle with encoding all necessary knowledge within their parameters, leading to limitations in generalization and scalability. The paper "Retrieval-Augmented Generation for Knowledge-Intensive NLP Tasks" introduces RAG (Retrieval-Augmented Generation), a novel framework that synergizes retrieval mechanisms with generative models, enhancing performance by dynamically incorporating external knowledge during inference.
06-04-2024 - NYC Tech Week - Discussion on Vector Databases, Unstructured Data and AI
Discussion on Vector Databases, Unstructured Data and AI
https://www.meetup.com/unstructured-data-meetup-new-york/
This meetup is for people working in unstructured data. Speakers will come present about related topics such as vector databases, LLMs, and managing data at scale. The intended audience of this group includes roles like machine learning engineers, data scientists, data engineers, software engineers, and PMs.This meetup was formerly Milvus Meetup, and is sponsored by Zilliz maintainers of Milvus.
1. Future of Auditing
and Fraud Detection
Slide 0
About Jim Kaplan, CIA, CFE
President and Founder of AuditNet®,
the global resource for auditors
(available on iOS, Android and
Windows devices)
Auditor, Web Site Guru,
Internet for Auditors Pioneer
IIA Bradford Cadmus Memorial
Award Recipient
Local Government Auditor’s Lifetime
Award
Author of “The Auditor’s Guide to
Internet Resources” 2nd Edition
1
2. About AuditNet® LLC
• AuditNet®, the global resource for auditors, serves the global audit
community as the primary resource for Web-based auditing content. As the first online
audit portal, AuditNet® has been at the forefront of websites dedicated to promoting the
use of audit technology.
• Available on the Web, iPad, iPhone, Windows and Android devices and
features:
• Over 2,900 Reusable Templates, Audit Programs, Questionnaires, and
Control Matrices
• Webinars focusing on fraud, data analytics, IT audit, and internal audit
with free CPE for subscribers and site license users.
• Audit guides, manuals, and books on audit basics and using audit
technology
• LinkedIn Networking Groups
• Monthly Newsletters with Expert Guest Columnists
• Surveys on timely topics for internal auditors
Introductions
2
HOUSEKEEPING
This webinar and its material are the property of AuditNet® and its Webinar partners.
Unauthorized usage or recording of this webinar or any of its material is strictly forbidden.
If you logged in with another individual’s confirmation email you will not receive CPE as the
confirmation login is linked to a specific individual
This Webinar is not eligible for viewing in a group setting. You must be logged in with your
unique join link.
We are recording the webinar and you will be provided access to that recording after the
webinar. Downloading or otherwise duplicating the webinar recording is expressly prohibited.
If you have indicated you would like CPE you must attend the entire Webinar to receive CPE
(no partial CPE will be awarded).
If you meet the criteria for earning CPE you will receive a link via email to download your
certificate. The official email for CPE will be issued via NoReply@gensend.io and it is
important to white list this address. It is from this email that your CPE credit will be sent.
There is a processing fee to have your CPE credit regenerated post event.
Submit questions via the chat box on your screen and we will answer them either during or at
the conclusion.
You must answer the survey questions after the Webinar or before downloading your
certificate.
3
3. IMPORTANT INFORMATION
REGARDING CPE!
SUBSCRIBERS/SITE LICENSE USERS - If you attend the entire Webinar you will receive
an email with the link to download your CPE certificate. The official email for CPE will be
issued via NoReply@gensend.io and it is important to white list this address. It is from
this email that your CPE credit will be sent. There is a processing fee to have your CPE
credit regenerated post event.
NON-SUBSCRIBERS/NON-SITE LICENSE USERS - If you attend the entire Webinar and
requested CPE you must pay a fee to receive your CPE. No exceptions!
We cannot manually generate a CPE certificate as these are handled by our 3rd party
provider. We highly recommend that you work with your IT department to identify and
correct any email delivery issues prior to attending the Webinar. Issues would include
blocks or spam filters in your email system or a firewall that will redirect or not allow
delivery of this email from Gensend.io
Anyone may register, attend and view the Webinar without fees if they opted out of
receiving CPE.
We are not responsible for any connection, audio or other computer related issues. You
must have pop-ups enabled on you computer otherwise you will not be able to answer the
polling questions which occur approximately every 20 minutes. We suggest that if you
have any pressing issues to see to that you do so immediately after a polling question.
4
The views expressed by the presenters do not necessarily represent the views,
positions, or opinions of AuditNet® LLC. These materials, and the oral
presentation accompanying them, are for educational purposes only and do not
constitute accounting or legal advice or create an accountant-client relationship.
While AuditNet® makes every effort to ensure information is accurate and
complete, AuditNet® makes no representations, guarantees, or warranties as to
the accuracy or completeness of the information provided via this presentation.
AuditNet® specifically disclaims all liability for any claims or damages that may
result from the information contained in this presentation, including any websites
maintained by third parties and linked to the AuditNet® website.
Any mention of commercial products is for information only; it does not imply
recommendation or endorsement by AuditNet® LLC
5
4. AuditNet® and cRisk Academy
If you would like forever access
to this webinar recording
If you are watching the
recording, and would like to
obtain CPE credit for this
webinar
Previous AuditNet® webinars
are also available on-demand for
CPE credit
http://criskacademy.com
http://ondemand.criskacademy.com
Use coupon code: 50OFF for a
discount on this webinar for one week
6
Richard B. Lanza, CPA, CFE, CGMA
• Managing Director in Innovation for Grant Thornton, LLP
• Over 25 years of ACL, Excel and other software usage
• Received the outstanding achievement in business award by the
Association of Certified Fraud Examiners for developing the publication
Proactively Detecting Fraud Using Computer Audit Reports as a
research project for the IIA
• Recently was a contributing author of:
• Detecting Corruption with Analytics: A Roadmap – The
International Institute for Analytics
• Global Technology Audit Guide (GTAG #13) Fraud In An
Automated World – Institute Of Internal Auditors.
• Cost Recovery – Turning Your Accounts Payable Department
Into A Profit Center – Wiley And Sons.
• Data Analytics: A Roadmap for Expanding Capabilities
(published 2018 in partnership with the IIA's Internal Audit
Foundation)
• In 2015, discovered a new textual analytic technique using letters
called the Lanza Approach to Letter Analytics (LALA)TM
7
The views expressed by the
presenters do not necessarily
represent the views, positions, or
opinions of Grant Thornton, LLP.
These materials, and the oral
presentation accompanyingthem,
are for educational purposes only
and do not constitute accounting
or legal advice or create an
accountant-client relationship.
rich.lanza@us.gt.com
5. Take My Manual Audit, circa 1998
Make data analytics a priority on every audit
Data exists for every process
Try to use analytics in every audit and explain if you do not
Replace manual tests with automated ones
You need to replace to provide the time for analytics
Do one less audit and spend the time “thinking” this year
Focus on I T testing – user and segregation of duties testing
8
Today’s Agenda
See how analytics can maximize the annual audit plan and
better ensure focus is placed on top organizational risks.
Establish a framework to using analytics and automation
across the entire audit lifecycle.
Use the general ledger as a case study to provide a digital
road map for analytics for detecting fraud (and errors) within
the organization.
Define the top company areas for data integration from
structured, unstructured and external data sources.
Highlight culturally what audit and fraud detection functions
must do to embrace continuous embedded analytic reviews.
9
6. Is the Future of Auditing Simply Analytics?
10
Our perspective on the technology landscape
Source: Adapted from Forrester – Create A Road Map For A Real-Time, Agile, Self-Service Data Platform (Nov. 2017); Grant Thornton Analysis
11
So Much Time, / So Little Technology
Scratch That and Reverse It!
7. Don’t be afraid…..It is just a
C.A.A.T.
12
Monitoring & Controls Lead the Way
to Reducing Fraud
13
Source: 2018 ACFE Report to the Nation
8. An Easier Way to
Categorize Future Technologies
14
Innovation
Blockchain
Robotic Process
Automation
Data Analytics
Artificial
Intelligence
Re-imagine the Audit
15
Redesign audit
processes using
today's technology
rather than using
information
technology to
computerize legacy
audit plans and
procedures
Step
Leveraging
innovation to
perform more
effective audits and
provide new forms
of audit evidence
Step
Automate
whatever is a
consistent process
Step
More continuous
assurance and
more timely and
relevant audit
reporting
Step
9. A Shift in Internal Audit's Value
16
Projects of the past Projects of NOW and NEXT
Compliance Auditor Trusted Partner and Value Driver
Operator Human: manually complete checklist Machine with human: data and analysis driven
Scope Sample: thoroughly evaluate small portions of data Entire population of data: thoroughly analyze all data
Focus Compliance using historical data Risk-based assurance using trends and predictions
Time & value Slow & stagnant Fast, efficient & insightful
Advisory role None Drive value through focus on business outcomes and
improvements
Orientation Reactive: quarterly cadence Proactive: persistent data monitoring
Technology Limited reliance Heavy reliance
Outcome Pass / Fail Risk based actionable recommendations
Client Sentiment Check the box: “Get them out of here” Eager and excited: “Stay and help us mature this function”;
"What else can we do within IA?"
Perception:
Don't Forget the People
Data holds insight, but it is people—not data—who ensure that
analytics generates value for the company.
Advances in technology are raising expectations for leadership,
creating new needs, and transforming the way we do business.
Analytics is becoming a central focus of leadership agendas because
of its potential to improve profitability, mitigate risk, and ensure a
sustainable organization.
17
10. Desired Tech-Enabled Skills
• Passionate about technology
• Ability to reimagine the audit
• Analytic technical skills
• Data management and acquisition
• Database modeling
• Tool development and programming
• Predictive modeling and statistics
• Other Skills
• IT project management
• Selling new innovation / Change management
• Communicating a story based on the numbers 18
Where Can We Increase Analytic Usage?
19
11. Analytic Benefit in Sum:
Doing More With Less
20
2015 AuditNet® Audit Data Analysis Software Survey
Internal auditors are becoming game changers
Internal audit analytics helps internal audit departments:
Shift the perception of internal audit's value
Improve their business value and analytic maturity
Strengthen the three lines of defense
Provide insights to identify, monitor, control and mitigate risks
Create opportunities for automation and continuous auditing
21
Benefits of Internal Audit Analytics
The value to your organization
In their own words, the benefits
of internal audit analytics:
12. Types of Data Analytics
Type Audit example
Descriptive Analysis of accounts payable identifies all disbursements processed on
Saturdays for over $1,000
Diagnostic Analysis of accounts payable identifies John Smith from Dallas as the
only accounts payable manager who approved each Saturdays
disbursement over $1,000
Predictive Analysis of accounts payable expects all Saturday disbursements over
$1,000 to be approved by John Smith
Prescriptive Analysis that builds and tests scenarios around different policies to
determine what course of action would lead to a drop in the number of
disbursements over $1,000 processed on Saturday
22
Data analytics defined – AICPA
"The science and art of discovering and analyzing
patterns, identifying anomalies, and extracting
other useful information in data underlying or related
to the subject matter of an audit through analysis,
modeling, and visualization for the purpose of
planning or performing the audit".
23
13. Exploratory vs. Confirmatory
24
Exploratory analytics Confirmatory analytics
Bottom-up and inductive Top-down and deductive
What does the data suggest is happening? Is the subject matter consistent with my model
On what assertions should we focus? Are there deviations that are individually
significant or that form a pattern?
Most useful in audit planning Most useful with substantive or controls
assurance
Data Analytics Applied
25
Data analytic definition component Real-life application
Audit planning Refined risk assessment
Extracting useful information Data management application
Modeling and visualizations Statistical dashboards, techniques and analytics
Discovering, identifying and analyzing
patterns and anomalies
The continuous monitoring and investigating of
transactions
Audit execution Performing substantive procedures and testing the
operating effectiveness of controls
14. Testing the Operating
Effectiveness of Controls
26
Type of test Data analytic approach
Inquiry Leveraging statistical analysis and models present significant materials for client
discussions (i.e. insights to the client)
Observation Real time monitoring of a business process (i.e. lapses in the execution of the control
can be immediately reported)
Inspection The continuous utilization of mining event logs to test 100% of the data (i.e. identifying
payments made without approval)
Reperformance The continuous reperformance and testing on a 100 percent basis (i.e. account
reconciliations)
27
Audit
procedures
Data Analytic approach
Inspection Utilizing the process of mining event logs to inspect and corroborate the
accuracy of information
Observation Real time monitoring of a business process
Inquiry Leveraging statistical analysis and models present significant materials
for client discussions (i.e. insights to the client)
Confirmation Obtaining a information from a third party to test a specific condition
Analytics to Obtain Audit Evidence
15. 28
Audit procedures Data Analytic approach
Recalculation Using robotic process automation to check the mathematical
accuracy of documents and records
Reperformance The continuous reperformance and testing on a 100 percent basis
(i.e. account reconciliations)
Analytical
procedures
Focused and precise analytics utilized during the planning,
substantive and concluding phases of the audit that analyze the
plausibility and predictability of a given relationship and identify
differences that could give rise to a potential misstatement (i.e.
regression, volatility)
Analytics to Obtain Audit Evidence
Analytic Toolkit Case Studies
29
16. A Sampling of Toolkits
30
ACCOUNTS PAYABLE
Performs control
analysis, proactive
fraud testing and cost
recovery detection
for the procure to pay
process.
75 SCRIPTS
GENERAL LEDGER
Gain financial
insights across the
organization, and
focus efforts on
holistic view of the
company.
60 SCRIPTS
REVENUE
Performs control
analysis, proactive
fraud testing and cost
recovery detection
for the order to cash
process.
50 SCRIPTS
TRAVEL & EXPENSE
Analyze travel and
expense data to
identify inappropriate
or suspicious
employee expenses,
and manage T&E
efforts.
20 SCRIPTS
P-CARD
Identify risky P-Card
transactions and
usage behaviors.
30 SCRIPTS
Risk-rank vendors by elements of risk that
may result in a FCPA violation…
. . . understand the riskiness of specific vendors
using individual test results
…and use predictive analytics to predict
transactions costs by vendor
Third Party Vendor Risk Analytics
31
18. Vendor Risk Ranking
34
Two vendors in the top 5 scored vendors with over
$10K
Journal Entry Stratification
In this case, 15 of the 65
largest journal entries
make up 94% of the net
income effect
Millions of journal entries
can be compressed into a
single view.
Each of these items can
be further explored by
location, segment, and
entry process/employee.
35
19. Compressing the G/L Sequences
36
EXAMPLE DATA:
1,000 Journal Entries of:
• Debit: A/R
• Credit: Revenue
The account combination is then summarized into 1 unique account sequence:
Sequence Occurrences DR CR
ACCSEQ_1 1,000 A/R Revenue
The First and Last Letters
Tell the Story
• It deosn't mttaer in waht oredr the ltteers in a wrod
are, the olny iprmoetnt tihng is taht the frist and lsat
ltteer be at the rghit pclae.
37
20. Letter Analysis
38
Unstructured Text and Letter Analytics
“The Benford’s Law of Words”
39
• Same words tend to occur year over
year
• Changes may indicate some change
in the client that could affect risk
assessment
21. Trending Revenue
Store sales were expected to decrease year over year
One store closed
One store had 2.3% increase overall (but that tells only
part of the story)
40
My Top Audit Savings Ever
http://bit.ly/2Fb5oOd
Over $100MM identified, $40MM recovered
Led to people, process and technology improvements
It focused on turning the “F” word into the “R” word
Was based on a simple aging report
Positive values were aged separate of negative values
41
23. Wind Damage Claims
44
Artificial Text Intelligence
45
Visualize
context
Identify key
phrase
Compare
provisions
to baseline
Score
similarity
Compile document
library
Read
documents
Text Analytics Tool:
Capture
subsequent
human review
for future
machine
learning
application
24. Working On Robot Time
46
What is Ripe for Automation?
47
https://youtu.be/o-MlJI48XX4
25. Process Characteristics for RPA
48
Robotics Process Automation
49
RPA is the use of software to mimic the actions a human user would perform on a PC at scale
to automate processes that are repetitive, rule-based and use structured data inputs.
Applicatio
n
Database
System
3270
Utility
SAP
Web
Tools
Softwar
e
26. Overcoming Data Challenges
Normalizing data is 80% of the time (in the beginning)
“By most accounts, 80 percent of the development effort in a big data project
goes into data integration and only 20 percent goes toward data analysis.” —
Intel Corporation
Data is in every process
It may not be ERP / It may be in your “Big Data”
90% of data is text
Audit (Internal & External) is the best partner to get the data
They are independent / Not proving the data is a scope limitation
Tend to establish the most secure data warehouses
50
Automated Data Normalization
• Store procedures for data cleanup once
• Create a normalized set of data fields named by YOU
• Ensure data quality tests are run prior to analysis
• Automate these routine tasks to increase analyst’s time
• Enrich the data by organizing it by type codes
51
27. Automating Data ETL
• All of the Company's data is captured in an SAP G/L
• Audit team had to budget almost 100 hours just on
importing and combining various report extracts
• Data analytics and innovation were introduced in the
current year audit
• Data import process was reduced from 25 hours
/quarter to only 2 hours/quarter
52
Automating IT Control Tests
53
User Access Review Controls
Grant Thornton automated user access control testing for the following attributes:
• Whether access was approved by appropriate personnel
• Whether the approval occurred within the required time frame
• If the access is set to be revoked then the account is flagged for immediate attention and an alert is sent to the control
owner.
Human Resources Roles Validation
The clients control stated that HR personnel with access to modify payroll information must also have a role assigned that
prevents modification of their own payroll information. Grant Thornton automated this test to verify that all HR personnel are
restricted from modifying their own payroll fields.
SQL Database Backup Jobs
Grant Thornton automated a test to verify that SQL jobs are in place to backup SQL databases on a regularly scheduled basis.
This automated test also included tests for the following attributes:
• The backup jobs are configured to backup the full database per the backup requirements
• The backup alerts are set to notify personnel when a backup fails or is completed successfully
• The alerts are configured to notify appropriate personnel
Removal of Inactive SAP account access
Grant Thornton automated a test for inactive SAP account access that is greater than the Company's specified threshold. Any
account that has not accessed the system within this threshold is flagged for immediate attention and an alert is sent to the
control owner for access to be removed.
28. Automating Finance Functions
54
Revenue
Cycle
Information
Technology
Procure
to Pay
Order
to Cash
Record to
Report
Supply
Chain
Insurance
Authorization
Datacenter
Customer
Master
Gen. Acct. /
Close
Vendor
Master
CRM &
Customer
Service
Network
Operations
Sourcing /
Contract
Management
Reporting
Credit /
Contract
Demand
Management
Charge
Posting
Security
Admin.
PO Process
Order
Process
External
Reporting
Materials
Management
Training &
Development
Service Desk
Goods
Receipt
Treasury
Logistics /
Delivery
Capacity
Flow
Management
Write-offs
Desktop
Support
Invoice
Process
Billing / Disp.
Res.
Tax
Transport &
Logistics
Performance
Metrics
Database
Admin.
Collections
Payment
Process
FP & A
Carrier
Management
Cash PostingApplications
Cash
ApplicationControllership T & E
Returns
Management
Denials
Management
Robotic Process Automation Limitations
55
RPA cannot read any data that is non-electronic with unstructured inputs
• An example would be input such as paper invoices. In this case, RPA will only work with a collection of other implemented
technologies (such as OCR) required to make it digital and structured.
RPA requires some form of static consistency
• For example, invoices may be received in different formats, with fields placed in different areas. For a ‘Bot’ to be able to read an
invoice, all supplier invoices must be received in the same format with the same fields.
• Although robots can be trained by exception to read different fields, they cannot read multiple different formats – unless these are
all digital and configured separately.
RPA is not a cognitive computing solution
• It cannot learn from experience and therefore has a ‘shelf life’.
• As processes evolve – for example, through the introduction and use of other technologies — they may become redundant and
require changes.
• It is therefore wise for a company to examine the process prior to building a ‘Bot’. Applied to a process that is inefficient and/or on
the way out, that shelf life may be reduced to just a year.
Applying RPA to a broken and inefficient process will not fix it
• RPA is not a Business Process Management solution and does not bring an end-to-end process view
• The same goes for out of date infrastructure – RPA will only mask the underlying issues.
• Clients should focus first on addressing the root causes of their process or technology inefficiencies and then apply RPA to
maximize the benefits.
29. Data Analytics
IIA Research Guides
Other Thought Leadership
• Internal Audit Analytic Surveys – Grant Thornton partnered with the Internal Audit Foundation >>
https://www.grantthornton.com/library/articles/advisory/2017/internal-audit-new-value-data-analytics.aspx
• White Paper – Driving Enterprise Value through Data Analytics >>
https://www.grantthornton.com/library/articles/advisory/2017/enterprise-value-through-data-analytics.aspx
• Data Analytics: A Roadmap for
Expanding Capabilities (published 2018
in partnership with the IIA's Internal Audit
Foundation)
• Data Analytics: Elevating Internal Audit's
Value (published 2016 in partnership with
the IIA's Internal Audit Foundation)
Books
Slide 56
57
http://gt-us.co/2I2EK8f
Questions?
30. AuditNet® and cRisk Academy
If you would like forever access
to this webinar recording
If you are watching the
recording, and would like to
obtain CPE credit for this
webinar
Previous AuditNet® webinars
are also available on-demand for
CPE credit
http://criskacademy.com
http://ondemand.criskacademy.com
Use coupon code: 50OFF for a
discount on this webinar for one week
58
AuditSoftwareVideos.com
Now Free (But Not for Long!)
70+ Hours of videos accessible for FREE subscriptions
Repeat video and text instruction as much as you need
Sample files, scripts, and macros in ACL™, Excel™, etc.
available for purchase
Bite-size video format (3 to 10 minutes)
>> Professionally
produced videos by
instructors with over 20
years experience in
ACL™, Excel™ , and
more
59
31. Thank You!
Jim Kaplan
AuditNet® LLC
1-800-385-1625
Email: webinars@auditnet.org
www.auditnet.org
Richard B. Lanza, CPA, CFE, CGMA
Contact Information
D: +1 732 516 5527
M: +1 732 331 3494
Email: rich.lanza@us.gt.com
60