by: Patrick Potter, GRC Strategist, Business Continuity and Audit, RSA, The Security Division of EMC
http://pulseblog.emc.com/2014/
Internal auditors have an essential need for independence – it is a requirement for the profession. Alongside this independence, there is a growing and sometimes competing priority for internal audit to partner with management. This strategic direction has forced a discussion with audit, risk and compliance teams around the world to evaluate how internal audit can work together toward common goals, leverage resources and better influence and impact business performance. To address these challenges, we’ve designed RSA Archer Audit Management to help better align audit approaches within the organization.
What we’ve been hearing from many internal auditors is that existing processes don’t allow for a holistic approach to auditing. Today’s tools fail to capture analysis by other risk and control groups, and using multiple systems often makes it difficult to distill information into meaningful data for audit teams. Additionally, the lack of visibility into findings generated by other governance teams makes it difficult and time-consuming for internal audit to track the status of those findings and ensure that remediation efforts are underway.
RSA Archer Audit Management helps address those needs by putting the audit team in control of the complete audit life cycle, enabling improved governance of audit-related activities, while also providing integration with risk and control functions.
Some of the features I am most excited about include:
- Audit Entity Risk Assessment – Designed to help to define a universe of auditable entities, perform audit entity risk assessments and compare results to assessments conducted by other operational risk management groups within the organization. The audit team can dynamically capture and incorporate these changing risks into its audit engagement planning.
- Enhanced Resource Scheduling and Staffing — Drag-and-drop capabilities allow quick assignment and management of audit teams. With new Gantt team schedules, managers can quickly find qualified and available audit staff for your engagements.
- Offline Audit Access — Multiple audit team members can work simultaneously on the same engagements and workpapers while offline and in different locations. They can plan, test, generate findings and remediation plans, review work and create audit reports just as if they were online.
The latest RSA Archer Audit Management solution is engineered to allow organizations to quickly adjust audit plans and engagements based on a dynamic view of risk. Very simply, it helps auditors do more with less by streamlining the process and allowing teams focus on the most pressing issues and business challenges.
By doing all of this, we truly believe RSA Archer Audit Management can help make strong partnerships with business managers a reality, while still maintaining the independence and integrity that internal auditors require.