Team Members - PM x 1, Consultant x 2
Users - 100
Project Duration - 12 Months
Project Effort - 18 Person-Months
Sites - Japan
Problems
• IT processes non-standard, inconsistent, or non-existent.• Legacy system extremely difficult if not impossible to secure, and integrity of system very difficult to assess.
• SOX a new requirement in general world wide, and therefore not clearly defined. Not rolled out for the Japan branch, yet.
• Besides system controls, financial controls are very weak, as well.
Solution
• Use COSO and COBIT to assess risk and general status, then designed compensating controls supplemented by documentary RCM "Risk:Control Matrix".• Created narrative SOPs and policies to govern activity execution.
• Performed remediation of weaknesses found, after which we implemented the agreed controls.
• Designed appropriate test plans to test controls.
• Implemented Lotus Notes based document management system.
Benefits
• Areas of weakness discovered, allowing client to address prior to any audit.• Full, controlled documentation created over duration of project, including RCMs, Admin matrices, narrative SOPs
• IT control now possible.
• Better integration between IT and Finance departments.
Technology Highlights
• COSO and COBIT• Lotus Notes document management
• Project collaboration via MS Groove and Wiki technology
No comments:
Post a Comment