ComplianceTutorial.com - IT governance executive workshops and risk management, compliance and information security tutorials and training

ComplianceTutorial.com - IT governance executive workshops and risk management, compliance and information security tutorials and training, SOX self testing

ComplianceTutorial.com - IT governance executive workshops and risk management, compliance and information security tutorials and training, SOX self testing

ComplianceTutorial.com - IT governance executive workshops and risk management, compliance and information security tutorials and training, SOX self testing

ComplianceTutorial.com - IT governance executive workshops and risk management, compliance and information security tutorials and training, SOX self testing

ComplianceTutorial.com - IT governance executive workshops and risk management, compliance and information security tutorials and training, SOX self testing
ComplianceTutorial.com - IT governance executive workshops and risk management, compliance and information security tutorials and training, SOX self testing
ComplianceTutorial.com - IT governance executive workshops and risk management, compliance and information security tutorials and training, SOX self testing
In-House Workshops Open workshops Tutors Testimonials Contact Links and resources
Defining Business Process Controls

Business Process Controls should cover:

Fundamental aspects of Business Processes:  Identifying (Discovering) business processes, characteristics of processes, As-Is process vs. To-Be process, Levels of business process modeling, Tying Business Processes to Goals and Objectives.
Stakeholders' Roles and Responsibilities; Enabling Tools of Process Management. Modeling organization elements and structure.

Creating Process-Specific Business Rules; Advantages of a shared business-wide vocabulary. Business Rules requirements; Structural Business Rules; Decision Models; Fact Models; Process Elements and Decision Points; Creating Business Rules based on business requirements. Risk assessment and scoping, control identfication; manual and automated.

Implementing and aligning organizational change; rollout strategies; assessing degrees of impact; advanced change techniques. Metamodeling and precise specification independent of notation; an interoperable repository for models.

Our favoured project scenario is described below.

DOCUMENTING

Overview of process for documenting controls
Process Flowcharts 
Building a Control Register
Describe the actual process
Process flowchart
Process Narrative

EVALUATING

Identify Key Controls
Requirements for Control Descriptions
Perform a Walkthrough and evaluate process, & controls
Objective of a Walkthrough
Pre Walkthrough checklist
Typical Inquiries to make during a Walkthrough
How to do a Walkthrough
Evaluating the Walkthrough and Identifying Deficiencies
Documentation of a Walkthrough
Evaluating Test Results - Assessment Categories

COMPLETING

Remediate Deficiencies
Maintain Documentation As Part of Normal Business
Document Retention