This document discusses auditing and process monitoring. It begins by defining an audit as a formal, systematic examination to evaluate processes and controls against established standards. The key steps to implementing continuous auditing are established as identifying rules and parameters to routinely monitor processes. Process monitoring is described as an ongoing assessment of activities to ensure processes work as intended, looking at what is done rather than overall achievements. The document provides details on different types of auditing, attributes of audit findings, and characteristics of audits and monitoring.
Call Girls From Pari Chowk Greater Noida â¤ď¸8448577510 âšBest Escorts Service I...
Â
Process monitoring and_audit_sadhana
1. P R E PA R E D B Y:
S A D H A N A S I N G H
M . T E C H ( S . E . )
PROCESS MONITORING AND
AUDIT
2. CONTENTS
ď INTRODUCTION ABOUT AUDIT
ď ATTRIBUTES OF AN AUDIT FINDING
ď REASONS FOR AUDIT
ď CHARACTERISTICS OF AUDIT
ď KEY STEPS TO IMPLEMENTING CONTINUOUS
AUDITING
ď AUDIT PROCESS
ď TYPES OF AUDITING
ď INTRODUCTION ABOUT MONITORING
ď CHARACTERISTICS OF MONITORING
ď RESEARCH PAPER
2
Process Monitoring and Audit
3. INTRODUCTION ABOUT AUDIT
ď Provides the means to understand performance versus established
standards and identify areas for continued improvement.
ď Is a formal, systematic and disciplined approach designed to
evaluate and improve the effectiveness of processes and related
controls.
ď Is governed by professional standards, completed by individuals
independent of the process being audited, and normally
performed by individuals with one of several acknowledged
certifications.
3
Process Monitoring and Audit
4. ATTRIBUTES OF AN AUDIT FINDING
ď CRITERIA: What should be
ď CONDITION: What is
ď CAUSE: Why the condition happened
ď EFFECT: The difference and significance between what is and
what should be
ď RECOMMENDATION: Actions needed to correct the cause
4
Process Monitoring and Audit
5. REASONS FOR AUDIT
ď Verify processes
ď Assess successful process implementation
ď Judge effectiveness of target levels
ď Reduce and eliminate problem areas
ď Report non-conformance and corrections
ď Report good practices
ď Continual improvement
5
Process Monitoring and Audit
6. CHARACTERISTICS OF AUDIT
ď Formal review governed by professional standards
ď Completed by professionals independent of the operation
ď Formal, systematic and structured approach
ď Involves planning, sampling, testing, and validating
ď Formal communication with recommendations and corrective
action measures
ď Documented follow-up of corrective actions
ď Audit accountability is typically to the Chief Audit Executive and
the Audit Committee
ď Involves routine, formal communication to the Board and
Management
6
Process Monitoring and Audit
7. KEY STEPS TO IMPLEMENTING CONTINUOUS
AUDITING
ď Establishing priority areas.
ď Identifying monitoring and continuous audit rules.
ď Determining the process' frequency.
ď Configuring continuous audit parameters.
ď Following up.
ď Communicating results.
7
Process Monitoring and Audit
9. AUDIT PROCESS
Three elements:
ď Preaudit activities, those done in planning and preparing for the
audit.
ď Onsite audit activities by the audit team, from gathering for and
beginning the audit to reporting to management the results of the
audit.
ď Postaudit activities, which include documenting the audit in an
appropriate report format and then developing and executing a
corrective action plan to address the improvement opportunities
identified by the audit team.
9
Process Monitoring and Audit
10. TYPES OF AUDITING
INTERNAL AUDIT
Performed by trained employee
EXTERNAL AUDIT
Independent audit organization
Certification
10
Process Monitoring and Audit
11. INTRODUCTION ABOUT MONITORING
ď Is an on-going process usually directed by management to ensure
processes are working as intended.
ď Is an effective detective control within a process.
ď Is the routine, daily assessment of ongoing activities and
progress, while evaluation is the periodic assessment of
overall achievements.
ď Looks at what is being done, whereas evaluation examines
what has been achieved or what impact has been made.
11
Process Monitoring and Audit
12. CHARACTERISTICS OF MONITORING
ď Often less structured than auditing, though audit techniques may be
employed
ď Usually completed by operations or compliance personnel
ď Involves on-going checking and measuring
ď Can be periodic spot checks, daily/weekly/monthly tests
ď May identify the need for an audit
ď Accountability for monitoring is typically to operations leadership
ď Typically completed by department staff and communicated to
department management
ď If completed in relation to a compliance work plan, formal
communication to Chief Compliance Officer and Compliance
Committee
ď May involve internal audit or compliance
12
Process Monitoring and Audit
13. RESEARCH PAPER
SLO Auditing Task Analysis, Decomposition, and
Specification
-Hasan and Burkhard Stiller
13
Process Monitoring and Audit
15. INTRODUCTION
ď Is a widely applied concept for investigating the adequacy of a
system against a set of requirements.
ď Traditional areas of auditing comprise financial
auditing, compliance auditing with respect to governmental laws
and regulations, and quality audits.
ď For Internet services two auditing areas are important: security
and Service Level Management (SLM).
ď SLM deals with service levels as specified in an agreement
between a customer and a service provider, termed Service Level
Agreement (SLA).
15
Process Monitoring and Audit
16. AUDIT TASK
ď An audit is defined generally as a "systematic and independent
examination of facts on system activities to determine the degree
of compliance with a pre-defined set of specifications".
ď The pre-defined set of specifications is called a compliance
specification. Based on this compliance specification an audit is
applied to a set of related facts on a specific matter of interest.
ď The resulting degree of compliance constitutes the main part of
an audit report. An audit report can be seen as a "derived"
fact, which may or may not be used in the next audit depending
on the compliance specification.
16
Process Monitoring and Audit
17. ď COMPLIANCE SPECIFICATION: defines major
requirements for a particular subject matter of interest to be
audited.
ď An SLO is an example of a compliance specification.
ď Suppose is a QoS parameter to be audited and there are
properties 1 , 2 , ..., , which are needed to describe
, then, mathematically, a compliance condition for describes a
function , which transforms the values of the properties to a
number C representing the degree of compliance. This function is
called compliance function, where the properties are variables of
this function.
= ( 1 , 2 , ..., )
17
Process Monitoring and Audit
18. ď FACTS AND AUDIT REPORT: A fact is a piece of information
presented as having an objective reality, whereas an audit report
stores information that characterizes examined list of facts and
describes the outcome of the compliance examination.
ď A fact and an audit report is expressed using a list of Name-Value-
Pairs, so that a generic auditing system can correctly interpret
the values.
18
Process Monitoring and Audit
19. ď AUDIT FUNCTION: An audit can be seen mathematically as a
function with a compliance specification, facts, and previous
audit reports as its input parameters and new audit reports as its
results.
ď The function 0 is termed audit function and contains the
audit algorithm to perform an audit task.
= ( , , )
19
Process Monitoring and Audit
22. ď Facts filtering: In order to audit a specific QoS parameter, only its
related facts are required. The task to obtain these related facts is
called filtering.
ď Facts grouping: For each QoS parameter, auditing is applied to
each complete fact-list, e.g., facts associated to a PoP and a
stream type in a particular time interval are audited separately
from facts associated to other PoP, other stream types, or other
time intervals. The task to sort a list of related facts to obtain a
complete fact-list for each setting and time interval is called
grouping.
ď Property values calculation: This subtask determines the value of
each property of the QoS parameter from each complete fact-list.
22
Process Monitoring and Audit
23. ď Compliance calculation: For each complete fact-list, this subtask
calculates from the property values the degree of compliance
according to the compliance condition of the compliance
specification.
ď Reportâs attributes calculation: If an audit report is to be
generated, this subtask determines the name and the value of each
attribute of the audit report. Some systems may want to generate
an audit report only if there is a violation to the compliance
specification. The inputs of this subtask may come from any
output of the previous subtasks: facts grouping, property values
calculation, and compliance calculation.
ď Report generation: This subtask generates a complete audit report
from report attributes.
23
Process Monitoring and Audit
24. AUDIT SPECIFICATION
ď Facts Filtering Function Specification (FFSpec): a specification
of a filter function to obtain a certain fact base from NewFacts.
ď Facts Grouping Function Specification (GFSpec): a specification
of a grouping function to obtain complete factlists from a fact
base.
ď Property Function Specification (PFSpec): a specification of a
property function.
ď Compliance Function Specification (CFSpec): a specification of
a compliance function.
ď Reportâs Attribute Function Specification (AFSpec): a
specification of a function which returns a reportâs attribute
value.
24
Process Monitoring and Audit
25. ď : Compliance Calculation Specification (CCSpec) for
Q, i.e., a specification to calculate the degree of compliance for
Q by defining which FFSpec, GFSpec, PFSpecs, and CFSpec to
be used.
ď : Report Composition Specification (RCSpec) for
Q, i.e., a specification that defines a list of attribute names which
compose an audit report, and assigns to each attribute a
specification which is used to generate the attribute values.
25
Process Monitoring and Audit
26. CONCLUSION
ď Auditing tasks is the determination of compliance of facts with
pre-defined specifications.
ď Auditing is the review of an organizationâs quality system in
order to achieve quality throughout the process.
ď Audits are the most effective when performed by qualified
professionals who work together and are focussed on clear
objectives.
26
Process Monitoring and Audit