Mission Risk & Internal Control The New Normal

Slides:

Advertisements

Similar presentations

Interactive Financial eXchange XML Usage in Financial Services Mark Tiggas President, Interactive Financial eXchange Open Applications.

Advertisements

Chapter 1 Business Driven Technology

Federal Audit Executive Council (FAEC) June 2012 Bi-Monthly Meeting Heather I. Keister Doris G. Yanger June 14, 2012 Green Book Update.

NSAA Information Technology Conference Planning the Scope of Your IT Audit _____________________________________ October 1, 2014 Jennifer Schreck, Audit.

Private Sector Perspectives on Federal Financial Systems Modernization and Shared Services.

Technology Applications in the Age of Integrity Integrity Forum 2006 Tony Murphy Vice President, Worldwide Sales ACL Services Ltd.

Operational Risk ACSDA Leadership Forum ACSDA Leadership Forum New York City, USA - October 8-10, 2007 Diana Downward, DTCC.

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Chapter © 2009 Pearson Education, Inc. Publishing as Prentice Hall.

Audit Guidance Using the Federal Information System Controls Audit Manual (FISCAM) to Achieve Audit Objectives in Financial and Performance Audits Mickie.

Security Controls – What Works

Intergovernmental Subcommittee Update: Geospatial Platform Jerry Johnston March 18, 2011.

Customer Relationship Management Systems Nicole Burch Kenneth Glindmyer.

The Web is perhaps the single largest data source in the world. Due to the heterogeneity and lack of structure, mining and integration are challenging.

Chapter 14 The Second Component: The Database.

1 Copyright © 2014 PPM 2000 Inc. SINGAPRORE, AUGUST 2014 Denis O’Sullivan, CPP INCIDENT MANAGEMENT TECHNOLOGY CHALLENGES.

Center of Excellence for IT at Bellevue College. IT-enabled business decision making based on simple to complex data analysis processes  Database development.

CORPORATE RISK MANAGEMENT & INSURANCE BY R P BLAH D.G.M. INCHARGE THE ORIENTAL INSURANCE COMPANY LIMITED REGIONAL OFFICE BHUBANESWAR.

Governance, Risk, and Compliance Bill Greene Senior Industry Director.

A Guide for Navigators 1National Disability Institute.

WHAT TRAVEL PAYMENT IS ALL ABOUT. Welcome to the 4 th Industrial Revolution – Big Data and Travel Ron DiLeo, President and CEO, AirPlus International,

2nd Global ABC Conference and Exhibition October 2013

1.Knowledge management 2.Online analytical processing 3. 4.Supply chain management 5.Data mining Which of the following is not a major application.

Supporting tools in an IT Project & Portfolio Management environment Ann Van Belle -

Opening Keynote Presentation An Architecture for Intelligent Trading  Alessandro Petroni – Senior Principal Architect, Financial Services, TIBCO Software.

Real Impact for better Government Ludmila Fateeva International Organizations Director for CEE Microsoft June 4 th, WB P2P, Georgia.

Emergency Management & HLS Solution Assessment and Pre-Planning Software.

Reporting to Management Using Microsoft Project and EPM Derek Loar, Pcubed.

Chapter Three IT Risks and Controls.

© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.

INTEGRATING ENTERPRISE RISK MANAGEMENT IN THE FEDERAL GOVERNMENT

35 th Consultative INIS Liaison Officers Meeting Vienna, Austria October 2010 Usage Metrics Subgroup Status Report Debbie Cutler (augmented by Taghrid.

Banking on Analytics Dr A S Ramasastri Director, IDRBT.

Enterprise Risk Management Chapter One Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc

Introduction – Addressing Business Challenges Microsoft® Business Intelligence Solutions.

 PBMA-KMS deployed in March of 2001 is the first fully operational NASA-wide multi-functional Knowledge Management System  Knowledgebase 200+ Best Practices.

CTOlabs.com Government Big Data Success Stories Bob Gourley Jan 2012.

Data Mining BY JEMINI ISLAM. Data Mining Outline: What is data mining? Why use data mining? How does data mining work The process of data mining Tools.

Copyright 2004 John Wiley & Sons, Inc Information Technology: Strategic Decision Making For Managers Henry C. Lucas Jr. John Wiley & Sons, Inc Dinesh.

CASE (Computer-Aided Software Engineering) Tools Software that is used to support software process activities. Provides software process support by:- –

The Challenge  Traveler information offerings are evolving very rapidly  User expectations, technologies, and roles are all in motion  Agencies need.

Pertemuan 16 Materi : Buku Wajib & Sumber Materi :

By, CA K RAGHU, PAST PRESIDENT – INSTITUTE OF CHARTERED ACCOUNTANTS OF INDIA.

National Geospatial Enterprise Architecture N S D I National Spatial Data Infrastructure An Architectural Process Overview Presented by Eliot Christian.

© Nous Infosystems Pvt. Ltd. – Confidential Social Engagement for Banks and Financial Services Leveraging 19 years of expertise in global software services.

Information Systems in Organizations Managing the business: decision-making Growing the business: knowledge management, R&D, and social business.

1 Introduction to Enterprise Risk Management Liz Ryan On Detail to NOAA OCFO Risk Office.

Strategic Planning Chester County Library System Strategic Planning Steering Committee November 14, 2008 Gail Griffith.

1© 2015 IBM Corporation Unlocking the power of the API economy Client Briefing Nov.

Copyright © 2016 Pearson Education, Inc. Modern Database Management 12 th Edition Jeff Hoffer, Ramesh Venkataraman, Heikki Topi CHAPTER 11: BIG DATA AND.

AppulateConnect April, 2016 The Power of Innovation

What is ISO Certification? Information is a valuable asset that can make or break your business. When properly managed it allows you to operate.

JMFIP Financial Management Conference

Meemim's Microsoft Azure-Hosted Knowledge Management Platform Simplifies the Sharing of Information with Colleagues, Clients or the Public MICROSOFT AZURE.

Customer Relationship Management Systems

Transaction Processing Systems

Leveraging Data Analytics to Enhance Internal Audit Effectiveness

COSO Internal Control s Framework

Business Intelligence

Today’s Business Pain Points

Smart Portal To Protect Child Online

FIBO-aligned Semantic Triples

Introduction to Systems Analysis and Design Stefano Moshi Memorial University College System Analysis & Design BIT

AGMLAB Information Technologies

Certified Information Technology Professional (CITP) Credential

Welcome! Knowledge Discovery and Data Mining

Yvette Connor Strategic Risk Management Engagement Leader

Presentation transcript:

Mission Risk & Internal Control The New Normal November 18, 2015 Derek Davison derek.davison10@gmail.com 703.798.1944 Tashu Trivedi ttrivedi@tfcci.net 301.792.2401

Introductions Tashu Trivedi, President and CEO, TFC Consulting, Inc. Over 23 years of Federal audit and financial management experience Former KPMG senior audit manager Extensive knowledge of OMB and GAO internal control requirements Chair of AGA’s CPAG Small Business Committee Derek Davison, Owner, DLD Consulting, Inc. 15 years of Federal and commercial financial modeling and risk analytics experience Modeled and analyzed over $2.5 Trillion in Federal assets and guarantees Regularly works in highly scrutinized environments Former Director of Development of FI Consulting

Session Objectives Discuss overall trends in risk management & internal control Demonstrate and improve awareness of analysis techniques Demonstrate tools and data that could become part of the solution

Current Trends in Internal Control Shift from financial risk to mission risk Emphasis on ERM approach More emphasis on fraud, waste, and abuse More data analytics and continuous monitoring required Democratization of data Downward budget pressures (Do more with less)

Overall Movement Towards Mission Risk COSO 1992: Internal Control–Integrated Framework Leading internal controls framework Periodically updated (most recently in 2013) (Likely) OMB A-123 Revisions Based on COSO and the UK Orange Book Require ERM approach Emphasize portfolio of risks that effect mission not just financial risk State and Local Governments Many state and local governments have already adopted COSO or implemented similar ERM solutions

What is Mission Risk? Financial Risk Credit Risk Operations Risk Reputation Risk Cyber Security Risk Privacy Risk Fraud, Waste, Abuse Risk Program Risk Market Risk Technology Risk Disaster Risk All Other Risks Consists of all risks, both positive or negative, that effects the ability of an entity to achieve its objectives. Should be viewed as a portfolio of risks Better understand interconnectedness between risks

COSO Framework Control Environment Risk Assessment Control Activities Information & Communication Monitoring Activities

Analytical Techniques Continuous Monitoring/Dashboards Heat Maps Geospatial & Multiple Data Forms Time Maps Network Visualizations Sentiment Analysis

Analysis Tools MS Excel 2013 R Software R Studio Google MyMaps Analytics and data capabilities significantly enhanced PowerMaps R Software Open source software environment for statistical computing and graphics Thousands of free analytical and data visualization packages https://www.r-project.org/ R Studio Open source Integrated Development Environment (IDE) Makes it easy to develop, share, and scale R projects https://www.rstudio.com/ Google MyMaps Open source custom google maps https://www.google.com/maps/d/

Analysis Data Data.gov Open Baltimore Goal is to improve public access to high value, machine readable public datasets 188,952 distinct datasets Many apps use this data http://www.data.gov/ Open Baltimore Goal is to provide the public access to city data in an effort that supports transparency, openness, and innovation. 110 distinct datasets https://data.baltimorecity.gov/

Open Source Software Widely used software made available with a public license Often developed in a collaborative public manner Same security concerns as proprietary software 18F - Analytical use in Federal Government https://calc.gsa.gov/

Open Source Software

What is Continuous Monitoring? There is no standard definition of Continuous Controls Monitoring; The following includes the common themes among the definitions… “Continuous controls monitoring is a set of technologies and processes to detect risk and compliance issues through continuous monitoring and reduce the cost of audits through continuous auditing of the controls in financial and other transactional applications.” Dashboards!

What is Continuous Monitoring?

What is Continuous Monitoring?

What is Continuous Monitoring?

What are Heat Maps? A heat map is a graphical representation of data where the individual values are represented as colors. Quickly Analyze Data Facilitates Communication Risk Analysis Continuous Monitoring Others?

What is Geospatial Analysis? MAPS! MAPS! MAPS! Tabular geospatial data typically has no meaning Plotting on a map can yield valuable insights

What are Time Maps? Data visualizations that allows the analysis of discrete events

What are Time Maps? Credit Card Data Transactional Data Timesheet Data Badging Data IP Data Access Data Social Media Data Program Data Others?

What are Network Visualizations? A network is any collection of items in which pairs of these items are connected in some manner. Homophily (pronounced HOME-ah-filly) is the propensity of network members to select connections with other members who have similar characteristics Program Data Vendor Data IP Data People Relationships

What is Sentiment Analysis? Sentiment analysis (also known as opinion mining) refers to the use of natural language processing, text analysis and computational linguistics to identify and extract subjective information in source materials.

Session Objectives - Wrapup Discuss overall trends in internal controls Demonstrate and improve awareness of analysis techniques Demonstrate tools and data that could become part of the solution

Questions

Useful Links Presentation Data and Tools Search over 185,000 data.gov datasets: http://catalog.data.gov/dataset Search data.gov apps: http://www.data.gov/applications?q=&currentpage=1 Open Baltimore datasets: https://data.baltimorecity.gov/ Download R Software: https://www.r-project.org/ Download R Studio: https://www.rstudio.com/ Take Free Online R Training: https://www.coursera.org/course/rprog Open custom google maps: https://www.google.com/maps/d/ Quickly search GSA rates across multiple firms, schedules, and labor categories. 18F GSA Calc Tool: https://calc.gsa.gov/ Continuous Monitoring Examples Real-time statistics and visualizations on popular R package downloads: https://gallery.shinyapps.io/087-crandash Real-time statistics on Federal website usage: https://analytics.usa.gov/ Heat, Geospatial, and Time Map Examples Treasury’s Financial Stability Monitor: http://financialresearch.gov/financial-stability-monitor/ Baltimore towing (all towing, holiday towing, stolen-car towing: https://www.youtube.com/watch?v=Pts-4GQnTyg Baltimore Murals (includes photos): https://www.google.com/maps/d/u/0/viewer?mid=zxL9m1fOOEiI.kBRydVaqsJvs Time maps of Baltimore towing company behavior: http://rpubs.com/vadimus/bmore_tow_time_maps Network Visualizations and Cluster Analysis Examples Network Visualizations of Baltimore City Agencies and Vendors: http://rpubs.com/vadimus/baltimore_network Sentiment Analysis and Text Mining Examples Government Fraud, Waste, and Abuse News Story search and analysis: https://vadimus202.shinyapps.io/Govt_Fraud