Establishing the Basics of Continuous/Continual Risk Assessment - GTAGs issued by the IIA that define these practices and why they are critical - Defining the center of the universe as regards risk assessment - Drawing a clear picture of the key points of knowledge necessary to be successful at risk assessment - Setting the strategy that is necessary to succeed - Defining the inventory of tools and techniques required - Getting grounded in the business
Mapping the Organization – Understanding the Playing Field - Setting the baseline for establishing a highly effective risk assessment strategy - Determining the structure that is most effective for you and your organization -- Globally focused – the geography based model -- Functionally focused – the traditional structure model - The necessity of two Maps to more clearly define the risk picture -- The operations map -- The central functions (administration ) map - Using Microsoft Excel and Visio to create the maps -- Workshop Project: Building the Ops and Admin Maps of the Organization
Defining the Key Risk Parameters of the Model - Establishing the key outcomes (as defined in section 1 of the workshop) of each of the primary business segments / administrative areas - Building Microsoft Excel spreadsheets of the key outcomes to establish the baselines for defining the key risks and the KRI’s -- Workshop Project: Building the Inventories of Key Outcomes for all primary areas of ops and admin
Defining the best KRI’s for the Model - Time to quit kidding ourselves it is about the data and why - Defining the real KRI’s that will yield the maximum benefit to the model - Understanding the all data is not created equal when it comes to defining risk - Strategically employing the organization’s greatest asset – its data -- Getting the best data for the task at hand -- Utilizing central sources of information that are available - Identifying the right KRI’s and Analytics for the right risk situation - Building Microsoft Excel spreadsheets of the best KRI’s -- Workshop Project: Building the Inventories of Key Risk Indicators (KRI’s) for all primary areas of ops and admin
Combining the tools to build a Continuous/Continual Risk Assessment Environment - Utilizing Visio and Excel / Access in combination to create key repositories of risk information - Incorporating the use of other software to enhance the presentation of the risks -- Microsoft Map Point -- Google Earth etc. -- Workshop Project: Building the continuous/continual risk environment for the enterprise utilizing Visio and Excel/Access
Utilizing GAS to extract key data from the critical systems - GAS audit software alternatives -- IDEA -- ACL - Identifying how GAS audit software could be utilized to facilitate the acquisition of key data -- Determining the most efficient way to accumulate the necessary data -- Types of analysis that can be performed that may assist in determining risk
New Systems Development strategies to incorporate continuous/continual risk assessment - Design strategies - Critical data strategic initiatives - Advanced tooling that can be incorporated in the systems design
Questions/Wrap Up/Final Review of the strategic approach to continually assess risk
REGISTRATION QUESTIONS? For questions about your registration, government and team discounts, or multiple registrations, please call Linda Ronconi at (508) 879-7999, ext. 501 or e-mail mis@misti.com.
IN-HOUSE SEMINARS This seminar is available in-house. For more information about bringing this or other MIS seminars to your organization, please call Mimi Hatch at (410) 692-2465 or e-mail mhatch@misti.com.
