Add to collection(s) Add to saved
  1. Business
  2. Management
  3. Project Management

Tool Box / Kit

advertisement 
REPORT ON REVIEW OF INTERNAL AUDIT CAPACITY
Draft List of Suggested Audit and Risk Management Related Software
2 April 2009
Tool Box / Kit
Audit Management (manage,
monitor, report audit issues,
working papers, track
implementation of
recommendations
Control Assessment (including
self assessment)
Audit Risk Assessment (business
risks)
 BPS
- BPS Audit
- BPS Issues and Action Tracking
 CCH TeamMate
 Excel / access
 Galileo Audit Management System
 Knowrisk
 Methodware:
- ProAudit Advisor;
- Planning Advisor
 Paisley Auto Audit
 Pentana Audit Work System (PAWS)
 ReliantAuditor
 BPS
- BPS Compliance
- BPS OpsRisk
 Cura
- Cura Enterprise
- Cura Assessor
- Cura Survey
 Magique Risk Management Software
 Methodware:
- COBIT Assessor
- Enterprise Risk Assessor
 Modulo Risk Manager
 Paisley
- Enterprise GRC
- On Demand
 Pentana Audit Work System (PAWS)
 Cura
- Cura Enterprise
- Cura Assessor
- Cura Survey
 Integrum
 Magique Risk Management Software
 Methodware:
- COBIT Assessor
- Enterprise Risk Assessor
 Modulo Risk Manager
 Paisley
- Enterprise GRC
- On Demand
 Pentana Audit Work System (PAWS)
 ReliantAuditor
 Tickit On Demand
Tool Box / Kit
CAATTS
Enterprise Risk Management













ACL
Encase
IDEA
GRC
MS Access
MS Excel
SAP Assure
WebSpy
BPS
- BPS Compliance
- BPS OpsRisk
Methodware:
- Enterprise Risk Assessor
Paisley
- Enterprise GRC
- On Demand
Reply IQ Voting Software
RiskShield
ACL
1.
ACL AuditExchange - world’s first managed analytics platform for audit; designed specifically for
audit teams, it dramatically improves productivity and performance; enables the whole team to share
and reuse that information more effectively and efficiently by capturing and storing critical audit
information in one secure, central location
2.
ACL Desktop Edition - provides a unique and powerful combination of data access, analysis and
integrated reporting; reads and compares enterprise data allowing the source data to remain intact for
complete data quality and integrity; enables immediate visibility into transactional data critical to the
organization.
3.
Direct Link - adds SAP ERP data selection and extraction capabilities to the data access, analysis,
and reporting capabilities of ACL AuditExchange and ACL Desktop Edition to provide a
comprehensive solution to help you analyze your SAP ERP data.
4.
Continuous Controls Monitoring - continuously and independently analyzes financial transaction
data from any ERP, mainframe system, custom-built application to check and validate against
organization's control parameters and business rules
BPS
1. BPS Audit - comprehensive and easy-to-use platform for today’s busy auditors offering complete
audit functionality: Global Audit Planning, Audit Analytics, Risk Libraries, Work Paper Management,
Issues and Actions Tracking, and comprehensive Reporting
2. BPS Compliance - single repository of risks and controls can be used to support multiple regulations,
reducing overlap and duplicative costs; also includes a full document and evidence management
facility and our powerful Risk Management Library (RML) enabling users to incorporate all types of
documents, policies and evidence to manage financial, information technology and operational
controls
3. BPS OpsRisk - enables risk managers to integrate loss data from a variety of sources to develop a
comprehensive view of operational risk exposure; Risk Libraries, RCSA templates, customizable loss
event repositories, scenario analyses, KRIs, customizable dashboards and reporting are all
supported; BPS OpRisk also includes a full document management facility as well as powerful
workflow and notifications facility, which simplifies follow-up and ensures that critical risks get
addressed promptly and fully.
4. BPS Issues and Action Tracking - seamlessly integrate outputs from audit, legal, compliance, risk
management and business units. Its powerful workflow and notifications facility strengthens risk
identification, simplifies follow-up and ensures that critical problems get addressed promptly; includes
a full document management facility than can incorporate all types of documents, policies and
evidence.
CCH – TEAMMATE
Components:
1. TeamRisk (assists auditors in creating risk assessments that are compatible with different
auditing standards)
2. EWP (audit documentation system)
3. Libraries and TeamStores – Knowledge base and templates
4. TEC – Time and expense capture (web-based application that streamlines the data entry process
and makes timesheets available from anywhere)
5. Team Central – (web-based global audit and issues tracking database that accumulates project
information and findings from all of your individual CCH TeamMate EWP projects and allows you
to track the implementation status of recommendations made by your department)
6. Team Schedule – (provides users with the ability to schedule projects and resources in such a
way that there is a clear visual demonstration of personnel assignments and tracking of projects
in an annual plan)
CURA
1. Cura Enterprise - Manages risk and compliance operations within one flexible, configurable solution;
provides easy access to risk and compliance information with the ability to configure custom
workflows, calculations, multiple methodologies, a limitless hierarchy, and ‘virtual parameters' to
normalize reporting; enables managers to improve insight and oversight of the issues and exposures
of the business at a strategic level.
2. Cura Assessor - allows collection, organization and management of GRC elements such as risks,
controls, acts, regulations, contracts and documentation. It includes interactive workshop tools to
help organizations and consultants conduct risk reviews and analysis in faster more efficient ways
than before.
3. Cura Surveys - enables deployment of required questionnaires, obtain multi level sign-offs, analyze
and audit the data, provide automated corrective action notifications to participants, as well as
reporting at all levels.
ENCASE
1. ENCASE Enterprise - scalable platform that integrates seamlessly with your existing systems to
create an enterprise investigative infrastructure; can be tailored to meet unique user needs, including
the automation of time-consuming investigative processes, auditing endpoints for sensitive
information and eDiscovery.
2. ENCASE eDiscovery - solution for the search, identification, collection, preservation and processing
of electronically stored information (ESI) across the enterprise network; enables thorough, networkenabled and court-validated computer investigations of any kind, such as responding to document
requests, conducting internal investigations, responding to regulatory inquiries or performing data and
compliance auditing, all while maintaining the integrity of the data.
3. ENCASE Information Assurance - Network-enabled; its speed, streamlined and automated
processes, scalability and precision allows for mitigation and oftentimes elimination of known and
unknown risks.
GALILEO AUDIT MANAGEMENT SYSTEM – fully integrated audit management, documentation and
reporting system which can be tailored to suit the precise needs of an internal audit, investigations,
compliance or other project oriented department. When integrated with MAGIQUE Risk Management
System, it provides a full risk-based auditing methodology.
IDEA
Powerful, easy to use tool that can quickly and accurately import, join, analyze, sample and extract data
from almost any source, including reports printed to a file; increases the effectiveness of analysts,
accountants, and auditors in the performance of their duties and making valuable analysis feasible as well
as practical. With unlimited file size capabilities to access large volumes of data, IDEA can read through
millions of records in only seconds.
INTEGRUM
Used by organisations (SMEs to multinationals) to manage their risk and compliance management
systems, including Risk Management, Incident Management, Health & Safety, Environment, Quality,
Asset Management, Financial Services, and Corporate Governance.; contains very robust risk
assessment and control processes, closed loop corrective action processes, incident management,
controlled document management & archive control, audit management, employee training management,
supplier and contractor management etc.
KNOWRISK
A Project Risk Management process and tool that helps you identify, analyze, and respond to Risks.
MAGIQUE RISK MANAGEMENT SOFTWARE – integrated web-based system to assist organisations to
record, quantify, assess and control risks.
METHODWARE
1. Pro Audit Advisor (electronic work paper tool)
a. Manage audit findings and recommendations within a single database
b. Supports risk-based auditing;
c.
Design an audit report with bite, then use it as a template for future reporting
d. Analyse and understand audit results with powerful sort and filter functions
2. Planning Advisor (risk based audit planning tool)
3. COBIT Assessor (benchmarks IT processes against leading standards in IT management and
control)
4. Enterprise Risk Assessor (scalable, flexible and cost effective software solution designed to help
organizations manage risk-related data and its associated assessment processes and reporting;
manages governance, risk and compliance initiatives)
MICROSOFT OFFICE
Includes Word Processing, Excel Spreadsheet, Access Database and Powerpoint presentation
MODULO
Modulo risk Manager – enables the management of risks; evaluates the compliance with market
standards and regulations as well as IT environment governance; risk analysis is performed by using a
structured methodology, embedded with international risks management rules and standards
PAISLEY
1. Paisley Enterprise GRC – Optimized for large enterprise organizations; a comprehensive audit,
financial controls management, enterprise risk management, operational risk management, IT
governance and compliance software solution purpose-built to address integrated governance, risk
and compliance requirements; enables the consistent sharing of definitions and terms, organizational
reporting structures, and relationships between controls and the associated audit results.
2. On Demand – Optimized for mid-market and resource constrained organizations; is a comprehensive
audit, financial controls management, enterprise risk management, operational risk management, IT
governance and compliance software solution; automates processes and eliminates redundant data
entry, streamlines risk assessment and control testing efforts, and provides an integrated focus on
governance, risk and compliance with minimal investment in IT.
3. Auto Audit – automates key aspects of the audit process including risk assessment, scheduling,
work papers and reporting; easy to implement, maintain and use; multi-level risk assessment allows
for quick and easy tracking and reporting; allows users to generate a broad array of reports with the
touch of a button; stores workpapers in a highly secure and centralized database for a streamlined
review process.
PENTANA
Pentana Audit Work System (PAWS) – complete solution for all your governance, risk and assurance
needs. Integrated risk management and internal controls modules make it equally suitable for use by risk
departments and for compliance with Sarbanes-Oxley reporting. Web based modules allow direct update
of risks, controls, audit questionnaires and the status of outstanding actions.
RELIANT
ReliantAuditor – continuous risk management solution designed to help audit executives automate audit
operations to more effectively manage risk; integrates continuous monitoring with automated control
testing and remediation, risk assessment, audit plan management, and a dynamic risk framework;
delivers the two most important outcomes from an audit program: assurance in financial reporting and
confidence in corporate controls
REPLY – IQ VOTING SOFTWARE
Audience response products are known by many names such as interactive voting pads, audience voting
keypads, and clickers. These electronic devices quickly record audience member answers to questions
during meeting, training, and survey events. The benefits they provide are that they collect valuable data
fast, improve retention, improve comprehension, identify priorities, accelerate decision making, build
consensus and increase participant interest. Reply Solo handheld base stations can be used anywhere,
indoors or outdoors, to perform audience voting at any time without a PC, software, or even any
electricity.
RISK SHIELD
Risk management software solution which allows corporations to manage risk and compliance
requirements.
SAP ASSURE
SAP Assure Suite is a suite of tools to help mitigate risks associated with SAP implementation and
optimize control configuration. The suite of tools includes:
SAP Assure Controls - Improves assurance by assessing internal controls against best practices. It
automatically identifies and reports internal control weaknesses in order to create action plans to mitigate
those weaknesses.
SAP Assure Integrity - Assists in the identification of integrity risks and fraud by identifying potentially
fraudulent transactions, financial statement disclosure concerns, and inappropriate use of privileged user
access, duplicate transactions and integrity problems with master data.
SAP Assure Security - Monitors the adequacy of security access within an SAP implementation. This
toolset can automatically assess the SAP security structure, identify users who have access to sensitive
and compatible functions, and outline improvements.
SAP GRC SUITE
The complexity of the SAP configuration is such that comprehensive continuous control monitoring can
only be effectively undertaken by using a customised automated solution. SAP GRC suite of software
provides a range of tools for control monitoring in SAP such as access controls, the adequacy of the
assignment of roles to users and the associated implications for segregation of duty violations and control
conflicts. The suite includes the following products:
- Risk management - provides the ability to measure and monitor risk exposure for processes managed
through SAP;
- Access Control - provides real-time segregation of duties monitoring with the ability to detect and
resolve overlapping roles and enforce access and authentication controls; and
- Process Control - provides control management for compliance with a range of better practice control
frameworks such as Sarbanes-Oxley, Committee of Sponsoring Organisations of the Treadway
Commission (COSO) and Control Objectives for Information & Related Technologies (COBiT) and
enables configurable custom-automated control tests to enforce compliance.
SAP GRC is the SAP proprietary product recommended for continuous control monitoring, as endorsed
by Gartner and is now freely available to contributing NSW Government Agencies under the SAP Whole
of Government License Agreement.
TICKIT ON DEMAND
A new generation of risk and compliance software that focuses on simplicity, intuitiveness and ease of
use; complies with the Risk Management Standard AS/NZS 4360 and the Compliance Management
Standard AS/NZS 3806; provides a structured framework to monitor risk and compliance, identify and
assess risks and easily allocate tasks to manage them.
VISUAL GOVERNANCE
Provides a complete risk and performance structure to manage Enterprise compliance framework.;
Integration of Enterprise risk assessment, business process, and policy and procedure management;
enables users to dynamically create risk control matrices through an intuitive drag and drop style interface
which helps accelerate compliance effort; provides for a fully integrated governance life cycle system to
manage all aspects of Enterprise risk-base compliance framework; provides numerous risk attributes, in
addition to customizable scales, to properly represent their occurrence likelihood, business impact,
classification, associated business processes and systems, calculated financial impact, and other critical
information necessary to identify the proper risk mitigation.
WEBSPY
transforms the raw data in internet and email log files into manageable information, providing a
transparent view over organizational Internet, email and network usage. WebSpy’s product catalogue
features two main analysis and reporting solutions, Analyzer and Vantage, and a variety of optional addons and tools. The solutions are unobtrusive, scalable and available in different ranges to suit any
organizational size or budget. The main solutions do not require the installation of individual monitoring
agents, additional network configurations or server installations.
WIZSOFT
1. WizWhy - data-mining tool that analyzes the data and issues predictions.;
2. WizRule - innovative data auditing and cleansing application that automatically reveals all the rules in
a given data, and points at the deviations from the set of the discovered rules as suspected errors.
3. WizSame - reveals not only identical records but similar records as well; reveals cases where the
customer names in two records differ by one character
4. WizCount - WizCount bank and account reconciliation reveals all the matching transactions, thus
leaving out the non-reconciled records; makes use of several sophisticated mathematical algorithms
that quickly cover the enormous number of one-to-one, one-to-many and many-to-many matching
possibilities, and reveal the right ones
Related documents
Evolution of an Automated Internal Audit Management System
Evolution of an Automated Internal Audit Management System
Audit Poster - BSG Colonoscopy Audit
Audit Poster - BSG Colonoscopy Audit
Big Data As Complementary Audit Evidence
Big Data As Complementary Audit Evidence
Lutz Internal Audit Director 10 22 2015
Lutz Internal Audit Director 10 22 2015
LGFMA Presentation - Internal Audit Program Model
LGFMA Presentation - Internal Audit Program Model
Title: Audit
Title: Audit
CIS 349 – Information Technology Audit and Control
CIS 349 – Information Technology Audit and Control
Download
advertisement