|
In addition to the IT-centric considerations noted in the article, I would also suggest that the control activities occurring within the business provide a powerful base of intelligence that can lead to improved efficiencies in the systems environment as well. Since a control by design should stop a transaction from continuing through the process when an error is found, business owners, through the operation of their controls over critical transactions, should now be keeping documentation on the nature and frequency of exceptions they are finding in their processes. A studied review of identified exceptions is an excellent way to prioritize refinements in the core processes that drive financial performance. In one example, IT was asked to begin logging and obtaining system owner approval for all changes to production data. Though this had long been an informal practice, it was escalated to a level of “key control” as part of the General Computer Controls considerations around systems and production data. In monitoring and performing this new control, a number of systemic issues were now documented, many of which were minor configuration or functionality changes that improved the integrity of the data. For the non-IT business manager, a regular self-assessment of control operations should also reveal potential improvements in process. The exceptions found in detective, back-end controls can recommend more appropriate front-end controls to reduce error correction and rework. Often, these exceptions can point to refinements for system input screens that shift the control function from detective/manual to preventative/automated. These system change requests will have much more clout when based on hard data, given the potential costs these changes might require. “Love” might still sound like a strong word, but when business begins to review and monitor the data as closely as the auditors, there is a strong promise of improved operational efficiency.
|
subscribe
to this feed
through my yahoo! 
August 2004 September 2004 October 2004 November 2004 December 2004 April 2005 May 2005 June 2005 September 2005 October 2005 November 2005 December 2005 February 2006 May 2006 September 2006 October 2006 November 2006 December 2006 February 2007 March 2007
|
||
|
|||
