SlideShare a Scribd company logo

Internal Audit Solution

MetricStream Inc, profile picture
MetricStream Inc

The document discusses a top global bank that was looking to replace its existing internal audit systems with a new, integrated solution. It evaluated several GRC platform vendors and selected MetricStream after a six month pilot across multiple locations. The MetricStream solution will provide the bank with a centralized system to manage the entire internal audit lifecycle, from planning to issue tracking. It will improve efficiency, standardize processes, and provide reporting and dashboards for risk management and compliance.

1 of 2
Download to read offline
1
2
CASE STUDY MetricStream INTERNAL AUDIT SOLUTION FOR A GLOBAL BANK Overview One of the world’s leading global wealth management, a top global investment banking and securities firm, and one of the largest global asset management company having billions in client asset. Challenge Currently, the Internal Audit Group supports the bank’s internal audit processes, from risk assessment to issue tracking, with multiple point solutions and software applications which includes in-house developed applications, legacy applications as well as vendor solutions. The bank’s plan is to replace the existing silos of disintegrated internal audit systems with a new, fully integrated and state-of- theart solution that would foster oversight and transparency and ensure compliance with the banks Customer standards. The implementation of the new solution should also result in significant efficiency gains A TOP GLOBAL BANK through improved user support, in particular the elimination of duplicity and ease of use. The solution should be able to eliminate errors and inconsistencies through standardized data collection and analyze process across the enterprise. Benefits The solution should also enable the bank to comply with a vast number of national and international regulations across its vast global operation such as compliance with Client Identifying Data (CID), Provides a systematic and consistent riskbased in- Bank secrecy act, etc. Further, the system should interface and integrate with a number of external ternal audit process across business units, divisions, systems that are a part of the existing IT infrastructure at bank. While the bank intends to implement global locations and sites a new Internal Audit System, it has established audit management processes that are based on the best practices in the industry and the solution has to be flexible and adaptable to enable the bank to Increases the efficiency of the audit process and preserve these processes while ensuring smooth adoption and implementation of these established shorten cycle times as tasks are automatically as- processes across its operations consistently and efficiently. Moreover, the system should be highly signed and tracked from one stage to the next flexible for it to easily support the future business needs as well as the evolving business processes. Improves communication and teamwork on complex audit processes across departments and functional Evaluation and Selection areas The bank undertook a comprehensive evaluation of the existing incumbent vendor along with all the Eliminates audit errors and inconsistencies with a leading GRC platform vendors. The systems were examined in detail for integrated capabilities of standardized data collection and analysis process Internal Audit and Risk Management along with Compliance and Document Management. Compre- across the enterprise hensive functionality such as micro risk assessment, audit inventory, operational planning, audit scheduling, audit plan execution, work-paper management, audit issue monitoring and followup, issue Accelerates and streamline the internal audit cycle, tracking, document management, etc was key to success for the bank. including development of findings, recommendations, action plans and closure cycles by implementing a closed-loop process for internal audit management In addition to the functional requirements, the evaluation process involved performing severe security tests, load and stress tests, integration tests, architecture compatibility tests, etc on the pilot de- Provides enterprise-wide visibility into the audit ployed in multiple locations. process and metrics for better risk management and assured compliance After an extensive evaluation over a period of six months, MetricStream emerged as their preferred Improves the efficiency of the audit staff enabling choice. The MetricStream’s Internal Audit solution was proven to scale globally and the platform ap- them to be focused on more valueoriented functions proach provided an edge for its ability to provide an integrated GRC solution, which not only includes such as analyzing and recognizing trends in the audit Internal Audit and Risk management but also Compliance and Document management. data Solution The MetricStream solution will enhance the internal audit team’s productivity by enabling it to unify and analyze cross-departmental audit data, quickly and efficiently. The team will now be able to ac- cess the data directly from a centralized data repository with multiple auditors working simultaneously across the globe. The solution will also enable the auditors to record, track, and monitor qualitative or quantitative audit findings across different business groups and across different geographies. The findings will be re- tained along with all the detailed observations and recommendations in predefined formats. A unique offline capability that allows auditors to enter audit findings in notebook, computers, or handheld devices at remote field sites will be provided. Further, the solution will include time-tracking capability to capture the time spent in auditing for optimal resource utilization.
MetricStream The MetricStream platform includes built-in workflows for reviewing responses for approval or rejec- Why MetricStream tion with options to initiate remedial actions for undesirable variations and trends, and to schedule follow-up audits. This will enable the system to automatically route audit findings, observation reports, Scalability: The MetricStream solution proved its and auditors’ recommendations for review and subsequent actions to the audited entity. mettle through pilot rollout across multiple locations for its ability to provide a highly flexible solution that The MetricStream platform’s built-in reporting engine will provide comprehensive capabilities to the can adopt new complex business process, scale-up bank for compiling audit reports and work-papers. It will allow access to the bank’s data and history, globally without sacrificing performance, integrate with multiple bank systems for exchange of data, etc. and performance analysis of the auditors. Graphical executive dashboards and flexible reports with MetricStream Enterprise Compliance Platform archi- drill-down capability will provide statistics on a variety of parameters including audited entities, audit tecture emerged as highly scalable with the ability to schedule and calendar, filed reports, and corrective and remediation actions triggered. support increasing number of transactions, users, and data volume. Over 10,000 users access the system and scalability was a key driver for MetricStream’s The solution will also support the handling of highly sensitive data (e.g. Client Identifying Data, selection. personal information) globally, i.e. no cross border access of certain data types is possible. A flagging mechanism identifies a certain information or record as sensitive and the store of that information is Comprehensive Functionality: The solution was ex- handled in a specialized manner such as storing in a specific instance of a database or encryption of amined for integrated end-to-end internal audit func- the data stored. tionality for managing the complete audit lifecycle. MetricStream’s broad suite of web-based solutions that are designed to enable banks to manage risk and compliance management processes and activities across a wide range of disciplines, including auditing, regulatory compliance, risk management, industry standards, quality programs and other corporate governance initiatives. Technology Platform: MetricStream Enterprise Com- pliance Platform technology architecture provided unmatched configurability and integration capability – elements that were imperative for success of the project. The platform is designed to serve as the nucleus of an organizations’ corporate governance ecosystem, coordinating all GRC management activi- ties throughout the enterprise via a single manage- ment system. For more information, visit www.metricstream.com Copyright 2011. All Rights Reserved.

More Related Content

PPTX
Myths of validation
Jeff Thomas
 
PDF
A Financial Planning Leader Streamlines Audit, Risk and Compliance
MetricStream Inc
 
PDF
AMC Optimized Data Protection Strategy
tcollins3413
 
PDF
Implementation of image based cheque clearance
Newgen Software Technologies Limited
 
PDF
McKesson Enterprise Intelligence - Quality eMeasures for Horizon Clinicals
McKesson Performance Management
 
PDF
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...
Montrium
 
PDF
How auditable is your disaster recovery program
geekmodeboy
 
PDF
Phase II of the Core Transformation Journey - Getting There
Infosys Finacle
 
Myths of validation
Jeff Thomas
 
A Financial Planning Leader Streamlines Audit, Risk and Compliance
MetricStream Inc
 
AMC Optimized Data Protection Strategy
tcollins3413
 
Implementation of image based cheque clearance
Newgen Software Technologies Limited
 
McKesson Enterprise Intelligence - Quality eMeasures for Horizon Clinicals
McKesson Performance Management
 
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...
Montrium
 
How auditable is your disaster recovery program
geekmodeboy
 
Phase II of the Core Transformation Journey - Getting There
Infosys Finacle
 

What's hot (20)

PDF
Sarbanes oxley compliance
MetricStream Inc
 
PDF
Msfairchildcasestudy
MetricStream Inc
 
PDF
The App Sec How-To: Choosing a SAST Tool
Checkmarx
 
PPTX
Chapter 2 auditing it governance controls
jayussuryawan
 
PDF
Auditing Systems Development
essbaih
 
PDF
Clinical Trial Management System Implementation Guide
Perficient, Inc.
 
PPT
Audit of it infrastructure
pramod_kmr73
 
PDF
Computer System Validation – Reduce Costs and Avoid 483s
Referral
 
PDF
How to Effectively Audit your IT Infrastructure
Netwrix Corporation
 
PDF
Industry - Testing & Quality Assurance in Data Migration Projects
ICSM 2011
 
PPT
Chap3 2007 Cisa Review Course
Desmond Devendran
 
PDF
Product Brief – Plutora Environments
Plutora
 
PDF
PROCESS ENGINEERING AND AI SALES PREDICTION: THE CASE STUDY OF AN ITALIAN SMA...
IJDKP
 
DOCX
Cisa exam mock test questions-1
Hemang Doshi
 
PPT
Ch2 2009 cisa
asrulsani09
 
PPTX
Computer system overview
Vikrant Singh Parmar
 
PPT
des
Desmond Devendran
 
PDF
Itauditcl
ankukgoyal
 
PPTX
TA security
kesavars
 
PDF
Analysis and Control of Computing Systems
norhavillegas
 
Sarbanes oxley compliance
MetricStream Inc
 
Msfairchildcasestudy
MetricStream Inc
 
The App Sec How-To: Choosing a SAST Tool
Checkmarx
 
Chapter 2 auditing it governance controls
jayussuryawan
 
Auditing Systems Development
essbaih
 
Clinical Trial Management System Implementation Guide
Perficient, Inc.
 
Audit of it infrastructure
pramod_kmr73
 
Computer System Validation – Reduce Costs and Avoid 483s
Referral
 
How to Effectively Audit your IT Infrastructure
Netwrix Corporation
 
Industry - Testing & Quality Assurance in Data Migration Projects
ICSM 2011
 
Chap3 2007 Cisa Review Course
Desmond Devendran
 
Product Brief – Plutora Environments
Plutora
 
PROCESS ENGINEERING AND AI SALES PREDICTION: THE CASE STUDY OF AN ITALIAN SMA...
IJDKP
 
Cisa exam mock test questions-1
Hemang Doshi
 
Ch2 2009 cisa
asrulsani09
 
Computer system overview
Vikrant Singh Parmar
 
des
Desmond Devendran
 
Itauditcl
ankukgoyal
 
TA security
kesavars
 
Analysis and Control of Computing Systems
norhavillegas
 
Ad

Similar to Internal Audit Solution (20)

PDF
Internal Audit Solution - MetricStream
MetricStream Inc
 
PDF
Quality Audit Management – Food Industry
MetricStream Inc
 
PDF
Quality Management System
MetricStream Inc
 
PDF
Governance of agile SW projects · White Paper
pliXos GmbH
 
PDF
Payment giant-automates-internal-audit
MetricStream Inc
 
PDF
Technology assessment case study implementation and adoption of a statistical...
D-Wise
 
PDF
Whitepaper: Datacenter Migration - Happiest Minds
Happiest Minds Technologies
 
PDF
Covance Accelerator Methodology Delivers Validated Oracle Argus Cloud in Reco...
Covance
 
PDF
Quality Management System by NextDocs
NextDocs
 
PDF
NetWrix Change Reporter Suite - Product Review by Don Jones
Netwrix Corporation
 
PDF
Profile_Kishore Sundar
Kishore Sundararaman
 
PDF
PM
Sharif Abou-Sabh, P.E.
 
PPTX
Fixnix GRC Suite A Glance
FixNix Inc.,
 
PDF
Auto audit
Mazen Baset
 
PDF
Enterprise Risk Management Solutions
LexComply
 
PDF
19701759 project-report-on-railway-reservation-system-by-amit-mittal
satyaragha786
 
DOC
Nirupama_Ragunathan
Nirupama Ragunathan
 
DOC
Srujana Unnam Microstrategy Profile
srujana unnam
 
PDF
Compliane software-solutions
MetricStream Inc
 
PDF
Accenture-Applying-Analytics-Transform-Internal-Audit-for-High-Performance
Dave Hildebrand
 
Internal Audit Solution - MetricStream
MetricStream Inc
 
Quality Audit Management – Food Industry
MetricStream Inc
 
Quality Management System
MetricStream Inc
 
Governance of agile SW projects · White Paper
pliXos GmbH
 
Payment giant-automates-internal-audit
MetricStream Inc
 
Technology assessment case study implementation and adoption of a statistical...
D-Wise
 
Whitepaper: Datacenter Migration - Happiest Minds
Happiest Minds Technologies
 
Covance Accelerator Methodology Delivers Validated Oracle Argus Cloud in Reco...
Covance
 
Quality Management System by NextDocs
NextDocs
 
NetWrix Change Reporter Suite - Product Review by Don Jones
Netwrix Corporation
 
Profile_Kishore Sundar
Kishore Sundararaman
 
PM
Sharif Abou-Sabh, P.E.
 
Fixnix GRC Suite A Glance
FixNix Inc.,
 
Auto audit
Mazen Baset
 
Enterprise Risk Management Solutions
LexComply
 
19701759 project-report-on-railway-reservation-system-by-amit-mittal
satyaragha786
 
Nirupama_Ragunathan
Nirupama Ragunathan
 
Srujana Unnam Microstrategy Profile
srujana unnam
 
Compliane software-solutions
MetricStream Inc
 
Accenture-Applying-Analytics-Transform-Internal-Audit-for-High-Performance
Dave Hildebrand
 
Ad

More from MetricStream Inc (20)

PDF
Regulatory relationship-management
MetricStream Inc
 
PDF
Next generation-risk-management-solution
MetricStream Inc
 
PDF
MetricStream AppStudio Accelerates the Creation & Configuration of GRC Soluti...
MetricStream Inc
 
PDF
Financial organization-orm
MetricStream Inc
 
PDF
Powering SOX, NERC, FERC Compliance -Energy Industry
MetricStream Inc
 
PDF
Clinical Research Org. Intensifies Compliance by Automating Audit & CAPA
MetricStream Inc
 
PDF
Supplier quality-compliance
MetricStream Inc
 
PDF
Governance, Risk and Compliance- Energy Industry
MetricStream Inc
 
PDF
NERC Compliance Solution
MetricStream Inc
 
PDF
Health insurance compliance
MetricStream Inc
 
PDF
Iso9000 compliance
MetricStream Inc
 
PDF
Energy Risk Management
MetricStream Inc
 
PDF
Compliance, Risk and Audit - BCBS
MetricStream Inc
 
PDF
Healthcare Audit Compliance
MetricStream Inc
 
PDF
NAIC MAR Compliance Solutions
MetricStream Inc
 
PDF
Global Bank Brings Compliance Risks under Control
MetricStream Inc
 
PDF
Audit solution airline
MetricStream Inc
 
PDF
Enterprise risk management
MetricStream Inc
 
PDF
BCBS Associate Achieves Superior Compliance, Audit & Issue Management
MetricStream Inc
 
PDF
BCBS Affiliate strengthens its Healthcare Compliance through Automation and I...
MetricStream Inc
 
Regulatory relationship-management
MetricStream Inc
 
Next generation-risk-management-solution
MetricStream Inc
 
MetricStream AppStudio Accelerates the Creation & Configuration of GRC Soluti...
MetricStream Inc
 
Financial organization-orm
MetricStream Inc
 
Powering SOX, NERC, FERC Compliance -Energy Industry
MetricStream Inc
 
Clinical Research Org. Intensifies Compliance by Automating Audit & CAPA
MetricStream Inc
 
Supplier quality-compliance
MetricStream Inc
 
Governance, Risk and Compliance- Energy Industry
MetricStream Inc
 
NERC Compliance Solution
MetricStream Inc
 
Health insurance compliance
MetricStream Inc
 
Iso9000 compliance
MetricStream Inc
 
Energy Risk Management
MetricStream Inc
 
Compliance, Risk and Audit - BCBS
MetricStream Inc
 
Healthcare Audit Compliance
MetricStream Inc
 
NAIC MAR Compliance Solutions
MetricStream Inc
 
Global Bank Brings Compliance Risks under Control
MetricStream Inc
 
Audit solution airline
MetricStream Inc
 
Enterprise risk management
MetricStream Inc
 
BCBS Associate Achieves Superior Compliance, Audit & Issue Management
MetricStream Inc
 
BCBS Affiliate strengthens its Healthcare Compliance through Automation and I...
MetricStream Inc
 

Internal Audit Solution

  • 1. CASE STUDY MetricStream INTERNAL AUDIT SOLUTION FOR A GLOBAL BANK Overview One of the world’s leading global wealth management, a top global investment banking and securities firm, and one of the largest global asset management company having billions in client asset. Challenge Currently, the Internal Audit Group supports the bank’s internal audit processes, from risk assessment to issue tracking, with multiple point solutions and software applications which includes in-house developed applications, legacy applications as well as vendor solutions. The bank’s plan is to replace the existing silos of disintegrated internal audit systems with a new, fully integrated and state-of- theart solution that would foster oversight and transparency and ensure compliance with the banks Customer standards. The implementation of the new solution should also result in significant efficiency gains A TOP GLOBAL BANK through improved user support, in particular the elimination of duplicity and ease of use. The solution should be able to eliminate errors and inconsistencies through standardized data collection and analyze process across the enterprise. Benefits The solution should also enable the bank to comply with a vast number of national and international regulations across its vast global operation such as compliance with Client Identifying Data (CID), Provides a systematic and consistent riskbased in- Bank secrecy act, etc. Further, the system should interface and integrate with a number of external ternal audit process across business units, divisions, systems that are a part of the existing IT infrastructure at bank. While the bank intends to implement global locations and sites a new Internal Audit System, it has established audit management processes that are based on the best practices in the industry and the solution has to be flexible and adaptable to enable the bank to Increases the efficiency of the audit process and preserve these processes while ensuring smooth adoption and implementation of these established shorten cycle times as tasks are automatically as- processes across its operations consistently and efficiently. Moreover, the system should be highly signed and tracked from one stage to the next flexible for it to easily support the future business needs as well as the evolving business processes. Improves communication and teamwork on complex audit processes across departments and functional Evaluation and Selection areas The bank undertook a comprehensive evaluation of the existing incumbent vendor along with all the Eliminates audit errors and inconsistencies with a leading GRC platform vendors. The systems were examined in detail for integrated capabilities of standardized data collection and analysis process Internal Audit and Risk Management along with Compliance and Document Management. Compre- across the enterprise hensive functionality such as micro risk assessment, audit inventory, operational planning, audit scheduling, audit plan execution, work-paper management, audit issue monitoring and followup, issue Accelerates and streamline the internal audit cycle, tracking, document management, etc was key to success for the bank. including development of findings, recommendations, action plans and closure cycles by implementing a closed-loop process for internal audit management In addition to the functional requirements, the evaluation process involved performing severe security tests, load and stress tests, integration tests, architecture compatibility tests, etc on the pilot de- Provides enterprise-wide visibility into the audit ployed in multiple locations. process and metrics for better risk management and assured compliance After an extensive evaluation over a period of six months, MetricStream emerged as their preferred Improves the efficiency of the audit staff enabling choice. The MetricStream’s Internal Audit solution was proven to scale globally and the platform ap- them to be focused on more valueoriented functions proach provided an edge for its ability to provide an integrated GRC solution, which not only includes such as analyzing and recognizing trends in the audit Internal Audit and Risk management but also Compliance and Document management. data Solution The MetricStream solution will enhance the internal audit team’s productivity by enabling it to unify and analyze cross-departmental audit data, quickly and efficiently. The team will now be able to ac- cess the data directly from a centralized data repository with multiple auditors working simultaneously across the globe. The solution will also enable the auditors to record, track, and monitor qualitative or quantitative audit findings across different business groups and across different geographies. The findings will be re- tained along with all the detailed observations and recommendations in predefined formats. A unique offline capability that allows auditors to enter audit findings in notebook, computers, or handheld devices at remote field sites will be provided. Further, the solution will include time-tracking capability to capture the time spent in auditing for optimal resource utilization.
  • 2. MetricStream The MetricStream platform includes built-in workflows for reviewing responses for approval or rejec- Why MetricStream tion with options to initiate remedial actions for undesirable variations and trends, and to schedule follow-up audits. This will enable the system to automatically route audit findings, observation reports, Scalability: The MetricStream solution proved its and auditors’ recommendations for review and subsequent actions to the audited entity. mettle through pilot rollout across multiple locations for its ability to provide a highly flexible solution that The MetricStream platform’s built-in reporting engine will provide comprehensive capabilities to the can adopt new complex business process, scale-up bank for compiling audit reports and work-papers. It will allow access to the bank’s data and history, globally without sacrificing performance, integrate with multiple bank systems for exchange of data, etc. and performance analysis of the auditors. Graphical executive dashboards and flexible reports with MetricStream Enterprise Compliance Platform archi- drill-down capability will provide statistics on a variety of parameters including audited entities, audit tecture emerged as highly scalable with the ability to schedule and calendar, filed reports, and corrective and remediation actions triggered. support increasing number of transactions, users, and data volume. Over 10,000 users access the system and scalability was a key driver for MetricStream’s The solution will also support the handling of highly sensitive data (e.g. Client Identifying Data, selection. personal information) globally, i.e. no cross border access of certain data types is possible. A flagging mechanism identifies a certain information or record as sensitive and the store of that information is Comprehensive Functionality: The solution was ex- handled in a specialized manner such as storing in a specific instance of a database or encryption of amined for integrated end-to-end internal audit func- the data stored. tionality for managing the complete audit lifecycle. MetricStream’s broad suite of web-based solutions that are designed to enable banks to manage risk and compliance management processes and activities across a wide range of disciplines, including auditing, regulatory compliance, risk management, industry standards, quality programs and other corporate governance initiatives. Technology Platform: MetricStream Enterprise Com- pliance Platform technology architecture provided unmatched configurability and integration capability – elements that were imperative for success of the project. The platform is designed to serve as the nucleus of an organizations’ corporate governance ecosystem, coordinating all GRC management activi- ties throughout the enterprise via a single manage- ment system. For more information, visit www.metricstream.com Copyright 2011. All Rights Reserved.