1 / 17

Assessment methodology

Assessment methodology. Characteristics. Focus on: Integrity, not corruption Prevention, not repression Organisations, not legislation Processes, not people. Object definition. - organisation. - processes. Assessment. vulnerabilities. Assessment. Maturity level.

darrion-carry
Télécharger la présentation

Assessment methodology

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Assessment methodology Assessment workshop

  2. Characteristics Focus on: • Integrity, not corruption • Prevention, not repression • Organisations, not legislation • Processes, not people Assessment workshop

  3. Object definition - organisation - processes Assessment vulnerabilities Assessment Maturity level Integrity Control System Gap analysis Recommendations for strengthening controls Assessment methodology Assessment workshop

  4. Outcome • Depending on the objective, thoroughness, scope and results of these steps, the result could be: • In-depth Risk Analysis • Action agenda • Audit proposal • Audit report Assessment workshop

  5. Assessment of vulnerabilities Assess the vulnerability profile: • What are the inherent vulnerabilities? • Are there circumstances that may increase the vulnerability of the organisation? • Result: • Vulnerability profile • List of vulnerable processes Assessment workshop

  6. High vulnerability areas Assessment workshop

  7. Vulnerability Enhancement Profile Assessment workshop

  8. Assessment maturity level integrity control system Assess the maturity level of the integrity control system • What is the maturity of the integrity control system? • Existence of controls • Operation of controls • Performance of controls • Result: • Maturity profile of integrity control system Assessment workshop

  9. Maturity levels Assessment workshop

  10. Integrity Control System Assessment workshop

  11. Gap analysis Match maturity level of integrity control system with established risks • What are the organisations most important integrity risks? • Does the integrity control system protect the organisation against these integrity risks? • What are the remaining risks? Assessment workshop

  12. Gap analysis: Vulnerabilities • Resilience is determined by the maturity level of integrity controls • Balance may be achieved by reducing vulnerability or enhancing controls Resilience Vulnerabilities Remaining Vulnerability Assessment workshop

  13. Gap analysis: Risks Resilience • Mitigation of risks is possible by introducing specific controls • Remaining unbalance = Remaining risks Vulnerabilities Mitigation Risks Remaining risks Assessment workshop

  14. Assessment methodology Mini workshop Assessment workshop

  15. Assessment vulnerabilities Assess the vulnerability profile: • Check and name high vulnerability areas for this organisation • Check and name vulnerability increasing circumstances • Award score of increased vulnerability in profile Assessment workshop

  16. Assessment maturity level of integrity control system Assess the integrity control system / resilience • Assess the maturity level of the integrity controls • Analyse the strengths and weaknesses of the integrity control system Assessment workshop

  17. Gap analysis Match resilience (maturity level of integrity control system) with established vulnerabilities Resilience Vulnerabilities Remaining Vulnerability Assessment workshop

More Related