Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

How to audit for success webinar

224 Aufrufe

Veröffentlicht am

This webinar was presented by Sarah Short from the assurance SIG on 11 August 2020


Veröffentlicht in: Bildung
  • Als Erste(r) kommentieren

  • Gehören Sie zu den Ersten, denen das gefällt!

How to audit for success webinar

  1. 1. How to audit for success 11th August 2020 Sarah Short APM Assurance SIG – Project Audit Workstream Lead 1
  2. 2. To start with… A question about you Using Go to www.menti.com Use code:15 50 25 2
  3. 3. Objective To answer all your questions about project auditing To gain some value and insight about project auditing 3
  4. 4. More information 4 A Guide to Project Auditing Measures for Assuring Projects A Guide to Assurance of Agile Delivery A Guide to Integrated Assurance All available at www.apm.org.uk
  5. 5. Agenda ▪ Why do we need assurance? ▪ What is project auditing? ▪ How do we get the most value? 5
  6. 6. Why? 6
  7. 7. Why do we need assurance? 7 “I need assurance because.... ...I need to know that everything is under control”. ...I need to know whether what I am being told is correct”. ...I need to be confident that I am going to get what I want”. ...I need to know whether the project is going to finish on time and within budget”.
  8. 8. Who is it for? 8 Audit Committee & Board Project Sponsor Senior Management Anyone who operates or owns a control
  9. 9. What? 9
  10. 10. What is project auditing? According to the Chartered Institute of Internal Auditors it is ‘an independent, objective assurance and consulting activity designed to add value and improve an organisation’s operations. It helps an organisation to evaluate and improve the effectiveness of risk management, control, and governance processes.’ 10
  11. 11. The Lingo Risk – The risk of something bad happening. Control - Any action taken to manage risk and increase the likelihood that goals will be achieved. 11
  12. 12. Principles A Guide to Integrated Assurance identifies the following principles for auditing: Independent Planned Proportionate Risk-based Reports 12
  13. 13. 3 lines of defence 13 Business Operations An established accountable risk and control framework Oversight functions Risk Management specialists Strategic risk management Policy & procedure setting Independent assurance – internal audit Independent challenge and objective assurance 1st line assurance 2nd line assurance 3rd line assurance
  14. 14. How? 14
  15. 15. Another question round… A couple of questions about your relationship with internal audit Using Go to www.menti.com Use code:26 90 05 15
  16. 16. Flip the script ▪ Don’t have assurance done to you ▪ Welcome it and make it work for you ▪ Why not design an assurance approach at the start of your project ▪ Use 1st, 2nd and 3rd line of defence (if required) ▪ Maintain an effective working relationship with internal audit 16
  17. 17. Let’s demystify the audit process… Scope & Plan the audit Control Design Adequacy Operational Effectiveness Testing Final report and close Management action follow- up Review the position of the project Review current risks Define the scope and plan Produce a Terms of Reference Conduct control walkthroughs Assess design adequacy of key controls Define test plan for controls Perform testing Assess the operational effectiveness of key controls Discuss control gaps and weaknesses with stakeholders Consolidate findings Analyse root cause Agree factual accuracy of findings with management Agree management actions Obtain sufficient evidence of action completion Close management actions 17
  18. 18. Scope & Plan the audit Control Design Adequacy Operational Effectiveness Testing Final report and close Management action follow- up Raise risks and issues Have input into the scope Help define the plan Present current controls Highlight any known gaps Welcome testing Openly discuss weaknesses Gain insight from audit Recognise the opportunity for improvement Complete actions Increase control Reduce risk What’s in it for me? 18
  19. 19. What’s covered? 19 Project organisation and governance Project definition and requirements management Risk management Commercials and procurement Project planning Organisational capability and culture And many more…
  20. 20. Focus Areas 20
  21. 21. Risk Assessment When assessing the level of assurance and the scope of assurance required for a project consider: ▪ The level of risk posed by the project – assess it against your organisations risk management framework ▪ Which operational risks might be affected – IT, Supply Chain, Financial Crime, Information Security ▪ Which change controls are in scope of the current lifecycle stage – Business Case, Benefits Register, Design Documentation, Testing ▪ The project’s Risk Register 21
  22. 22. A few ways to maximise benefit ▪ Conduct a risk-based audit ▪ Collaborative planning ▪ Focus on key risks first, in case you run out of time ▪ Can you report or provide feedback iteratively? ▪ Discuss your approach with stakeholders, they may provide useful insight 22
  23. 23. How to deliver the best outcome The output of any audit is a final audit report but the level of quality can vary. ▪ Make it concise and to the point ▪ Ensure it provides valuable insight ▪ Write clear findings explaining the impact and root cause ▪ Agree management actions that will improve control and reduce risk 23
  24. 24. Any questions? Please write any questions in the chat box. 24
  25. 25. What next? 25 Email assurancesig@apm.org.uk Web www.apm.org.uk/group/apm-assurance-specific-interest-group If you any more questions or would be interested in joining a Project Management User Group please contact us.