Information Risk Management

Information Risk Management - Making the most of your fundamental business resource

Executives make decisions based on reports generated from different IT systems and the underlying data collected by various business lines. Several studies have shown that successful organisations invest in developing their capacities to use and analyse the huge amount of data they store in their systems. Today, effective and consistent data collection, maintenance, manipulation, analysis and reporting are among the key success factors of each organisation.

Your challenges

Having the right data in the right format at the right place and at the right time to meet your business needs and to take the right decisions is challenging.

Here are some of the challenges you might face:

  • Too many sources of information and too many versions of the truth;
  • Historical and current data might be read differently;
  • Data duplication and inaccuracies leading to poor business decisions;
  • Considerable efforts being applied in identifying duplicate/incorrect payments;
  • Absence of visibility and confidence over transactions processed by the systems;
  • Inability to confirm that existing controls work properly;
  • Unidentified fraudulent or erroneous activities;
  • Missed revenue and overstated costs attributed to compromised data;
  • Repetitive processes or poor data conversion due to inadequate system conversions or implementations;
  • Complex spreadsheet models used as a support to business decisions;
  • Lack of drill-down and data analysis capabilities allowing the identification of trends and performing forecasts;
  • Difficulties in achieving regulatory compliance or performing fraud or litigation analysis.

How we can help

Data Management

Our experienced Data Management experts provide customised solutions based on your needs to help you:

  • Understand your business objectives, key processes and controls and identify the underlying reporting and data requirements;
  • Design auditable and supportable solutions to analyse and aggregate data from different sources to assist you in providing information previously hidden from decision makers;
  • Assess and categorise the value of your data to understand how it can be used strategically to achieve your business objectives and improve your overall business performance;
  • Make sure that your system or process works effectively by reviewing the underlying data and ensuring that it is fit for purpose before any management analysis and reporting;
  • Achieve regulatory compliance (e.g. SOX, Solvency II, Basel III and FATCA);
  • Improve data quality and integrity and develop a plan that ensures the sustainability of your organisation’s data quality;
  • Map data responsibilities within your organisation and establish an organisation wide data accountability programme;
  • Identify inefficient, duplicate and redundant business processes resulting from poor data management and control;
  • Cleanse and migrate accurate and complete data during system implementations;
  • Support fraud or litigation analysis through the provision of well controlled data and reporting.

Spreadsheets Management (End User Computing)

Organisations often use End User Computing (EUC) for financially and operationally significant processes to help them with complex calculations or reporting.

Our Data Management experts can help you:

  • Develop EUC identification plan to identify your organisation's EUC and their purposes;
  • Assess the current level of controls and develop a remediation plan to address control deficiencies;
  • Establish governance over EUC and incorporate the EUC control framework as part of business as usual.

Computer Assisted Audit Techniques (CAATs)

CAATs provide a means of viewing large amounts of data in a format that can provide transparency not attainable through other auditing procedures. CAATs increase audit effectiveness, improve efficiencies, and decrease audit risk.

We help internal audit departments building CAATs competencies by:

  • Identifying the required skills and the needed tools to perform CAATs;
  • Defining and implementing CAATs procedures to build the basis for continuous monitoring;
  • Providing training on CAATs tools and methodologies.

Where is my Cash?

By using the PwC's Cashfinder™ methodology and many automated software techniques, our team can help you:

  • get cash back by identifying, quantifying and recovering duplicate payments, tax overpayments, unclaimed credits, discounts and rebates, mispriced telecoms/utility costs, contract price errors and uncollected debt.
  • Undertake supplier spend analysis to rationalise supplier lists and take advantage of negotiations to improve supplier contracts and lower procurement costs.
  • Find tax underpayments before the authorities do…and in doing so help reduce penalty and interest exposure.
  • Rapidly identify transactional fraud indicators thanks to our industry fraud indicators database.
  • Get rid of redundant and/or optimise existing controls.
  • Implement continuous real-time monitoring of key business performance indicators and controls, both financial and operational.