Audit & Assessment Manager
During the course of a year, the enterprise may be subject to multiple audits
or assessments. For example, the organization may be audited by the internal
audit group, external auditors, regulatory assessors, and SAS 70 auditors. Each
assessment may focus on different sets of controls, but there will also be
considerable overlap in assessment targets. Each assessment will involve
significant information gathering, documentation review, and testing for the
audit team as well as substantial manpower support from the audited
organization, and every hour spent will be a direct cost to the audited
organization.
ProcessUnity Audit & Assessment Manager provides tools to make audits and assessments
quicker, less-painful, and cheaper. Four styles of assessment are supported:
controls assessments, process assessments, IT systems assessments, and
assessments directly against the provisions of a regulation or standard.
Assessment support functions include:
- Customized definition of each assessment type in terms of phases and
target dates
- Definition of assessment scope though check-off of target controls,
processes, systems, or regulations
- Giving assessors a view into detailed information for in-scope items,
and only for in-scope items
- Generation, tracking, and fulfillment of auditor document requests
- Definition, scheduling, and execution of tests within the assessment
context
- Audit life-cycle management—including phase review and approval
- Management reports to show progress and results of individual
assessments and to provide a perspective across all assessments
|
|