The document discusses value-for-money auditing and assessing the value of IT investments and operations. It defines value-for-money as operating economically, efficiently, and effectively. It provides definitions and examples of economy, efficiency, and effectiveness. The presentation discusses how IT value is linked to risk, governance, and business objectives. Tools like Val IT, Risk IT, and COBIT are presented as frameworks to assess IT value, risk, and governance. The goal is to ensure IT supports business goals and priorities rather than existing for its own sake.
Business Process Improvement - A Strategic and Supply Chain Perspective Amit Kapoor
A short session I conducted at IIM Bangalore on sharing my experience on the what, how and why of business process improvement in strategy and supply chain. Credit for the concepts (and charts) go to my time spent at Booz & Company in Europe doing most of this work.
BPM Governance is what sets BPM apart from Process Improvement. Having a Centre of Excellence (CoE) focus on key elements of process governance provides for the sustained transformation of BPM. Elements of this presentation are extracted from the Industry Report "BPM - Insights and Practices for Sustained Transformation" (2008)
Business Process Improvement - A Strategic and Supply Chain Perspective Amit Kapoor
A short session I conducted at IIM Bangalore on sharing my experience on the what, how and why of business process improvement in strategy and supply chain. Credit for the concepts (and charts) go to my time spent at Booz & Company in Europe doing most of this work.
BPM Governance is what sets BPM apart from Process Improvement. Having a Centre of Excellence (CoE) focus on key elements of process governance provides for the sustained transformation of BPM. Elements of this presentation are extracted from the Industry Report "BPM - Insights and Practices for Sustained Transformation" (2008)
Internal controls maturity and SME corporate governananceBrowne & Mohan
Good Corporate governance is a key factor in ensuring sound financial reporting and deterring misappropriations of capital and resources. Internal control and corporate governance go hand in hand. Many SME
have an ambitious goal of reaching a
reliable, continuous and integrated internal
control state. However, many SME’s are
still grappling to build a comprehensive
control process. In this paper, we present an
internal maturity framework that SME can use to benchmark and know how they can discourage frauds, improve compliance and adoption of standards.
Steps for setting up Internal Audit Function / Department in Small / Medium S...Pritesh Hirapara
How to set up internal audit department in India, Strengthen Internal Audit Department, Internal Audit Department for Small and Medium size company in India.
Keller Graduate School of Management class - PM600 - this was the final presentation - created and presented by Scott Lang & Rajeshwer Subramanian
We were a 2 man team working over the length of the course creating and developing this project.
Hoping to show presentation skills and the understanding of the principles of project management
The Business Process Management overview presentation is a comprehensive walkthrough of what Business Process Management is and how you implement it at your company or your customer company. for more detail keep updating here : http//www.wesrch.com
Internal controls maturity and SME corporate governananceBrowne & Mohan
Good Corporate governance is a key factor in ensuring sound financial reporting and deterring misappropriations of capital and resources. Internal control and corporate governance go hand in hand. Many SME
have an ambitious goal of reaching a
reliable, continuous and integrated internal
control state. However, many SME’s are
still grappling to build a comprehensive
control process. In this paper, we present an
internal maturity framework that SME can use to benchmark and know how they can discourage frauds, improve compliance and adoption of standards.
Steps for setting up Internal Audit Function / Department in Small / Medium S...Pritesh Hirapara
How to set up internal audit department in India, Strengthen Internal Audit Department, Internal Audit Department for Small and Medium size company in India.
Keller Graduate School of Management class - PM600 - this was the final presentation - created and presented by Scott Lang & Rajeshwer Subramanian
We were a 2 man team working over the length of the course creating and developing this project.
Hoping to show presentation skills and the understanding of the principles of project management
The Business Process Management overview presentation is a comprehensive walkthrough of what Business Process Management is and how you implement it at your company or your customer company. for more detail keep updating here : http//www.wesrch.com
Talent Management as an Evergreen Process: A Case Study - P. Church/E. Hoeppn...HR Network marcus evans
Peter T. Church & Eric J. Hoeppner from the Hartford Financial Services Group, Inc., deliver a joint presentation at the marcus evans HR Summit Fall 2011, entitled Talent Management as an Evergreen Process: A Case Study
THE TIME SAVING BENEFITS OF USING BALANCED SCORE CARD AT THE WORKPLACE Abraham Ncunge
Balanced Score card is applied by organizations to promote performance and productivity through efficiency and effective management by embracing Strategic Management
What ISO Management Systems can learn from Balanced Scorecard?PECB
Balanced Scorecard is a Strategy Management System developed by Professors Kaplan and Norton. It is probably the most comprehensive system/tool in the modern world. It allows an organization balance its Strategy across 4 perspectives (Financial, Customer, Internal Process and Learning and Growth Perspectives). It further lets an organization break down each of these 4 perspectives based on 4 criteria which are Objectives, Measures, Target and Initiatives. There is a lot that ISO Implementers and Auditors need to learn from a Balanced Scorecard that will help in better delivering ISO engagements. This webinar will take a critical look at what is Balanced Scorecard and what ISO Consultants need to know to about it.
Main points covered:
• What is a Balance Scorecard?
• How Balance Scorecard allows organization to balance its Strategy across 4 perspectives (Financial, Customer, Internal Process and Learning and Growth Perspectives)
• How an organization breaks down each 4 perspective based on 4 criteria (Objectives, Measures, Target and Initiatives)
Presenter:
This webinar was presented by Orlando Olumide Odejide, who is the Chief Trainer for Training Heights Limited. Orlando is an experienced Enterprise Architect and Programme Director working on various technology solutions including SharePoint, SQL Server, Oracle, SAP, Odoo and Qlikview Technologies for clients in the Financial Services, Government and Manufacturing Sectors.
Link of the recorded session published on YouTube: https://youtu.be/XPPj9XhXl0s
With the Obama Adminstration emphasizing accountability and performance associated with the economic stimulus package, here is a primer on the basics of government performance and results that can be applied to any level of government services and programs.
This presentation describes a powerful facilitated strategic planning workshop method that will assist your organization in addressing the issues raised on this page, and build a winning Information Governance (IG), Enterprise Content Management (ECM), or Records and Information Management (RIM) Strategy. This strategy will be used to guide your organization, or department, as it plans to initiate new programs and systems, or upgrade your current information management practices, content management systems and tools, or plan to improve your overall program maturity. You will learn the power of a strategic framework providing all of the strategic tools necessary to support your initiative, project, and implementation effort.
Your take-away from the IT Service Management (ITSM) presentation are:
• A clear understanding of PM practices used in the implementation of ITSM
• Planning tips to successfully deliver an ITSM process improvement project
• Marketing ideas to socialize the message to the organization
• Testing techniques to achieve organic improvements along the way
• Ways to achieve buy-in from stakeholders
How to improve and map performance metrics to your organization's strategic plan. Results? Higher impact, better communications, and more business success
Government Quality Management - It's Not an Oxymoron!
Government can and does provide quality performance in management. One way is through the use of the Baldrige Criteria for Performance Excellence and see some of the national stars from around the nation.
1. Value-For-Money IT
Are You Operating Economically,
Efficiently and Effectively?
Presenters:
Ron Foster, CISA, CIA, PMP, CMA
Auditor General – City of Oshawa
Paul Wallis, CMA, CIA, CISA
Director, Internal Audit – Region of Peel
2. Agenda
Value for Money Auditing - What is it?
IT Value - What is it? - Why is it Important? How
does it Link to Risk and Governance?
Value IT Example
Value for Money Audit Process Models and
Tools
4. Classic Definition
Value-for-Money Auditing is one of the Three
Elements of Comprehensive Auditing.
Comprehensive Auditing Embraces Three
Related but Separate Aspects of Public Sector
Accountability Including:
Financial Reporting
Compliance with Authorities
The Economical, Efficient and Effective
Management of Public Funds and Resources
5. Brief History
In 1977, the Parliament of Canada gave its
Auditor a Mandate to Report whether Money
was Spent with Due Regard to Economy
and Efficiency in the Acquisition and
Management of Goods and Services and
whether the Effectiveness of Programs is
being Measured and Reported
6. More Brief History
Comprehensive Auditing is now Practiced in
Virtually all Provincial Governments and in the
Federal Government
It is now Practiced by both External, Legislative
Auditors and Internal Auditors
Federal Crown Corporations are by Law
Required to Conduct Periodic “Special
Examinations” that Invoke all the Principal
Elements of Comprehensive Auditing
7. Economy
Refers to the
Acquisition of the
Appropriate Quality and
Quantity of Financial,
Human and Physical
Resources at the
Appropriate Times and
at the Lowest
Reasonable Cost
Right Amount
Right Place
Right Time
Right Kind
Right Cost
8. Efficiency
Maximizing outputs
for fixed level of
inputs
Minimizing inputs for
fixed level of outputs
Inputs include
physical and human
resources
Outputs include
services provided
Measures the Use of
Resources [Outputs]
Does not Measure
Quality or Relevance
[Outcomes]
[Efficient use of Resources
does not mean Business
Outcomes were met!!!]
9. Effectiveness
Refers to the
achievement of
objectives or other
intended effects of
operations, activities
or programs
Highest Level of
Accountability
Most Elusive
Measurement often
not Reflected in
Standard Time Period
[Fiscal Year]
Program, Process,
Service Relevance
11. Private Sector Government
Example Outcome Measures
Customer Satisfaction
Market Share
Earnings
Profit
Return on Investment
Liquidity
Dividends per Share
Customer Satisfaction
Proportion - Target Population Served
Mission or Goal Achievement
Break Even; Cost Recovery
Cost-Benefit
Financial Viability
Cost-Effectiveness
Source: Performance Auditing, A Measurement Approach 2nd Edition; Ronell Raaum and Stephen Morgan
12. Value-For-Money Audit Standards
PS 5300 of the CICA Handbook [Standards for
Assurance Engagements]
The IIA’s International Standards for the
Professional Practice of Internal Auditing
INTOSAI [ISSAI 3000 – 3100, Performance Audit
Guidelines]
• Value-for-Money Audit Manual [Auditor General of
Canada]
15. 2008 – 24% Fail, 32%
Successful, 44% Challenged
[CHAOS SUMMARY 2009]
2002
20% Of All Expenditures - Wasted!!
Where is the Value??
16. IT Project Failure = Lost Value
• Oh…That’s What You
Wanted!! [Requirements not Defined]
• Geez….I Thought Everything
Was On Track!! [Weak Project
Manager]
• It’s Those Technology Guys!!
[Business Owners not Involved]
• It Worked When We Tested It!!
[No Change Management]
• Only 1000 Days to Retirement,
I’ll Wait It Out!! [No Commitment]
• ………..and More!!
Excuses and Face Saving!!
17. IT Project Costs
20%
80%
20% [Software Costs]
80% [Project Management, Process, Bureaucracy…etc]
Some Necessary…..some not!!
The Technology is not the Problem as much as how it is Used!!
18. Value/Governance Relationship
Effective IT Governance
is the single most
important predictor of the
value an organization
generates from IT.
Peter Weill and Jeanne W. Ross – IT
Governance, How Top Performers
Manage IT Decisions for Superior
Results
Strategic Question
Architecture Question
Value Question
Delivery Question
Adapted from Val IT Framework 2.0
[Input] [Outcome]
[Process] [Output]
19. IT Governance
1. Strategic Alignment
Aligning with the Business and
Providing Collaborative
Solutions
2. Value Delivery
Focus on IT Expenses and
Proof of Value
3. IT Asset Management
Knowledge, Infrastructure and
Partners
4. Risk Management
Safeguarding Assets and
Disaster Recovery
5. Performance Measurement
IT Scorecards
20. Value and Governance
IT Governance defines a structure of relationships,
processes and measures to direct and control IT
assets (e.g. people, finance, infrastructure) in order to
achieve the enterprise's goals by adding value while
balancing risk with return
It helps to define roles and responsibilities and
specify an accountability framework to encourage
desirable behaviour in IT and accountability for the
use of IT assets. IT governance also helps to
standardize best practices and define monitoring
methods
21. Value and Governance Issues
Heightened Management Expectations
Linkage of Managing IT Services and
Priorities to Business Risks, and Need for
Effective Internal Control
Best Practices - What are they, and are we as
an Organization Appropriately
Implementing?
Just how exactly do we know if IT is being
Managed Effectively?
25. Outcomes Corporate Profitability - Private Sector [Short and Long Term]
Program Success - Public Sector [Citizen Satisfaction] Effectiveness
Outputs Value Capture – Increased IT Profits, Increased Service Delivery
[External] Customer Loyalty and Retention – Increased Sales/Use from Existing Customers
Customer Acquisition – Increased Sales/Use from New Customers
Channel Optimization – Increased Site Traffic and Sales Efficiency
Outputs Direct Cost Savings – Reduced IT Costs and Other Direct Costs
[Internal] Improved Quality – Reliable Information, Less Inspections, Lower Cost of Quality
Increased Capacity Use – Optimal Use of Existing Resources
Time Savings – Shortened Process Cycles
Increased Productivity – Operational Improvements Efficiency
Processes IT Systems – Appropriate Processes for Effective Implementation
IT Structure – Integration into Business Unit Structure
IT Strategy – Coherent and Aligned Strategy
Leadership – Commitment and Focus on IT Initiatives Efficiency
Inputs Resources – Adequate Capital & People
Corporate Systems – Training, Processes and Culture
Corporate Structure – Organization Structure
Corporate Strategy – Alignment/Business Integration
External Environment – External Force Adaptation Economy & Efficiency
IT Performance Measures
26. D1. Recognition of Staff
Suggestions
D2. Staff Absenteeism Rate
D3. Staff Credentials
D4. Staff Retention Rate
D5. Internal Promotion Index
D6. Development Hours Index
D7. Staff Satisfaction Survey
Help Executive Management, Operation
Management and staff fulfill their
stewardship responsibilities/
accountabilities.
Resource
Management
Ensure IT resources and
infrastructure are
appropriate.
Our People/Staff
Hire, motivate, develop,
promote and retain quality
staff.
Processes Maturity
Ensure process maturity
level is appropriate for
environment.
B1. In-house vs. contract considered
B2. Lease vs. Own Considered
B3. Build vs. Buy Considered
B4. Life Cycle Costs Considered
B5. Cost of Service Measures
C1. Process Mapping & Gap Assessment
C2. Risk Assessment & Management
C3. Quality Assurance Results
C4. Customer Satisfaction Survey Results
C5. Service Levels Monitored & Reported
A1. Regular Meetings with ITSC
A2. Strategic Plan Approved
A3. Strategic Plan Updated Periodically
A4. Annual Business Plan Completed
A5. Executive Satisfaction Survey
IT Steering Committee
Ensure alignment of the IT
function with corporate
mission and goals.
Value-for-Money Scorecard for IT Services
27. Define
Objectives
Assess
Structure
Assess
Resources
Assess
Processes
Assess
Performance
Address
Issues
Business
Objectives/
Outcomes
IT Objectives/
Outcomes
IT
Performance
Measures
What Do You
Want to
Accomplish?
Strategic
Plan-Link
IT
Governance
Board
Risk
Management
Framework
Organization
Structure
Culture
People
(Capacity and
Capability
Technology
Education and
Development
Funding Technology
Acquisition
[Procurement]
Technology
Management
Project
Management
Service Delivery
Standards
Benchmarking
Architecture
Link to
Objectives
Performance
Reporting
Information
Integrity
Compliance
[Laws and
Regulation]
Validity of
Measures
Economy
Improvements
Efficiency
Improvements
Effectiveness
Improvements
Reassess
Objectives [If
Needed]
Customer
Satisfaction
Governance?
Value For Money Review Approach
Risk
28. Define
Objectives
Identify
Risks
Analyze
Effect and
Cause
Determine
Significance
and
Likelihood
Risk Assessment/Control Design Process
Method for
Managing
Risk
Design
Control
System
Business
Objectives/
Outcomes
Performance
Measures
(KPI)
Risk Appetite
& Tolerance
(KRI)
What Do You
Want to
Accomplish?
Risk
Inventory
What Can
Go Wrong
to Prevent
Meeting
Objectives/
Outcomes?
Events
Potential
Harm (What
Might
Happen?)
Opportunity?
Why Does the
Risk Exist?
(Root Cause)
The Relative
Importance
Within the
Context it is
Being
Considered
(Impact)
A Probability
or Chance of
a Risk or
Event
Happening
Inherent Risk
Avoid Risk –
(Stay Out of
the Program
or Business)
Accept the
Risk (Take a
Chance)
Reduce to
Acceptable
Level
Transfer
(Insurance)
Controls
Mitigate Risk
Controls are
Cost Effective
If there is no
Risk, there is
no need for a
Control!!
Design to
Seize
Opportunity
Management - Develop Risk Mitigation Strategies either Strategically and/or Operationally
Internal Audit - Provide Control Advice to Clients
29. Useful Tools
Val IT
• Business/IT Partnership
• IT Investment Common
Language
• Supports Better
Investment Decisions
• Potential Cost Reductions
• Supports IT Enabled
Business Change
Management
30. Useful Tools
Risk IT
• Guiding Principle
Framework for Managing
Risk
• IT/Enterprise Risk
Integration
• Risk Common Language
• End to End IT Risk
Management – Tone from
the Top to Operations
31. Useful Tools
COBIT
[Integrated with
Risk IT and Val IT]
• Improves IT Efficiency and
Effectiveness
• Better IT/Business
Integration
• Support Better Resource
Management
• Potentially Enable and
Maximizes the Business
32. Information Technology
Supports the Enterprise
in meeting Overall
Business Goals and
Priorities
Information Technology
does not Exist for its
Own Sake and for its
Own Ends
Thoughts
33. Paul Wallis
Director - Internal Audit
Region of Peel
Brampton, Ontario
Canada
paul.wallis@peelregion.ca
Ron Foster
Auditor General
City of Oshawa
Oshawa, Ontario
Canada
RFoster@oshawa.ca