Process monitoring and_audit_sadhana

P R E PA R E D B Y:
S A D H A N A S I N G H
M . T E C H ( S . E . )
PROCESS MONITORING AND
AUDIT

CONTENTS
 INTRODUCTION ABOUT AUDIT
 ATTRIBUTES OF AN AUDIT FINDING
 REASONS FOR AUDIT
 CHARACTERISTICS OF AUDIT
 KEY STEPS TO IMPLEMENTING CONTINUOUS
AUDITING
 AUDIT PROCESS
 TYPES OF AUDITING
 INTRODUCTION ABOUT MONITORING
 CHARACTERISTICS OF MONITORING
 RESEARCH PAPER
2
Process Monitoring and Audit

INTRODUCTION ABOUT AUDIT
 Provides the means to understand performance versus established
standards and identify areas for continued improvement.
 Is a formal, systematic and disciplined approach designed to
evaluate and improve the effectiveness of processes and related
controls.
 Is governed by professional standards, completed by individuals
independent of the process being audited, and normally
performed by individuals with one of several acknowledged
certifications.
3

ATTRIBUTES OF AN AUDIT FINDING
 CRITERIA: What should be
 CONDITION: What is
 CAUSE: Why the condition happened
 EFFECT: The difference and significance between what is and
what should be
 RECOMMENDATION: Actions needed to correct the cause
4

REASONS FOR AUDIT
 Verify processes
 Assess successful process implementation
 Judge effectiveness of target levels
 Reduce and eliminate problem areas
 Report non-conformance and corrections
 Report good practices
 Continual improvement
5

CHARACTERISTICS OF AUDIT
 Formal review governed by professional standards
 Completed by professionals independent of the operation
 Formal, systematic and structured approach
 Involves planning, sampling, testing, and validating
 Formal communication with recommendations and corrective
action measures
 Documented follow-up of corrective actions
 Audit accountability is typically to the Chief Audit Executive and
the Audit Committee
 Involves routine, formal communication to the Board and
Management
6

KEY STEPS TO IMPLEMENTING CONTINUOUS
AUDITING
 Establishing priority areas.
 Identifying monitoring and continuous audit rules.
 Determining the process' frequency.
 Configuring continuous audit parameters.
 Following up.
 Communicating results.
7

8

AUDIT PROCESS
Three elements:
 Preaudit activities, those done in planning and preparing for the
audit.
 Onsite audit activities by the audit team, from gathering for and
beginning the audit to reporting to management the results of the
audit.
 Postaudit activities, which include documenting the audit in an
appropriate report format and then developing and executing a
corrective action plan to address the improvement opportunities
identified by the audit team.
9

TYPES OF AUDITING
INTERNAL AUDIT
Performed by trained employee
EXTERNAL AUDIT
Independent audit organization
Certification
10

INTRODUCTION ABOUT MONITORING
 Is an on-going process usually directed by management to ensure
processes are working as intended.
 Is an effective detective control within a process.
 Is the routine, daily assessment of ongoing activities and
progress, while evaluation is the periodic assessment of
overall achievements.
 Looks at what is being done, whereas evaluation examines
what has been achieved or what impact has been made.
11

CHARACTERISTICS OF MONITORING
 Often less structured than auditing, though audit techniques may be
employed
 Usually completed by operations or compliance personnel
 Involves on-going checking and measuring
 Can be periodic spot checks, daily/weekly/monthly tests
 May identify the need for an audit
 Accountability for monitoring is typically to operations leadership
 Typically completed by department staff and communicated to
department management
 If completed in relation to a compliance work plan, formal
communication to Chief Compliance Officer and Compliance
Committee
 May involve internal audit or compliance
12

RESEARCH PAPER
SLO Auditing Task Analysis, Decomposition, and
Specification
-Hasan and Burkhard Stiller
13

CONTENT
 INTRODUCTION
 AUDIT TASK
 AUDIT TASK DECOMPOSITION
 AUDIT SPECIFICATION
14

INTRODUCTION
 Is a widely applied concept for investigating the adequacy of a
system against a set of requirements.
 Traditional areas of auditing comprise financial
auditing, compliance auditing with respect to governmental laws
and regulations, and quality audits.
 For Internet services two auditing areas are important: security
and Service Level Management (SLM).
 SLM deals with service levels as specified in an agreement
between a customer and a service provider, termed Service Level
Agreement (SLA).
15

AUDIT TASK
 An audit is defined generally as a "systematic and independent
examination of facts on system activities to determine the degree
of compliance with a pre-defined set of specifications".
 The pre-defined set of specifications is called a compliance
specification. Based on this compliance specification an audit is
applied to a set of related facts on a specific matter of interest.
 The resulting degree of compliance constitutes the main part of
an audit report. An audit report can be seen as a "derived"
fact, which may or may not be used in the next audit depending
on the compliance specification.
16

 COMPLIANCE SPECIFICATION: defines major
requirements for a particular subject matter of interest to be
audited.
 An SLO is an example of a compliance specification.
 Suppose is a QoS parameter to be audited and there are
properties 1 , 2 , ..., , which are needed to describe
, then, mathematically, a compliance condition for describes a
function , which transforms the values of the properties to a
number C representing the degree of compliance. This function is
called compliance function, where the properties are variables of
this function.
= ( 1 , 2 , ..., )
17

 FACTS AND AUDIT REPORT: A fact is a piece of information
presented as having an objective reality, whereas an audit report
stores information that characterizes examined list of facts and
describes the outcome of the compliance examination.
 A fact and an audit report is expressed using a list of Name-Value-
Pairs, so that a generic auditing system can correctly interpret
the values.
18

 AUDIT FUNCTION: An audit can be seen mathematically as a
function with a compliance specification, facts, and previous
audit reports as its input parameters and new audit reports as its
results.
 The function 0 is termed audit function and contains the
audit algorithm to perform an audit task.
= ( , , )
19

20

AUDIT TASK DECOMPOSITION
21

 Facts filtering: In order to audit a specific QoS parameter, only its
related facts are required. The task to obtain these related facts is
called filtering.
 Facts grouping: For each QoS parameter, auditing is applied to
each complete fact-list, e.g., facts associated to a PoP and a
stream type in a particular time interval are audited separately
from facts associated to other PoP, other stream types, or other
time intervals. The task to sort a list of related facts to obtain a
complete fact-list for each setting and time interval is called
grouping.
 Property values calculation: This subtask determines the value of
each property of the QoS parameter from each complete fact-list.
22

 Compliance calculation: For each complete fact-list, this subtask
calculates from the property values the degree of compliance
according to the compliance condition of the compliance
specification.
 Report’s attributes calculation: If an audit report is to be
generated, this subtask determines the name and the value of each
attribute of the audit report. Some systems may want to generate
an audit report only if there is a violation to the compliance
specification. The inputs of this subtask may come from any
output of the previous subtasks: facts grouping, property values
calculation, and compliance calculation.
 Report generation: This subtask generates a complete audit report
from report attributes.
23

AUDIT SPECIFICATION
 Facts Filtering Function Specification (FFSpec): a specification
of a filter function to obtain a certain fact base from NewFacts.
 Facts Grouping Function Specification (GFSpec): a specification
of a grouping function to obtain complete factlists from a fact
base.
 Property Function Specification (PFSpec): a specification of a
property function.
 Compliance Function Specification (CFSpec): a specification of
a compliance function.
 Report’s Attribute Function Specification (AFSpec): a
specification of a function which returns a report’s attribute
value.
24

 : Compliance Calculation Specification (CCSpec) for
Q, i.e., a specification to calculate the degree of compliance for
Q by defining which FFSpec, GFSpec, PFSpecs, and CFSpec to
be used.
 : Report Composition Specification (RCSpec) for
Q, i.e., a specification that defines a list of attribute names which
compose an audit report, and assigns to each attribute a
specification which is used to generate the attribute values.
25

CONCLUSION
 Auditing tasks is the determination of compliance of facts with
pre-defined specifications.
 Auditing is the review of an organization’s quality system in
order to achieve quality throughout the process.
 Audits are the most effective when performed by qualified
professionals who work together and are focussed on clear
objectives.
26

THANK YOU
27

Process monitoring and_audit_sadhana

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (19)

Ähnlich wie Process monitoring and_audit_sadhana

Ähnlich wie Process monitoring and_audit_sadhana (20)

Mehr von Sadhana28

Mehr von Sadhana28 (12)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Process monitoring and_audit_sadhana