ACL Insider
ACL Insider
Like it? Share it! Facebooktwittergoogle_pluslinkedin

Don’t know where to start with data analytics for risk assessment? Step by step, here’s a basic framework of how you can begin to apply data analytics to assess risk and controls in your organization…

While generic software like spreadsheets can get you started, purpose-built risk and control analytics technology will support more complex and valuable testing, issue management and remediation, and long-term sustainability.

1. Build a profile of potential risks

Develop a profile of potential risks as part of a risk assessment.

Consider using a risk scorecard and risk heat map to prioritize

2. Test data for possible risk indicators

Include ad hoc testing in addition to more formalized or regular tests.

Consider the spectrum of automated testing, ranging from ad hoc to repetitive through to continuous, where appropriate.

3. Improve the process by implementing continuous analysis

Use continuous analysis to test and validate the effectiveness of your controls—on a timely basis.

Provide management with immediate notification of red flags.

Create processes for control remediation.

Implement continuous analysis on a comprehensive basis across business process areas.

4. Review results

Investigate patterns and indicators that emerge from your analyses.

Quantify the risk.

Identify and target high-risk areas.

Consider the use of risk monitoring dashboards

5. Expand the scope and repeat

The process of building a profile, testing data, improving controls and reviewing information needs to be done on a regular basis.

6. Report

Make recommendations on how to tighten controls or change processes to reduce the likelihood of non-compliance.

Follow up and see if those recommendations have been acted upon and if they have had the desired effect.

Communicate, communicate, communicate. Impart “tone at the top” to the organization.

Why? Because unresolved exceptions have a negative impact on the organization.

Use risk and control analytics to assist in assessing risks in your organization; it will help drive increased efficiency into your audit work and identify data-driven indicators of emerging risks.

Download the free eBook: Mastering Risk with “Data-Driven GRC”

This eBook gives guidance on leveraging data analytics for risk management, including risk-based audit planning, example analytics for identifying risk, and real customer stories.

Download your copy here>>

Sign up to receive email updates from ACL

Subscribe Now