SlideShare a Scribd company logo

Scalable integrated program audit (sipa)

Vishnuvarthanan Moorthy
Vishnuvarthanan Moorthy

Scalable & Integrated Program Audit is an effective Auditing framework for handling large complex programs/ practices in organization, which works on Value Generation, Compliance, capability and Risk evaluation principles.

Services
1 of 15
Download to read offline
SCALABLE & INTEGRATED PROGRAM AUDIT (SIPA) METHOD Vishnu Varthanan Moorthy12 Jul 17
Scope and Applicability  Scope: This presentation explains the method of Scalable & Integrated Program Audit and its benefits in performing audits in large & complex programs with multiple reference/expectations.  Applicability: The framework and explanation is limited to Software Industry, however the same can be leveraged to other industries with adequate care.
Fitness of Audit programs for Large programs/Engagements  Challenges in Auditing  Lack of recognition of complexity in planning  Long duration Audit Program  Inadequate Coverage to give confidence on report  Not involving all roles in program  Audit teams are not composed with Right capabilities  Engagement undergo multiple audits from various teams  Unclear objectives and ineffective results  Auditors’ lost in vastness of information and Jargons Large Engagements Complex governance Multiple Services offered Many suppliers Tools dominance and virtual environments Legal needs/data protection Increased Communication channels
Scalable & Integrated Program Audits  Scalable: Audit planning can be ramped up or down based on the Engagement/practice needs.  Integrated: Multifunctional & multi objective audit performed in co-ordinated manner with shared values and clear responsibilities  Program : Covering delivery of services, governance and capabilities to achieve successful results  Audit: Evaluation of execution of activities as per expected norms/references , on sample basis, to ensure the management/client/social objectives are met. Scalable & Integrated Program Audit is an effective Auditing framework for handling large complex programs/ practices in organization, which works on Value Generation, Compliance, capability and Risk evaluation principles. This differs from traditional audits interms of ability to handle larger teams, matrix communications, mammoth information, multiple norms in a systematic manner and yielding results.
SIPA Framework – Value Layers Audit Execution Layer Integrated Program Layer Strategizing & Scaling Up Layer • Objective & Value Generation • Sponsor/mgmt, Practice /Program Lead Auditor • Key Focus Areas • Strategizing Audit Program • Shared Objectives • Initial information processing • Interface &Interactive Points • Governance & resources • Conduct & Reporting Norms • Tactical planning • Consolidation and Realignment • Information and evidence processing • Report development & Agreement
SIPA - Framework Auditor by Fn & Stream Auditor by Fn & Stream Auditee by role Audit Strategy & Value Generati on Shared Objective s Stream Objective s Audit Program Level Objective s Tactical Schedule Prepare Stream Audit Execute Report Activity 1 Activity 2 Activity 3 Stream 1 Tactical Schedule Prepare Stream Audit Execute Report Activity 1 Activity 2 Activity 3 Stream 2 Tactical Schedule Prepare Stream Audit Execute Report Activity 1 Activity 2 Activity 3 Stream 3 Tactical Schedule Prepare Stream Audit Execute Report Activity 1 Activity 2 Activity 3 Stream N Daily Standup Daily Report Consolidation ThreadLog QueryNotes Program LA Functional LA’s Engagement (or) Practice Mgmt ProgramAuditPlan ObjectiveMapping Tactical Schedule Prepare Mgmt Audit Execute Report Activity 1 Activity 2 Activity 3 Governance Tactical Schedule Prepare Stream Audit Execute Report Activity 1 Activity 2 Activity 3 3C (Capability, Competency & Communication) Objective Scope Budget Value Generation Top Management/ Sponsor Practice LA/Program LA Practice Level for Multiple Programs
Are Both Condition Same? Engagement with a team of 50 members and its has to have compliance with contractual requirements and ISO9001 standard. The team is working on Mobile application development. Engagement with 900 members and is looking forward to submit to client the report on compliance to contractual requirements, risks and value addition performed in engagements and has reference to data security, healthcare and Business continuity aspects. The Engagement services 4 major type of work (development, maintenance, data center management, migration of code) and working across multiple domains with virtual environment and many automation activities are in progress. In addition there is high dependency with external service provider in maintaining service levels. Also 50 of testers are working as sub contractor in the engagement. Around 12 certified project managers handling various activities in engagement. Unfortunately our Auditing Approach , many a times doesn’t recognize the difference.
Planning in SIPA • Get Objectives from Management (and/or) Audit function Head • Collect the reference compliance norms • Understand Client and Interested parties expectations • Collect information about Engagement/ Practice (multiple engagements) over people, operations, sites, suppliers ,etc • Agree on Scope and Objectives • Provide initial estimation to agree on Budget and availability on logistics Finalize Objective & Scoping • Assess the different Competencies needed for Audit • Involve stakeholders to get nominated Auditors • Conduct expectation setting session • Design Structure of Audit teams • Develop shared vision and norms • Identify critical components & Areas to check and share the responsibilities Design for Outcome • Prepare detailed Schedule in alignment with engagement/practice Contact members • Ensure Coverage and Scope • Ensure Auditee Identification at practice/program/stream level • Identify if any additional auditee’s are needed (supplier/extended support) • Plan the logistics of Program • Communicate schedule and high level method Plan Elements
Planning Factors by Level References/NormsAudit Focus • Regulatory Audit • Process Audit • Financial Audit • Security Audit • Functional Audit • Performance Audit • Business Continuity Audit • Domain Based Audit • Technology/Architecture Audit • Standards Readiness Audit Third party audits are not covered in this method , as they have pre- defined guidance in most cases. • Contracts and Annexures • Quality System • Policies and procedure • Org/Practice/guidelines • Statutory/Regulatory Requirements • International & national Standards • Best Practices in Industry • Client Mandates/ Supplier Standards • Company Objectives • Practice/Engagement Roles & Reporting • Delivery of Services • Policies and procedure • Size of team & Grades of employees • Operation sites • Tools & Technology • No. of support teams • Suppliers and type of Contracts • Current Activities • Other Select Information Characteristics
Steps Involved in Planning Initiation with Management Objective Finalization Study Characteristics Design Value addition with Functional Auditors Develop a Practice Audit/Program Audit Plan Initiate Shared Vision and Ground rules Collect information on Practice/Program Plan Practice level Schedule(or) Program Level Prepare Auditing Aids Plan logistics Plan stream level Objectives Collect Information on Streams Plan Stream Level Schedule Collaborate with Auditors Finalize Planning When Practice Level Audit is required , then multiple program level Audits can be subset of the Practice level Audit. Each program audit can have multiple stream level audits. StrategizeProgramPlanStreamPlan
Scalability & Integration in Audit Practice Level Multiple Programs Program level Multiple Streams Quality Process Regulatory Security Cyber security Business continuity Technical Architecture Configuration Other Additions Stream : upto 150 member Program: Upto 900 member or not more than 6 Stream Practice: upto 5000 member or not more than 6 programs Not More than 5 focus area Scalability Integration
Execution Opening Meeting Audit Execution Report Preparation Presentation Opening Meeting Opening Meeting Practice Level Program level Stand up Meeting Program level Program Governance Audit Stream Level Audit Stream Level Audit Stream Level Audit Daily Report Consolidate ThreadLog Query Notes Stand up Meeting Program Governance Audit Stream Level Audit Stream Level Audit Stream Level Audit Daily Report Consolidate ThreadLog Day N-aDay 1 Practice Level (As Applicable with Program connect) Stand up Meeting Daily Report Consolidate ThreadLog QueryNotes Reporting & Closing Reporting & Closing Thread Log: Helps auditors to share threads with other auditors in a stream or governance level. Across programs as required Query Notes: To be verified items which they want to take it with auditors. Typically connects the next day standup meeting.
Typical Areas to Check • Client/Management Expectations • Contract/scope Commitment Mapping in planning • Budget provision for Execution • Management Structure • Roles and Responsibilities • Delivery Methodology Identification • Risk Identification and Management • RACI/Stakeholder Identification • Deliverables and Acceptance criteria • Standards/Regulatory Requirements • Resource Needs • Resource& Service Procurement • Internal/External Service Provider • Security • Business Continuity • Performance Management • Compliance Checks • Manage Teams Governance 3C (Competency, Capability & Communication) • Resource Competency Management • Training and Development • Motivation and People Performance • Dynamic Resource need handling • Assets and Roles alignment with Commitment • Develop/maintain Systems and Tools • Develop process flows/Processes • Capability measurement • Client Expectation Tracing • Scope/Change Management & Communication • Reporting and Sharing • Decision Sharing • Internal Team Communication • External Communication • Facilities and Infrastructure • Control of data/Records • Stream Level Planning • Resource management • Risk management • Deliverable Management • Traceability of decisions • Capacity and availability management • Back up and Security • Lifecycle and Validation points • Budget Consumption and Key Performance measures • Client expectations met • monitoring and control • Service provider tracking • Regulatory/Standard application/compliance • Resource Onboard/off-board • Trainings • Reporting • Tools/licenses/assets and Infrastructure Stream • Cost Savings • Quality Improvements • On-time performance • Compliance management • Operational Efficiency • Improvement & Innovations • Career path of resources • Client Satisfaction Improvement • Additional Value offerings • Technology adherence/utilization • ROI on Key Decisions • Succession Plan Value chain
ReportingAuditObjective Practice Evidence Program Evidence Stream Evidence Deviations Weakness Strengths Opportunities for Improvement Focus Area 1 Deviation (Ex: Regulatory/Process) Focus Area “N” Deviation (Ex: Security) Practice Evidence Program Evidence Stream Evidence Report Value Chain Results Report consolidation Draft Report Preparation Management presentation Final Report Submission Practice LA/Program LA Top Management/ Sponsor Functional LA’s Engagement (or) Practice Mgmt SharedVision
Conclusion  SIPA gives better control and focus over audits  Flexibility to scale up to required level and Add multifunctional Auditors leads to new possibilities  Audits are not merely compliance focused / Risk assessments instead leads better Progress and Value addition  Organized Audits reduces chaos and better plans enable auditee to be in comfort to do reality check  Reduces frequent audits on engagement/practices by various functions  Increases Client /Management confidence in Audits  Improves effectiveness of Audit and Better Reporting.

Recommended

Make Profits - Evaluate your Construction Projects
Make Profits - Evaluate your Construction ProjectsMake Profits - Evaluate your Construction Projects
Make Profits - Evaluate your Construction Projects
Aniruddha Kulkarni
 
Evaluation and Rating program for Construction Quality and Task Completion
Evaluation and Rating program for Construction Quality and Task CompletionEvaluation and Rating program for Construction Quality and Task Completion
Evaluation and Rating program for Construction Quality and Task Completion
Aniruddha Kulkarni
 
RichSzaflik_Resume_20160112
RichSzaflik_Resume_20160112RichSzaflik_Resume_20160112
RichSzaflik_Resume_20160112Rich Szaflik PMP
 
06. Project Management Process Groups
06. Project Management Process Groups06. Project Management Process Groups
06. Project Management Process Groups
BhuWan Khadka
 
MULTIMEDIA Cocomo forum version5
MULTIMEDIA Cocomo forum version5 MULTIMEDIA Cocomo forum version5
MULTIMEDIA Cocomo forum version5 philipsinter
 
Mar 2012 cdphe contractor performance monitoring trng
Mar 2012 cdphe contractor performance monitoring trngMar 2012 cdphe contractor performance monitoring trng
Mar 2012 cdphe contractor performance monitoring trngBrandon Williams
 
CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016
Hafiz Sheikh Adnan Ahmed
 
CQF Risk Brochure
CQF Risk BrochureCQF Risk Brochure
CQF Risk Brochure
cberr
 

Recommended

Make Profits - Evaluate your Construction Projects
Make Profits - Evaluate your Construction ProjectsMake Profits - Evaluate your Construction Projects
Make Profits - Evaluate your Construction Projects
Aniruddha Kulkarni
 
Evaluation and Rating program for Construction Quality and Task Completion
Evaluation and Rating program for Construction Quality and Task CompletionEvaluation and Rating program for Construction Quality and Task Completion
Evaluation and Rating program for Construction Quality and Task Completion
Aniruddha Kulkarni
 
RichSzaflik_Resume_20160112
RichSzaflik_Resume_20160112RichSzaflik_Resume_20160112
RichSzaflik_Resume_20160112Rich Szaflik PMP
 
06. Project Management Process Groups
06. Project Management Process Groups06. Project Management Process Groups
06. Project Management Process Groups
BhuWan Khadka
 
MULTIMEDIA Cocomo forum version5
MULTIMEDIA Cocomo forum version5 MULTIMEDIA Cocomo forum version5
MULTIMEDIA Cocomo forum version5 philipsinter
 
Mar 2012 cdphe contractor performance monitoring trng
Mar 2012 cdphe contractor performance monitoring trngMar 2012 cdphe contractor performance monitoring trng
Mar 2012 cdphe contractor performance monitoring trngBrandon Williams
 
CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016CISA Training - Chapter 1 - 2016
CISA Training - Chapter 1 - 2016
Hafiz Sheikh Adnan Ahmed
 
CQF Risk Brochure
CQF Risk BrochureCQF Risk Brochure
CQF Risk Brochure
cberr
 
IIM_GlobalBankBrokerDealerAcquisition_CS_1216
IIM_GlobalBankBrokerDealerAcquisition_CS_1216IIM_GlobalBankBrokerDealerAcquisition_CS_1216
IIM_GlobalBankBrokerDealerAcquisition_CS_1216Alison Rooney
 
Tyler Moser Resume_Final
Tyler Moser Resume_FinalTyler Moser Resume_Final
Tyler Moser Resume_FinalTyler Moser
 
VENKAT KALLAGUNTA_RESUME
VENKAT KALLAGUNTA_RESUMEVENKAT KALLAGUNTA_RESUME
VENKAT KALLAGUNTA_RESUMEVenkat Kallagunta
 
Test Lead_Venkat Kallagunta
Test Lead_Venkat KallaguntaTest Lead_Venkat Kallagunta
Test Lead_Venkat KallaguntaVenkat Kallagunta
 
Process Maturity Assessment
Process Maturity AssessmentProcess Maturity Assessment
Process Maturity Assessment
pchronis
 
Scala signature introduction
Scala signature introductionScala signature introduction
Scala signature introduction
Boyan Yordanov
 
Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”
Shankar Subramaniyan
 
Maetrics Lean Compliance System E Version
Maetrics Lean Compliance System E VersionMaetrics Lean Compliance System E Version
Maetrics Lean Compliance System E VersionTRynkiewicz
 
Developing New Capabilities in the Office of Trade
Developing New Capabilities in the Office of TradeDeveloping New Capabilities in the Office of Trade
Developing New Capabilities in the Office of Trade
Government Technology & Services Coalition
 
AllisonLesic_Resume_03222016
AllisonLesic_Resume_03222016AllisonLesic_Resume_03222016
AllisonLesic_Resume_03222016Allison Lesic
 
The path to planning
The path to planningThe path to planning
The path to planningStephen Pincher
 
Project management
Project managementProject management
Project management
gutterfighter
 
Service Delivery & Support
Service Delivery & SupportService Delivery & Support
Service Delivery & Support
Anand Subramaniam
 
Suely bodart presentation
Suely bodart presentationSuely bodart presentation
Suely bodart presentationSuely Bodart, PMP, MBA
 
Project Management an Introduction
Project Management an IntroductionProject Management an Introduction
Project Management an Introduction
Muhammad Asim Rashid PMP®, Six Sigma GB, MBA
 
205610 managing p6 from an owners schedule
205610 managing p6 from an owners schedule205610 managing p6 from an owners schedule
205610 managing p6 from an owners schedule
p6academy
 
Cisa Certification Overview
Cisa Certification OverviewCisa Certification Overview
Cisa Certification Overview
Al Imran, CISA
 
Learn from 3 Failed Attempts at Resource Management
Learn from 3 Failed Attempts at Resource ManagementLearn from 3 Failed Attempts at Resource Management
Learn from 3 Failed Attempts at Resource ManagementJeffrey Manhardt | PMP | LIMC | ITIL Foundation
 
CV_Manoj_Tripathi_18-Jan-2015
CV_Manoj_Tripathi_18-Jan-2015CV_Manoj_Tripathi_18-Jan-2015
CV_Manoj_Tripathi_18-Jan-2015Manoj Tripathi
 
Cmmi with Agile - Demystified
Cmmi with Agile - DemystifiedCmmi with Agile - Demystified
Cmmi with Agile - DemystifiedVishnuvarthanan Moorthy
 
Software process maturity+ framework
Software process maturity+ frameworkSoftware process maturity+ framework
Software process maturity+ frameworkVishnuvarthanan Moorthy
 
Capacity and availability management (CMMI SVC 1.3 PA) Explained
Capacity and availability management (CMMI SVC 1.3 PA) ExplainedCapacity and availability management (CMMI SVC 1.3 PA) Explained
Capacity and availability management (CMMI SVC 1.3 PA) Explained
Vishnuvarthanan Moorthy
 

More Related Content

What's hot

IIM_GlobalBankBrokerDealerAcquisition_CS_1216
IIM_GlobalBankBrokerDealerAcquisition_CS_1216IIM_GlobalBankBrokerDealerAcquisition_CS_1216
IIM_GlobalBankBrokerDealerAcquisition_CS_1216Alison Rooney
 
Tyler Moser Resume_Final
Tyler Moser Resume_FinalTyler Moser Resume_Final
Tyler Moser Resume_FinalTyler Moser
 
Process Maturity Assessment
Process Maturity AssessmentProcess Maturity Assessment
Process Maturity Assessment
pchronis
 
Scala signature introduction
Scala signature introductionScala signature introduction
Scala signature introduction
Boyan Yordanov
 
Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”
Shankar Subramaniyan
 
Maetrics Lean Compliance System E Version
Maetrics Lean Compliance System E VersionMaetrics Lean Compliance System E Version
Maetrics Lean Compliance System E VersionTRynkiewicz
 
Developing New Capabilities in the Office of Trade
Developing New Capabilities in the Office of TradeDeveloping New Capabilities in the Office of Trade
Developing New Capabilities in the Office of Trade
Government Technology & Services Coalition
 
AllisonLesic_Resume_03222016
AllisonLesic_Resume_03222016AllisonLesic_Resume_03222016
AllisonLesic_Resume_03222016Allison Lesic
 
Project management
Project managementProject management
Project management
gutterfighter
 
Service Delivery & Support
Service Delivery & SupportService Delivery & Support
Service Delivery & Support
Anand Subramaniam
 
Project Management an Introduction
Project Management an IntroductionProject Management an Introduction
Project Management an Introduction
Muhammad Asim Rashid PMP®, Six Sigma GB, MBA
 
205610 managing p6 from an owners schedule
205610 managing p6 from an owners schedule205610 managing p6 from an owners schedule
205610 managing p6 from an owners schedule
p6academy
 
Cisa Certification Overview
Cisa Certification OverviewCisa Certification Overview
Cisa Certification Overview
Al Imran, CISA
 
CV_Manoj_Tripathi_18-Jan-2015
CV_Manoj_Tripathi_18-Jan-2015CV_Manoj_Tripathi_18-Jan-2015
CV_Manoj_Tripathi_18-Jan-2015Manoj Tripathi
 

What's hot (19)

IIM_GlobalBankBrokerDealerAcquisition_CS_1216
IIM_GlobalBankBrokerDealerAcquisition_CS_1216IIM_GlobalBankBrokerDealerAcquisition_CS_1216
IIM_GlobalBankBrokerDealerAcquisition_CS_1216
 
Tyler Moser Resume_Final
Tyler Moser Resume_FinalTyler Moser Resume_Final
Tyler Moser Resume_Final
 
VENKAT KALLAGUNTA_RESUME
VENKAT KALLAGUNTA_RESUMEVENKAT KALLAGUNTA_RESUME
VENKAT KALLAGUNTA_RESUME
 
Test Lead_Venkat Kallagunta
Test Lead_Venkat KallaguntaTest Lead_Venkat Kallagunta
Test Lead_Venkat Kallagunta
 
Process Maturity Assessment
Process Maturity AssessmentProcess Maturity Assessment
Process Maturity Assessment
 
Scala signature introduction
Scala signature introductionScala signature introduction
Scala signature introduction
 
Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”Best Practices & Considerations in “IT Suppliers Audit”
Best Practices & Considerations in “IT Suppliers Audit”
 
Maetrics Lean Compliance System E Version
Maetrics Lean Compliance System E VersionMaetrics Lean Compliance System E Version
Maetrics Lean Compliance System E Version
 
Developing New Capabilities in the Office of Trade
Developing New Capabilities in the Office of TradeDeveloping New Capabilities in the Office of Trade
Developing New Capabilities in the Office of Trade
 
AllisonLesic_Resume_03222016
AllisonLesic_Resume_03222016AllisonLesic_Resume_03222016
AllisonLesic_Resume_03222016
 
The path to planning
The path to planningThe path to planning
The path to planning
 
Project management
Project managementProject management
Project management
 
Service Delivery & Support
Service Delivery & SupportService Delivery & Support
Service Delivery & Support
 
Suely bodart presentation
Suely bodart presentationSuely bodart presentation
Suely bodart presentation
 
Project Management an Introduction
Project Management an IntroductionProject Management an Introduction
Project Management an Introduction
 
205610 managing p6 from an owners schedule
205610 managing p6 from an owners schedule205610 managing p6 from an owners schedule
205610 managing p6 from an owners schedule
 
Cisa Certification Overview
Cisa Certification OverviewCisa Certification Overview
Cisa Certification Overview
 
Learn from 3 Failed Attempts at Resource Management
Learn from 3 Failed Attempts at Resource ManagementLearn from 3 Failed Attempts at Resource Management
Learn from 3 Failed Attempts at Resource Management
 
CV_Manoj_Tripathi_18-Jan-2015
CV_Manoj_Tripathi_18-Jan-2015CV_Manoj_Tripathi_18-Jan-2015
CV_Manoj_Tripathi_18-Jan-2015
 

Viewers also liked

Capacity and availability management (CMMI SVC 1.3 PA) Explained
Capacity and availability management (CMMI SVC 1.3 PA) ExplainedCapacity and availability management (CMMI SVC 1.3 PA) Explained
Capacity and availability management (CMMI SVC 1.3 PA) Explained
Vishnuvarthanan Moorthy
 
Agile And Cmmi
Agile And CmmiAgile And Cmmi
Agile And Cmmi
Vernon Stinebaker
 
Cmmi high maturity handbook
Cmmi high maturity handbookCmmi high maturity handbook
Cmmi high maturity handbook
Vishnuvarthanan Moorthy
 
CMMi level 3 presentation
CMMi level 3 presentationCMMi level 3 presentation
CMMi level 3 presentation
adinmani
 

Viewers also liked (6)

Cmmi with Agile - Demystified
Cmmi with Agile - DemystifiedCmmi with Agile - Demystified
Cmmi with Agile - Demystified
 
Software process maturity+ framework
Software process maturity+ frameworkSoftware process maturity+ framework
Software process maturity+ framework
 
Capacity and availability management (CMMI SVC 1.3 PA) Explained
Capacity and availability management (CMMI SVC 1.3 PA) ExplainedCapacity and availability management (CMMI SVC 1.3 PA) Explained
Capacity and availability management (CMMI SVC 1.3 PA) Explained
 
Agile And Cmmi
Agile And CmmiAgile And Cmmi
Agile And Cmmi
 
Cmmi high maturity handbook
Cmmi high maturity handbookCmmi high maturity handbook
Cmmi high maturity handbook
 
CMMi level 3 presentation
CMMi level 3 presentationCMMi level 3 presentation
CMMi level 3 presentation
 

Similar to Scalable integrated program audit (sipa)

PMP-Scope Management area
PMP-Scope Management areaPMP-Scope Management area
PMP-Scope Management area
Zaur Ahmadov, PMP
 
Project Metrics & Measures
Project Metrics & MeasuresProject Metrics & Measures
Project Metrics & Measures
Anand Subramaniam
 
L1-Project Integration Management.pdf
L1-Project Integration Management.pdfL1-Project Integration Management.pdf
L1-Project Integration Management.pdf
MUST
 
Best Practices For Identifying Offshore Vendors
Best Practices For Identifying Offshore VendorsBest Practices For Identifying Offshore Vendors
Best Practices For Identifying Offshore Vendors
D2E CONSULTING
 
14.05.08 cloud dev_ops_working_group_update
14.05.08 cloud dev_ops_working_group_update14.05.08 cloud dev_ops_working_group_update
14.05.08 cloud dev_ops_working_group_updatekevin_donovan
 
Regulatory Affairs Outsourcing Considerations and Models
Regulatory Affairs Outsourcing Considerations and ModelsRegulatory Affairs Outsourcing Considerations and Models
Regulatory Affairs Outsourcing Considerations and Models
Paul Kuiken
 
Benchmarking
BenchmarkingBenchmarking
Benchmarking
navya sree
 
Project Auditing
Project AuditingProject Auditing
Project Auditing
BECM, RUET, Bangladesh
 
Disa Itsm V1.3
Disa Itsm V1.3Disa Itsm V1.3
Disa Itsm V1.3
djaehnig
 
Internal Audit Best Practices for Safety, Environment, and Quality Audits
Internal Audit Best Practices for Safety, Environment, and Quality AuditsInternal Audit Best Practices for Safety, Environment, and Quality Audits
Internal Audit Best Practices for Safety, Environment, and Quality Audits
Nimonik
 
Yurii Chaika: Delivery Excellence in consulting model - importance, component...
Yurii Chaika: Delivery Excellence in consulting model - importance, component...Yurii Chaika: Delivery Excellence in consulting model - importance, component...
Yurii Chaika: Delivery Excellence in consulting model - importance, component...
Lviv Startup Club
 
PMI Project Management Principles
PMI Project Management PrinciplesPMI Project Management Principles
PMI Project Management Principles
tltiede
 
Compliance
ComplianceCompliance
Compliance
Rachel Ashe
 
Hays Talent Solutions - Dublin 2015
Hays Talent Solutions - Dublin 2015Hays Talent Solutions - Dublin 2015
Hays Talent Solutions - Dublin 2015
Hays Ireland
 
pmi project management principles.pptx
pmi project management principles.pptxpmi project management principles.pptx
pmi project management principles.pptx
ssusere01f83
 
6396901
63969016396901
6396901
addisu kahsay
 
Dev ops I Best Practices I NuggetHub
Dev ops I Best Practices I NuggetHubDev ops I Best Practices I NuggetHub
Dev ops I Best Practices I NuggetHub
RichardNowack
 

Similar to Scalable integrated program audit (sipa) (20)

PMP-Scope Management area
PMP-Scope Management areaPMP-Scope Management area
PMP-Scope Management area
 
Project Metrics & Measures
Project Metrics & MeasuresProject Metrics & Measures
Project Metrics & Measures
 
L1-Project Integration Management.pdf
L1-Project Integration Management.pdfL1-Project Integration Management.pdf
L1-Project Integration Management.pdf
 
Best Practices For Identifying Offshore Vendors
Best Practices For Identifying Offshore VendorsBest Practices For Identifying Offshore Vendors
Best Practices For Identifying Offshore Vendors
 
evaluation
evaluationevaluation
evaluation
 
14.05.08 cloud dev_ops_working_group_update
14.05.08 cloud dev_ops_working_group_update14.05.08 cloud dev_ops_working_group_update
14.05.08 cloud dev_ops_working_group_update
 
Regulatory Affairs Outsourcing Considerations and Models
Regulatory Affairs Outsourcing Considerations and ModelsRegulatory Affairs Outsourcing Considerations and Models
Regulatory Affairs Outsourcing Considerations and Models
 
MS Jiji
MS JijiMS Jiji
MS Jiji
 
Benchmarking
BenchmarkingBenchmarking
Benchmarking
 
Project Auditing
Project AuditingProject Auditing
Project Auditing
 
Disa Itsm V1.3
Disa Itsm V1.3Disa Itsm V1.3
Disa Itsm V1.3
 
Internal Audit Best Practices for Safety, Environment, and Quality Audits
Internal Audit Best Practices for Safety, Environment, and Quality AuditsInternal Audit Best Practices for Safety, Environment, and Quality Audits
Internal Audit Best Practices for Safety, Environment, and Quality Audits
 
Yurii Chaika: Delivery Excellence in consulting model - importance, component...
Yurii Chaika: Delivery Excellence in consulting model - importance, component...Yurii Chaika: Delivery Excellence in consulting model - importance, component...
Yurii Chaika: Delivery Excellence in consulting model - importance, component...
 
PMI Project Management Principles
PMI Project Management PrinciplesPMI Project Management Principles
PMI Project Management Principles
 
ROI-Institute-Brochure1
ROI-Institute-Brochure1ROI-Institute-Brochure1
ROI-Institute-Brochure1
 
Compliance
ComplianceCompliance
Compliance
 
Hays Talent Solutions - Dublin 2015
Hays Talent Solutions - Dublin 2015Hays Talent Solutions - Dublin 2015
Hays Talent Solutions - Dublin 2015
 
pmi project management principles.pptx
pmi project management principles.pptxpmi project management principles.pptx
pmi project management principles.pptx
 
6396901
63969016396901
6396901
 
Dev ops I Best Practices I NuggetHub
Dev ops I Best Practices I NuggetHubDev ops I Best Practices I NuggetHub
Dev ops I Best Practices I NuggetHub
 

More from Vishnuvarthanan Moorthy

Q!Digitz
Q!Digitz Q!Digitz
Q!Digitz
Vishnuvarthanan Moorthy
 
Software reusable repository management
Software reusable repository managementSoftware reusable repository management
Software reusable repository management
Vishnuvarthanan Moorthy
 
GDPR – Readiness in IT offshore organization
GDPR – Readiness in IT offshore organization GDPR – Readiness in IT offshore organization
GDPR – Readiness in IT offshore organization
Vishnuvarthanan Moorthy
 
Start-Ups Growth and Governance Management System
Start-Ups Growth and Governance Management SystemStart-Ups Growth and Governance Management System
Start-Ups Growth and Governance Management System
Vishnuvarthanan Moorthy
 
A LEADER THAN A MANAGER!
A LEADER THAN A MANAGER!A LEADER THAN A MANAGER!
A LEADER THAN A MANAGER!
Vishnuvarthanan Moorthy
 
Are you missing time in your Business Charts?!!
Are you missing time in your Business Charts?!!Are you missing time in your Business Charts?!!
Are you missing time in your Business Charts?!!
Vishnuvarthanan Moorthy
 
CMMI Agile Mapping
CMMI Agile MappingCMMI Agile Mapping
CMMI Agile Mapping
Vishnuvarthanan Moorthy
 
CMMI Implementation Guide
CMMI Implementation GuideCMMI Implementation Guide
CMMI Implementation Guide
Vishnuvarthanan Moorthy
 

More from Vishnuvarthanan Moorthy (8)

Q!Digitz
Q!Digitz Q!Digitz
Q!Digitz
 
Software reusable repository management
Software reusable repository managementSoftware reusable repository management
Software reusable repository management
 
GDPR – Readiness in IT offshore organization
GDPR – Readiness in IT offshore organization GDPR – Readiness in IT offshore organization
GDPR – Readiness in IT offshore organization
 
Start-Ups Growth and Governance Management System
Start-Ups Growth and Governance Management SystemStart-Ups Growth and Governance Management System
Start-Ups Growth and Governance Management System
 
A LEADER THAN A MANAGER!
A LEADER THAN A MANAGER!A LEADER THAN A MANAGER!
A LEADER THAN A MANAGER!
 
Are you missing time in your Business Charts?!!
Are you missing time in your Business Charts?!!Are you missing time in your Business Charts?!!
Are you missing time in your Business Charts?!!
 
CMMI Agile Mapping
CMMI Agile MappingCMMI Agile Mapping
CMMI Agile Mapping
 
CMMI Implementation Guide
CMMI Implementation GuideCMMI Implementation Guide
CMMI Implementation Guide
 

Recently uploaded

Bulk SMS Service Provider In Mumbai | sms2orbit
Bulk SMS Service Provider In Mumbai | sms2orbitBulk SMS Service Provider In Mumbai | sms2orbit
Bulk SMS Service Provider In Mumbai | sms2orbit
Orbit Messaging Hub
 
Comprehensive Water Damage Restoration Services
Comprehensive Water Damage Restoration ServicesComprehensive Water Damage Restoration Services
Comprehensive Water Damage Restoration Services
kleenupdisaster
 
What Are the Latest Trends in Endpoint Security for 2024?
What Are the Latest Trends in Endpoint Security for 2024?What Are the Latest Trends in Endpoint Security for 2024?
What Are the Latest Trends in Endpoint Security for 2024?
VRS Technologies
 
Courier & Package Tracking System Actually Works
Courier & Package Tracking System Actually WorksCourier & Package Tracking System Actually Works
Courier & Package Tracking System Actually Works
In Targos
 
Are Gutters Necessary? Explore the details now!
Are Gutters Necessary? Explore the details now!Are Gutters Necessary? Explore the details now!
Are Gutters Necessary? Explore the details now!
AmeliaLauren3
 
SECUREX UK FOR SECURITY SERVICES AND MOBILE PATROL
SECUREX UK FOR SECURITY SERVICES AND MOBILE PATROLSECUREX UK FOR SECURITY SERVICES AND MOBILE PATROL
SECUREX UK FOR SECURITY SERVICES AND MOBILE PATROL
securexukweb
 
Maximizing Efficiency with Integrated Water Management Systems
Maximizing Efficiency with Integrated Water Management SystemsMaximizing Efficiency with Integrated Water Management Systems
Maximizing Efficiency with Integrated Water Management Systems
Irri Design Studio
 
Don't Wait Until It's Too Late! 5-Signs Your Garage Door Needs Replacing
Don't Wait Until It's Too Late! 5-Signs Your Garage Door Needs ReplacingDon't Wait Until It's Too Late! 5-Signs Your Garage Door Needs Replacing
Don't Wait Until It's Too Late! 5-Signs Your Garage Door Needs Replacing
CR Garage Doors
 
WORK PERMIT IN BULGARIA | Work Visa Services
WORK PERMIT IN BULGARIA | Work Visa ServicesWORK PERMIT IN BULGARIA | Work Visa Services
WORK PERMIT IN BULGARIA | Work Visa Services
RKIMT
 
DOJO Training Center - Empowering Workforce Excellence
DOJO Training Center - Empowering Workforce ExcellenceDOJO Training Center - Empowering Workforce Excellence
DOJO Training Center - Empowering Workforce Excellence
Himanshu
 
ANTIVIRUS IS A SOFTWARE|basics protection
ANTIVIRUS IS A SOFTWARE|basics protectionANTIVIRUS IS A SOFTWARE|basics protection
ANTIVIRUS IS A SOFTWARE|basics protection
basicsprotection
 
Nature’s Paradise Glamorous And Sustainable Designs For Your Outdoor Living S...
Nature’s Paradise Glamorous And Sustainable Designs For Your Outdoor Living S...Nature’s Paradise Glamorous And Sustainable Designs For Your Outdoor Living S...
Nature’s Paradise Glamorous And Sustainable Designs For Your Outdoor Living S...
Landscape Express
 
Are Seamless Gutters Worth It? Explore now
Are Seamless Gutters Worth It? Explore nowAre Seamless Gutters Worth It? Explore now
Are Seamless Gutters Worth It? Explore now
acadiaborton
 
The Jamstack Revolution: Building Dynamic Websites with Static Site Generator...
The Jamstack Revolution: Building Dynamic Websites with Static Site Generator...The Jamstack Revolution: Building Dynamic Websites with Static Site Generator...
The Jamstack Revolution: Building Dynamic Websites with Static Site Generator...
Softradix Technologies
 
Delightful Finds: Unveiling the Power of Gifts Under 100
Delightful Finds: Unveiling the Power of Gifts Under 100Delightful Finds: Unveiling the Power of Gifts Under 100
Delightful Finds: Unveiling the Power of Gifts Under 100
JoyTree Global
 
Waikiki Sunset Catamaran ! MAITAI Catamaran
Waikiki Sunset Catamaran ! MAITAI CatamaranWaikiki Sunset Catamaran ! MAITAI Catamaran
Waikiki Sunset Catamaran ! MAITAI Catamaran
maitaicatamaran
 
Reliable Logistics Solutions - Truxcargo
Reliable Logistics Solutions - TruxcargoReliable Logistics Solutions - Truxcargo
Reliable Logistics Solutions - Truxcargo
Truxcargo
 
Importance of BWTS in the Maritime Industry
Importance of BWTS in the Maritime IndustryImportance of BWTS in the Maritime Industry
Importance of BWTS in the Maritime Industry
Blessed Marine Automation
 
Get your dream bridal look with top North Indian makeup artist - Pallavi Kadale
Get your dream bridal look with top North Indian makeup artist - Pallavi KadaleGet your dream bridal look with top North Indian makeup artist - Pallavi Kadale
Get your dream bridal look with top North Indian makeup artist - Pallavi Kadale
Pallavi Makeup Artist
 
Chandigarh call garal serives 9512450098
Chandigarh call garal serives 9512450098Chandigarh call garal serives 9512450098
Chandigarh call garal serives 9512450098
Chandigarh export services garal
 

Recently uploaded (20)

Bulk SMS Service Provider In Mumbai | sms2orbit
Bulk SMS Service Provider In Mumbai | sms2orbitBulk SMS Service Provider In Mumbai | sms2orbit
Bulk SMS Service Provider In Mumbai | sms2orbit
 
Comprehensive Water Damage Restoration Services
Comprehensive Water Damage Restoration ServicesComprehensive Water Damage Restoration Services
Comprehensive Water Damage Restoration Services
 
What Are the Latest Trends in Endpoint Security for 2024?
What Are the Latest Trends in Endpoint Security for 2024?What Are the Latest Trends in Endpoint Security for 2024?
What Are the Latest Trends in Endpoint Security for 2024?
 
Courier & Package Tracking System Actually Works
Courier & Package Tracking System Actually WorksCourier & Package Tracking System Actually Works
Courier & Package Tracking System Actually Works
 
Are Gutters Necessary? Explore the details now!
Are Gutters Necessary? Explore the details now!Are Gutters Necessary? Explore the details now!
Are Gutters Necessary? Explore the details now!
 
SECUREX UK FOR SECURITY SERVICES AND MOBILE PATROL
SECUREX UK FOR SECURITY SERVICES AND MOBILE PATROLSECUREX UK FOR SECURITY SERVICES AND MOBILE PATROL
SECUREX UK FOR SECURITY SERVICES AND MOBILE PATROL
 
Maximizing Efficiency with Integrated Water Management Systems
Maximizing Efficiency with Integrated Water Management SystemsMaximizing Efficiency with Integrated Water Management Systems
Maximizing Efficiency with Integrated Water Management Systems
 
Don't Wait Until It's Too Late! 5-Signs Your Garage Door Needs Replacing
Don't Wait Until It's Too Late! 5-Signs Your Garage Door Needs ReplacingDon't Wait Until It's Too Late! 5-Signs Your Garage Door Needs Replacing
Don't Wait Until It's Too Late! 5-Signs Your Garage Door Needs Replacing
 
WORK PERMIT IN BULGARIA | Work Visa Services
WORK PERMIT IN BULGARIA | Work Visa ServicesWORK PERMIT IN BULGARIA | Work Visa Services
WORK PERMIT IN BULGARIA | Work Visa Services
 
DOJO Training Center - Empowering Workforce Excellence
DOJO Training Center - Empowering Workforce ExcellenceDOJO Training Center - Empowering Workforce Excellence
DOJO Training Center - Empowering Workforce Excellence
 
ANTIVIRUS IS A SOFTWARE|basics protection
ANTIVIRUS IS A SOFTWARE|basics protectionANTIVIRUS IS A SOFTWARE|basics protection
ANTIVIRUS IS A SOFTWARE|basics protection
 
Nature’s Paradise Glamorous And Sustainable Designs For Your Outdoor Living S...
Nature’s Paradise Glamorous And Sustainable Designs For Your Outdoor Living S...Nature’s Paradise Glamorous And Sustainable Designs For Your Outdoor Living S...
Nature’s Paradise Glamorous And Sustainable Designs For Your Outdoor Living S...
 
Are Seamless Gutters Worth It? Explore now
Are Seamless Gutters Worth It? Explore nowAre Seamless Gutters Worth It? Explore now
Are Seamless Gutters Worth It? Explore now
 
The Jamstack Revolution: Building Dynamic Websites with Static Site Generator...
The Jamstack Revolution: Building Dynamic Websites with Static Site Generator...The Jamstack Revolution: Building Dynamic Websites with Static Site Generator...
The Jamstack Revolution: Building Dynamic Websites with Static Site Generator...
 
Delightful Finds: Unveiling the Power of Gifts Under 100
Delightful Finds: Unveiling the Power of Gifts Under 100Delightful Finds: Unveiling the Power of Gifts Under 100
Delightful Finds: Unveiling the Power of Gifts Under 100
 
Waikiki Sunset Catamaran ! MAITAI Catamaran
Waikiki Sunset Catamaran ! MAITAI CatamaranWaikiki Sunset Catamaran ! MAITAI Catamaran
Waikiki Sunset Catamaran ! MAITAI Catamaran
 
Reliable Logistics Solutions - Truxcargo
Reliable Logistics Solutions - TruxcargoReliable Logistics Solutions - Truxcargo
Reliable Logistics Solutions - Truxcargo
 
Importance of BWTS in the Maritime Industry
Importance of BWTS in the Maritime IndustryImportance of BWTS in the Maritime Industry
Importance of BWTS in the Maritime Industry
 
Get your dream bridal look with top North Indian makeup artist - Pallavi Kadale
Get your dream bridal look with top North Indian makeup artist - Pallavi KadaleGet your dream bridal look with top North Indian makeup artist - Pallavi Kadale
Get your dream bridal look with top North Indian makeup artist - Pallavi Kadale
 
Chandigarh call garal serives 9512450098
Chandigarh call garal serives 9512450098Chandigarh call garal serives 9512450098
Chandigarh call garal serives 9512450098
 

Scalable integrated program audit (sipa)

  • 1. SCALABLE & INTEGRATED PROGRAM AUDIT (SIPA) METHOD Vishnu Varthanan Moorthy12 Jul 17
  • 2. Scope and Applicability  Scope: This presentation explains the method of Scalable & Integrated Program Audit and its benefits in performing audits in large & complex programs with multiple reference/expectations.  Applicability: The framework and explanation is limited to Software Industry, however the same can be leveraged to other industries with adequate care.
  • 3. Fitness of Audit programs for Large programs/Engagements  Challenges in Auditing  Lack of recognition of complexity in planning  Long duration Audit Program  Inadequate Coverage to give confidence on report  Not involving all roles in program  Audit teams are not composed with Right capabilities  Engagement undergo multiple audits from various teams  Unclear objectives and ineffective results  Auditors’ lost in vastness of information and Jargons Large Engagements Complex governance Multiple Services offered Many suppliers Tools dominance and virtual environments Legal needs/data protection Increased Communication channels
  • 4. Scalable & Integrated Program Audits  Scalable: Audit planning can be ramped up or down based on the Engagement/practice needs.  Integrated: Multifunctional & multi objective audit performed in co-ordinated manner with shared values and clear responsibilities  Program : Covering delivery of services, governance and capabilities to achieve successful results  Audit: Evaluation of execution of activities as per expected norms/references , on sample basis, to ensure the management/client/social objectives are met. Scalable & Integrated Program Audit is an effective Auditing framework for handling large complex programs/ practices in organization, which works on Value Generation, Compliance, capability and Risk evaluation principles. This differs from traditional audits interms of ability to handle larger teams, matrix communications, mammoth information, multiple norms in a systematic manner and yielding results.
  • 5. SIPA Framework – Value Layers Audit Execution Layer Integrated Program Layer Strategizing & Scaling Up Layer • Objective & Value Generation • Sponsor/mgmt, Practice /Program Lead Auditor • Key Focus Areas • Strategizing Audit Program • Shared Objectives • Initial information processing • Interface &Interactive Points • Governance & resources • Conduct & Reporting Norms • Tactical planning • Consolidation and Realignment • Information and evidence processing • Report development & Agreement
  • 6. SIPA - Framework Auditor by Fn & Stream Auditor by Fn & Stream Auditee by role Audit Strategy & Value Generati on Shared Objective s Stream Objective s Audit Program Level Objective s Tactical Schedule Prepare Stream Audit Execute Report Activity 1 Activity 2 Activity 3 Stream 1 Tactical Schedule Prepare Stream Audit Execute Report Activity 1 Activity 2 Activity 3 Stream 2 Tactical Schedule Prepare Stream Audit Execute Report Activity 1 Activity 2 Activity 3 Stream 3 Tactical Schedule Prepare Stream Audit Execute Report Activity 1 Activity 2 Activity 3 Stream N Daily Standup Daily Report Consolidation ThreadLog QueryNotes Program LA Functional LA’s Engagement (or) Practice Mgmt ProgramAuditPlan ObjectiveMapping Tactical Schedule Prepare Mgmt Audit Execute Report Activity 1 Activity 2 Activity 3 Governance Tactical Schedule Prepare Stream Audit Execute Report Activity 1 Activity 2 Activity 3 3C (Capability, Competency & Communication) Objective Scope Budget Value Generation Top Management/ Sponsor Practice LA/Program LA Practice Level for Multiple Programs
  • 7. Are Both Condition Same? Engagement with a team of 50 members and its has to have compliance with contractual requirements and ISO9001 standard. The team is working on Mobile application development. Engagement with 900 members and is looking forward to submit to client the report on compliance to contractual requirements, risks and value addition performed in engagements and has reference to data security, healthcare and Business continuity aspects. The Engagement services 4 major type of work (development, maintenance, data center management, migration of code) and working across multiple domains with virtual environment and many automation activities are in progress. In addition there is high dependency with external service provider in maintaining service levels. Also 50 of testers are working as sub contractor in the engagement. Around 12 certified project managers handling various activities in engagement. Unfortunately our Auditing Approach , many a times doesn’t recognize the difference.
  • 8. Planning in SIPA • Get Objectives from Management (and/or) Audit function Head • Collect the reference compliance norms • Understand Client and Interested parties expectations • Collect information about Engagement/ Practice (multiple engagements) over people, operations, sites, suppliers ,etc • Agree on Scope and Objectives • Provide initial estimation to agree on Budget and availability on logistics Finalize Objective & Scoping • Assess the different Competencies needed for Audit • Involve stakeholders to get nominated Auditors • Conduct expectation setting session • Design Structure of Audit teams • Develop shared vision and norms • Identify critical components & Areas to check and share the responsibilities Design for Outcome • Prepare detailed Schedule in alignment with engagement/practice Contact members • Ensure Coverage and Scope • Ensure Auditee Identification at practice/program/stream level • Identify if any additional auditee’s are needed (supplier/extended support) • Plan the logistics of Program • Communicate schedule and high level method Plan Elements
  • 9. Planning Factors by Level References/NormsAudit Focus • Regulatory Audit • Process Audit • Financial Audit • Security Audit • Functional Audit • Performance Audit • Business Continuity Audit • Domain Based Audit • Technology/Architecture Audit • Standards Readiness Audit Third party audits are not covered in this method , as they have pre- defined guidance in most cases. • Contracts and Annexures • Quality System • Policies and procedure • Org/Practice/guidelines • Statutory/Regulatory Requirements • International & national Standards • Best Practices in Industry • Client Mandates/ Supplier Standards • Company Objectives • Practice/Engagement Roles & Reporting • Delivery of Services • Policies and procedure • Size of team & Grades of employees • Operation sites • Tools & Technology • No. of support teams • Suppliers and type of Contracts • Current Activities • Other Select Information Characteristics
  • 10. Steps Involved in Planning Initiation with Management Objective Finalization Study Characteristics Design Value addition with Functional Auditors Develop a Practice Audit/Program Audit Plan Initiate Shared Vision and Ground rules Collect information on Practice/Program Plan Practice level Schedule(or) Program Level Prepare Auditing Aids Plan logistics Plan stream level Objectives Collect Information on Streams Plan Stream Level Schedule Collaborate with Auditors Finalize Planning When Practice Level Audit is required , then multiple program level Audits can be subset of the Practice level Audit. Each program audit can have multiple stream level audits. StrategizeProgramPlanStreamPlan
  • 11. Scalability & Integration in Audit Practice Level Multiple Programs Program level Multiple Streams Quality Process Regulatory Security Cyber security Business continuity Technical Architecture Configuration Other Additions Stream : upto 150 member Program: Upto 900 member or not more than 6 Stream Practice: upto 5000 member or not more than 6 programs Not More than 5 focus area Scalability Integration
  • 12. Execution Opening Meeting Audit Execution Report Preparation Presentation Opening Meeting Opening Meeting Practice Level Program level Stand up Meeting Program level Program Governance Audit Stream Level Audit Stream Level Audit Stream Level Audit Daily Report Consolidate ThreadLog Query Notes Stand up Meeting Program Governance Audit Stream Level Audit Stream Level Audit Stream Level Audit Daily Report Consolidate ThreadLog Day N-aDay 1 Practice Level (As Applicable with Program connect) Stand up Meeting Daily Report Consolidate ThreadLog QueryNotes Reporting & Closing Reporting & Closing Thread Log: Helps auditors to share threads with other auditors in a stream or governance level. Across programs as required Query Notes: To be verified items which they want to take it with auditors. Typically connects the next day standup meeting.
  • 13. Typical Areas to Check • Client/Management Expectations • Contract/scope Commitment Mapping in planning • Budget provision for Execution • Management Structure • Roles and Responsibilities • Delivery Methodology Identification • Risk Identification and Management • RACI/Stakeholder Identification • Deliverables and Acceptance criteria • Standards/Regulatory Requirements • Resource Needs • Resource& Service Procurement • Internal/External Service Provider • Security • Business Continuity • Performance Management • Compliance Checks • Manage Teams Governance 3C (Competency, Capability & Communication) • Resource Competency Management • Training and Development • Motivation and People Performance • Dynamic Resource need handling • Assets and Roles alignment with Commitment • Develop/maintain Systems and Tools • Develop process flows/Processes • Capability measurement • Client Expectation Tracing • Scope/Change Management & Communication • Reporting and Sharing • Decision Sharing • Internal Team Communication • External Communication • Facilities and Infrastructure • Control of data/Records • Stream Level Planning • Resource management • Risk management • Deliverable Management • Traceability of decisions • Capacity and availability management • Back up and Security • Lifecycle and Validation points • Budget Consumption and Key Performance measures • Client expectations met • monitoring and control • Service provider tracking • Regulatory/Standard application/compliance • Resource Onboard/off-board • Trainings • Reporting • Tools/licenses/assets and Infrastructure Stream • Cost Savings • Quality Improvements • On-time performance • Compliance management • Operational Efficiency • Improvement & Innovations • Career path of resources • Client Satisfaction Improvement • Additional Value offerings • Technology adherence/utilization • ROI on Key Decisions • Succession Plan Value chain
  • 14. ReportingAuditObjective Practice Evidence Program Evidence Stream Evidence Deviations Weakness Strengths Opportunities for Improvement Focus Area 1 Deviation (Ex: Regulatory/Process) Focus Area “N” Deviation (Ex: Security) Practice Evidence Program Evidence Stream Evidence Report Value Chain Results Report consolidation Draft Report Preparation Management presentation Final Report Submission Practice LA/Program LA Top Management/ Sponsor Functional LA’s Engagement (or) Practice Mgmt SharedVision
  • 15. Conclusion  SIPA gives better control and focus over audits  Flexibility to scale up to required level and Add multifunctional Auditors leads to new possibilities  Audits are not merely compliance focused / Risk assessments instead leads better Progress and Value addition  Organized Audits reduces chaos and better plans enable auditee to be in comfort to do reality check  Reduces frequent audits on engagement/practices by various functions  Increases Client /Management confidence in Audits  Improves effectiveness of Audit and Better Reporting.