How COBIT helps you achieve SOX Compliance

First released way back in 1996, COBIT has already been around for quite a while. One reason why it never took off was because companies were never compelled to use it ? until now. Today, many CEOs and CIOs are finding it to be a vital tool for achieving SOX compliance in IT.

Thanks to SOX, COBIT (Control Objectives for Information and related Technology) is now one of the most widely accepted source of guidance among companies who have IT integrated with their accounting/financial systems. It has also gained general acceptability with third parties and regulators. But how did this happen?

Role of control frameworks in SOX compliance

You see, the Sarbanes-Oxley Act, despite having clearly manifested the urgency of establishing effective internal controls, does not provide a road map for you to follow nor does it specify a yardstick to help you determine whether an acceptable mileage in the right direction has already been achieved.

In other words, if you were a CIO and you wanted to find guidance on what steps you had to take to achieve compliance, you wouldn’t be able to find the answers in the legislation itself.

That can be a big problem. Two of your main SOX compliance obligations as a CEO or CIO is to assume responsibility in establishing internal controls over financial reporting and to certify their effectiveness. After that, the external auditors are supposed to attest to your assertions. Obviously, there has to be a well-defined basis before you can make such assertions and auditors can attest to anything.

In the language of auditors, this ?well-defined basis? is known as a control framework. Simply put, once you certify the presence of adequate internal controls in your organisation, the external auditor will ask, ?What control framework did you use??

Knowing what control framework you employed will help external auditors determine how to proceed with their evaluations and tests. For your part, a control framework can serve as a guide to help you work towards specific objectives for achieving compliance. Both of you can use it as a common reference point before drawing any conclusions regarding your controls.

But there are many control frameworks out there. What should you use?

How SOX, COSO, and COBIT fit together

Fortunately, despite SOX?s silence regarding control frameworks, you aren’t left entirely to your own devices. You could actually take a hint from the SEC and PCAOB, two of the lead organisations responsible for implementing SOX. SEC and PCAOB point to the adoption of any widely accepted control framework.

In this regard, they both highly endorse COSO, a well-established internal control framework formulated by the Committee of Sponsoring Organisations of the Treadway Commission (COSO). Now, I must tell you, if you’re looking specifically for instructions pertaining to IT controls, you won’t find those in COSO either.

Although COSO is the most established control framework for enterprise governance and risk management you’ll ever find (and in fact, it’s what we recommend for your general accounting processes), it lacks many IT-related details. What is therefore needed for your IT processes is a framework that, in addition to being highly aligned with COSO, also provides more detailed considerations for IT.

This is where COBIT fits the bill.

How COBIT can contribute to your regulatory compliance endeavors

COBIT builds upon and adheres with COSO while providing a finer grain of detail focused on IT. You can even find a mapping between COBIT IT processes and COSO components within the COBIT document itself.

Designed with regulatory compliance in mind, COBIT lays down a clear path for developing policies and good practice for IT control, thus enabling you to bridge the gap between control requirements, technical issues, and business risks.

Some of the components you’ll find in COBIT include:

IT control objectives

These are statements defining specific desired results that, as a whole, characterise a well-managed IT process. They come in two forms for each COBIT-defined IT process: a high-level control objective and a number of detailed control objectives. These objectives will enable you to have a sense of direction by telling you exactly what you need to aim for.

Maturity models

These are used as benchmarks that give you a relative measurement stating where your level of management or control over an IT process or high-level control objective stands. It serves as a basis for setting as-is and to-be positions and enables support for gap analysis, which determines what needs to be done to achieve a chosen level. Basically, if a control objective points you to a direction, then its corresponding maturity model tells you how far in that direction you’ve gone.

RACI charts

These charts tell you who (e.g. CEO, CFO, Head of Operations, Head of IT Administration) should be Responsible, Accountable, Consulted, and Informed for each activity.

Goals and Metrics

These are sets of goals along with the corresponding metrics that allow you to measure against those goals. Goals and metrics are defined in three levels: IT goals and metrics, which define what business expects from IT; process goals and metrics, which define what the IT process should deliver to support It’s objectives; and activity goals and metrics, which measure how well the process is performing.

In addition to those, you’ll also find mappings of each process to the information criteria involved, IT resources that need to be leveraged, and the governance focus areas that are affected.

Everything is presented in a logical and manageable structure, so that you can easily draw connections between IT processes and business goals, which will in turn help you decide what appropriate governance and control is needed. Ultimately, COBIT can equip you with the right tools to maintain a cost-benefit balance as you work towards achieving SOX compliance.

Check our similar posts

Top 10 Benefits of Using Field Service Automation Software

Just how much wastage is witnessed in your operations? Each morning your technicians report to work, they receive the day?s schedule, go through the inventory for the parts and tools that will be required, collect and fill the paperwork, before finally hitting the road- translating to hours of manual organisation. What of the information they need when they are at the site? Are they carrying around bulky files on each individual customer? Your field technicians are also responsible for lots of the equipment being handled- and you want to keep a tab on it all- knowing what is being worked on, when it is happening, how long it takes, and the materials that have been used. Dealing with all this on your end through loads of Excel sheets, calculating and updating time logs, and ticking off the inventory- it can be a strain. Field Service Automation Software comes in to handle it all- from the scheduling and tracking, to inventory control and invoicing- all on the same platform.

Eliminating the Paperwork and Optimising Your Operations

There has been a surge in demand for all-in-one Field Service Management (FSM) solutions. They leverage the power of mobile technology, cloud computing and social collaboration to boost the efficiency of field services. In fact, the FSM market is growing at rates never seen before, if the recent statistics are anything to go by. According to the latest estimates, it is worth $3.5 billion and is expected to hit $5.9 billion by 2024.

It’s understandable why this is happening. Technology is advancing, and we all know it’s every entrepreneur?s dream to optimise the use of the available resources while guaranteeing customer satisfaction. If technology can deliver this through automation, why not? Every business now wants to automate things, and the focus is to maximise resource output. You should, therefore, not be surprised to see the FSM software industry booming. If you just considered the field service industry, you’ll realise that there are so many software applications to help with service automation, whether full or partial.

A good example is FieldElite, which helps with the management of field workers. From your desktop or the palm of your hands, on a tablet or smartphone, you can take full control of your field workers, manage scheduled jobs, and use maps to manage work assignments for the already dispatched field workers. Not only does FieldElite help you handle tasks in an accountable manner but also provides options for accounting and reports, all managed in an easy to use dashboard.

10 Benefits Field Service Automation Software Brings On Board

Why would organisations need to invest in a Workforce management app? Below are some of the key benefits of using a Field Service Management software:

1. Cut down the down-time and make every minute count

From scheduling your operations, mapping out preferred routes, dispatching the service team, to staying connected with them throughout the tasks, you get to improve worker efficiency with field service software like FieldElite.

Most FSM software programs allow the administrator to send tasks directly to the field worker?s mobile. More often than not, the FSM software provides vital information, including service history, optimal route to the site, the tools required, and contact numbers, among other details.

This improves efficiency by ensuring that the client’s needs are taken care of promptly. Where it’s about machine maintenance, the downtime would be as short as possible.

2. Enhance professionalism and boost your brand image

FSM software programs are known for ensuring professionalism in the manner in which business activities are conducted. Of course, professionalism is attained through several factors, including working with a team of professionals. Such a team, using FSM software, results in enhanced efficiency and excellence.

A field service software like FieldElite helps you to consolidate all your business information into a single central database. With different access levels, your employees will access only as much information as is relevant to their respective duties.

An FSM software is ideal because the stored information can be accessed from any location, meaning field workers can pick new tasks while in the field, provided they’ve got the requisite tools. Instead of having to come back to the office, the employee would access all the information and execute the necessary task.

3. Resource Optimisation with Real-time Field Service Automation Software

Resource optimisation is one of the key determinants of a company?s profitability. While businesses vary in size and purpose, they all share one thing in common ? the desire to increase productivity while ensuring the optimal usage of resources.

Besides productivity, field service software also allows for efficient utilisation of the available resources to cut down on costs.

4. Stay connected with all your crew- and coordinate them better

FSM software facilitates improved coordination with the workforce. The software streamlines the management of the entire field service life cycle, ranging from labour to work orders, returns, contracts, warranties, and equipment.

The idea is to bring all the company?s field-related operations to a central point. And now, with easy data accessibility from a central platform, improved coordination is easily achievable.

5. Get accurate data and make well-informed decisions every step of the way

Adopting the field service management software is more than just a way to improve efficiency. It goes a long way towards improving a company?s accuracy. When a field service management software is used to trace a company?s activities, all the tasks are tracked on the mobile device, keeping the managers informed of every step.

Besides, the technicians also have a free reign to record the diagnostics, quality information, test results, and the parts consumed. All the information can be captured using text, audio, videos, and still photos. This guarantees minimal to no instances of data manipulation.

6. Improve Customer Satisfaction: Win Their Loyalty

Field service management software improves customer satisfaction. How does that happen? Well, using a field service software like FieldElite allows for quick response to customer queries. If there?s one thing that quickly turns your customers off, it’s delayed response to their requests. With the field service management software, however, you can respond to such requests quickly and effortlessly.

Moreover, your customers can also track the service engineer to ensure they’re well informed of any anticipated delays. With quick response time, customer machines have more reliable up-time, which is the desire of every client.

7. Flexibility ? because no one likes being tied down

If there?s one thing that customers like when dealing with a company, it’s flexibility. Instinctively, customers will always want different options to choose from when using a service without appearing to be confined to one provision. Having limited options would also appear boring.

To this extent, it would be wiser to adopt advanced FSM software. Advanced FSM software is compatible with mobile phones, meaning users can easily manage their tasks from isolated locations. FSM software can either be device-agnostic or device-specific. The device-specific type supports Android, Windows, and Apple iOS. This guarantees mobile-friendly tasks where users can easily manage the assignments via mobile application.

8. Store client history in secure cloud-based FSM software

Software like FieldElite stores client history precisely. All the past data, including order history, are stored separately and accurately. In so doing, the field technician gets easy access to the tools, specifications, and technician instructions that aid them in their operations. The result is increased productivity and on-time service delivery.

9. Asset Management and Inventory Control

Naturally, companies offering different repair services have plenty of assets to store. Accordingly, retrieving a specific part out of the large collection would be daunting.

With a field service application like FieldElite, the staff members can track down all the products effortlessly using the GPS. Furthermore, the FSM software ensures excellent maintenance of assets.

10. Improve oversight of field workers ? and keep them in the loop

The FSM software comes with many useful tools, including a built-in GPS tracker. The GPS tracker oversees the operations of the on-field workers, providing precise details about their geographical location, actual arrival time, and most importantly, the distance from the job site.

While this might not be useful at all times, it comes in handy when you need to assign an urgent task to the nearby technician. Call it a classic example of dynamic scheduling.

Final Thoughts

With so much at stake, it’s increasingly compelling to include the Field Service Management Software in your business. With every industry moving towards automation, your business cannot afford to lag.

Quick and efficient service delivery through FSM software may be the difference between you and your competitors.

The FSM software is no longer the cherry on the cake but a must-have tool for your survival in the highly competitive market.

Are Master Data Management and Hadoop a Good Match?

Master Data is the critical electronic information about the company we cannot afford to lose. Accordingly, we should sanitise it, look after it, and store it safely in several separate places that are independent of each other. The advent of Big Data introduced the current era of huge repositories ?in the clouds?. They are not, of course but at least they are remote. This short article includes a discussion about Hadoop, and whether this is a good platform to back up your Master Data.

About Hadoop

Hadoop is an open-source Apache software framework built on the assumption that hardware failure is so common that backups are unavoidable. It comprises a storage area and a management part that distributes the data to smaller nodes where it processes faster and more efficiently. Prominent users include Yahoo! and Facebook. In fact more than half Fortune 50 companies were using Hadoop in 2013.

Hadoop – initially launched in December 2011 ? has survived its baptism of fire and became a respected, reliable option. But is this something the average business owner can tackle on their own? Bear in mind that open source software generally comes with little implementation support from the vendor.

The Hadoop Strong Suite

Free to download, use and contribute to

Everything you need ?in the box? to get started

Distributed across multiple fire-walled computers

Fast processing of data held in efficient cluster nodes

Massive scaleable storage you are unlikely to run out of

Practical Constraints

There is more to Hadoop than writing to WordPress. The most straightforward solutions are uploading using Java commands, obtaining an interface mechanism, or using third party vendor connectors such as ACCESS or SAS. The system does not replace the need for IT support, although it is cheap and exceptionally powerful.

The Not-Free Safer Option

Smaller companies without in-depth in-house support are wise to engage with a technical intermediary. There are companies providing commercial implementations followed by support. Microsoft, Amazon and Google among others all have commercial versions in their catalogues, and support teams at the end of the line.

Systems Integration as a means to cost reduction

System integration in an organisation refers to a process whereby two or more separate systems are brought together for the purpose of pooling the value in the separate systems into one main system. A key component of process consolidation within any organisation is the utilisation of IT as a means to achieve this end. As such, system integration as a means to cost reduction offers organisations the opportunity to adopt and implement lean principles with the attendant benefits. The implementation of lean techniques requires an adherence to stated methods to facilitate the elimination of wastage in the production of goods and services. In summary, the lean philosophy seeks to optimise the speed of good and service production, through the elimination of waste.

While analysing some of the traditional sources of waste in organisational activities, things like overproduction, inventory, underutilised ideas, transmission of information and ideas, transportation of people and material, time wastage and over-processing stand out. The fact is that companies can eliminate a significant portion of waste through the utilisation of IT to consolidate processes within their organisation.

Adopting lean principles calls for the identification of all of the steps in the company value stream for each product family for the purpose of the eliminating the steps that do not create any value. In other words, this step calls for the elimination of redundant steps in the process flow. This is exactly what the utilisation of IT to consolidate processes offers a company. For instance, the adoption of a central cloud system across a large organisation with several facilities could increase efficiencies in that company. Such a company would drastically reduce the redundancies that used to exist in the different facilities, eliminate the instances of hardware and software purchase, maintenance and upgrade, modernise quality assurances processes and identify further opportunities for improvement.

Perhaps, from the company’s point of view, and from the perspective of lean process implementation, the most important factor is?the effect it has?on the bottom line.’reducing the number of hardware, eliminating the need for maintaining and upgrading hardware, removing the necessity for software purchase and upgrade across facilities also contributes to a significant reduction in operational costs.?This reduction in the cost of operations leads to a corresponding increase in the profit margin of the company.

Applying system integration as a means to cost reduction can also lead to the reduction in the number of people needed to operate the previous systems that have been integrated into one primary unit. Usually, companies must hire people with specialised knowledge to operate and maintain the various systems. Such employees must also receive special training and frequent ongoing education to constantly stay informed of the latest trends in process management. With the integration of the system, the number of people needed to maintain the central system will be significantly reduced, also improving the security of information and other company trade secrets.

Based on an analysis of the specific needs that exist in a particular company environment, a system integration method that is peculiar to the needs of that organisation will be worked out. Some companies may find it more cost-effective to use the services of independent cloud service providers. Others with more resources and facilities may decide to set up their own cloud service systems. Often, private cloud service system capabilities far exceed the requirements of the initiating company, meaning that they could decide to “sell” the extra “space” on their cloud network to other interested parties.

A company that fully applies the lean principles towards the integration of its systems will be able to take on additional tasks as a result of the system consolidation. This leads to an increase in performance, and more efficiency due to the seamless syncing of information in a timely and uniform manner.

Companies have to combine a top-down and a bottom-up approach towards their system integration methods. A top-down approach simply utilises the overall system structure that is already in place as a starting point, or as a foundation. The bottom-up approach seeks to design new systems for integration into the system. Other methods of system integration include the vertical, star and horizontal integration methods. In the horizontal method, a specified subsystem is used as an interface for communication between other subsystems. For the star system integration method, the subsystems are connected to the system in a manner that resembles the depiction of a star; hence, the name. Vertical integration refers to the method of the integration of subsystems based on an analysis of their functionality.

The key to successful system integration for the purpose of cost reduction is to take a manual approach towards identifying the various applicable lean principles, with respect to the system integration process. For instance, when value has been specified, it becomes easier to identify value streams. The other process of removing unnecessary or redundant steps will be easier to follow when the whole project is viewed from the whole, rather than’the part. Creating an integrated system needs some?patience?in order to work out kinks and achieve the desired perfect value that creates no waste.

Contact Us

(+353)(0)1-443-3807 – IRL
(+44)(0)20-7193-9751 – UK