1 / 22

Selling Your Recommendations

Selling Your Recommendations. Presented by: Lindsay Mercer. ISACA London 22 November 2001. Selling your recommendations. WHY?. Selling your recommendations. Why would you want to?. Trust. Control. Where are you?. What’s your culture?. Empowered. Directed. Actions. Recommendations.

luna
Télécharger la présentation

Selling Your Recommendations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Selling Your Recommendations Presented by: Lindsay Mercer ISACA London 22 November 2001

  2. Selling your recommendations WHY?

  3. Selling your recommendations Why would you want to?

  4. Trust Control Where are you? What’s your culture? Empowered Directed Actions Recommendations

  5. Where are you? What’s your role? Independent Assurance Embedded Monitor Actions Recommendations

  6. Selling your recommendations Why should you have to?

  7. What everyone wants! • goal congruent • culturally sympathetic • well designed • risk sensitive • cost effective • efficient • operating • RISK MITIGATION

  8. Selling your recommendations? Most auditors can’t give theirs away!

  9. What’s the problem? • Finding • wrong • irrelevant • Solution • wrong • not cost effective • Culturally incompatible • WIFM?

  10. Question Are the following strong controls? - • all cheques signed by 2 directors • bank reconciliations done daily • invoices matched with order and GRN before payment • strict authorisation limits • monthly management accounts

  11. Finding What is a business risk? • Business risks are risks that threaten the achievement of business objectives

  12. Effect Criterion Condition Recommendation Solution 1 Objective Cause

  13. Deficiency finding components • condition - what’s wrong • criterion - what should be happening and why • cause - what is really causing the problem • effect - what is the impact on the business (£) • recommendation - how to correct the cause • action - management’s commitment

  14. Good Design Good Bad Application Solution 2 • JFDI • OK • Design & do! • !

  15. Cracking walnuts with sledgehammers? Spend a £ to save a p? Addressing the right axis? Solution – cost effective?

  16. Hi Hi 5 4 L I K E L I H O O D Preventative 3 2 Detective 1 1 2 3 4 5 Lo Lo Hi Hi CONSEQUENCE Addressing the right axis?

  17. Cultural incompatibility New Trad

  18. Transactional analysis view Auditor Auditee Parent Parent Colleague Colleague Child Child Cultural incompatibility

  19. better side cheaper/more efficient better achievement of objectives help fulfill responsibilities self interest makes my life easier makes me look better makes me more money employment enhancing keeps me out of jail WIFM? Making your rec’s irresistible

  20. Do you really want to? • organisation’s culture • RM maturity • your role

  21. If you really must!!!!!!!!!! • get your fieldwork right • relate to business objectives • address the cause not the symptom • be proportionate & realistic • think “victim” - WIFM? • hearts & minds or ………………..?

  22. Selling Your Recommendations Presented by: Lindsay Mercer ISACA London 22 November 2001

More Related