How COBIT helps you achieve SOX Compliance

First released way back in 1996, COBIT has already been around for quite a while. One reason why it never took off was because companies were never compelled to use it ? until now. Today, many CEOs and CIOs are finding it to be a vital tool for achieving SOX compliance in IT.

Thanks to SOX, COBIT (Control Objectives for Information and related Technology) is now one of the most widely accepted source of guidance among companies who have IT integrated with their accounting/financial systems. It has also gained general acceptability with third parties and regulators. But how did this happen?

Role of control frameworks in SOX compliance

You see, the Sarbanes-Oxley Act, despite having clearly manifested the urgency of establishing effective internal controls, does not provide a road map for you to follow nor does it specify a yardstick to help you determine whether an acceptable mileage in the right direction has already been achieved.

In other words, if you were a CIO and you wanted to find guidance on what steps you had to take to achieve compliance, you wouldn’t be able to find the answers in the legislation itself.

That can be a big problem. Two of your main SOX compliance obligations as a CEO or CIO is to assume responsibility in establishing internal controls over financial reporting and to certify their effectiveness. After that, the external auditors are supposed to attest to your assertions. Obviously, there has to be a well-defined basis before you can make such assertions and auditors can attest to anything.

In the language of auditors, this ?well-defined basis? is known as a control framework. Simply put, once you certify the presence of adequate internal controls in your organisation, the external auditor will ask, ?What control framework did you use??

Knowing what control framework you employed will help external auditors determine how to proceed with their evaluations and tests. For your part, a control framework can serve as a guide to help you work towards specific objectives for achieving compliance. Both of you can use it as a common reference point before drawing any conclusions regarding your controls.

But there are many control frameworks out there. What should you use?

How SOX, COSO, and COBIT fit together

Fortunately, despite SOX?s silence regarding control frameworks, you aren’t left entirely to your own devices. You could actually take a hint from the SEC and PCAOB, two of the lead organisations responsible for implementing SOX. SEC and PCAOB point to the adoption of any widely accepted control framework.

In this regard, they both highly endorse COSO, a well-established internal control framework formulated by the Committee of Sponsoring Organisations of the Treadway Commission (COSO). Now, I must tell you, if you’re looking specifically for instructions pertaining to IT controls, you won’t find those in COSO either.

Although COSO is the most established control framework for enterprise governance and risk management you’ll ever find (and in fact, it’s what we recommend for your general accounting processes), it lacks many IT-related details. What is therefore needed for your IT processes is a framework that, in addition to being highly aligned with COSO, also provides more detailed considerations for IT.

This is where COBIT fits the bill.

How COBIT can contribute to your regulatory compliance endeavors

COBIT builds upon and adheres with COSO while providing a finer grain of detail focused on IT. You can even find a mapping between COBIT IT processes and COSO components within the COBIT document itself.

Designed with regulatory compliance in mind, COBIT lays down a clear path for developing policies and good practice for IT control, thus enabling you to bridge the gap between control requirements, technical issues, and business risks.

Some of the components you’ll find in COBIT include:

IT control objectives

These are statements defining specific desired results that, as a whole, characterise a well-managed IT process. They come in two forms for each COBIT-defined IT process: a high-level control objective and a number of detailed control objectives. These objectives will enable you to have a sense of direction by telling you exactly what you need to aim for.

Maturity models

These are used as benchmarks that give you a relative measurement stating where your level of management or control over an IT process or high-level control objective stands. It serves as a basis for setting as-is and to-be positions and enables support for gap analysis, which determines what needs to be done to achieve a chosen level. Basically, if a control objective points you to a direction, then its corresponding maturity model tells you how far in that direction you’ve gone.

RACI charts

These charts tell you who (e.g. CEO, CFO, Head of Operations, Head of IT Administration) should be Responsible, Accountable, Consulted, and Informed for each activity.

Goals and Metrics

These are sets of goals along with the corresponding metrics that allow you to measure against those goals. Goals and metrics are defined in three levels: IT goals and metrics, which define what business expects from IT; process goals and metrics, which define what the IT process should deliver to support It’s objectives; and activity goals and metrics, which measure how well the process is performing.

In addition to those, you’ll also find mappings of each process to the information criteria involved, IT resources that need to be leveraged, and the governance focus areas that are affected.

Everything is presented in a logical and manageable structure, so that you can easily draw connections between IT processes and business goals, which will in turn help you decide what appropriate governance and control is needed. Ultimately, COBIT can equip you with the right tools to maintain a cost-benefit balance as you work towards achieving SOX compliance.

Check our similar posts

Why integrating your Field Service Management with IoT Applications makes sense

Your customers want a smooth experience when hiring your services. Whether there are pests that have run amok in their homes and you have been called in to exterminate them, there is a leak in the pipes and your plumbing repair business is the go-to for repairs, you’re in charge of a cleaning business with clients spanning across the residential and commercial niches, or even a locksmith making new installations and providing aftercare for their clients ? it is vital to make the process as hassle-free as possible for your customer. The priority is getting the job done in time, and to quality standards. On the other hand, your mobile workers need access to complete and accurate data to approach the task more proactively, get it done right, and increase the rate of first-time fixes.

When you have multiple clients and a huge workforce, things can get messy with all the paperwork involved. Preparing documents and reports, keying in the data, keeping track of your mobile employees, following up on current jobs and scheduling new appointments ? the workload can put a strain on your staff. Field service scheduling software like FieldElite come in to keep your central office staff abreast with all customer details, sending alerts when new issues arise. These are then relayed to the appropriate technician for the situation to be taken care of at the earliest possible time ? directing the right employee to the customer based on the skill-set availability and location. While field service job management software, by itself, is a powerful solution, you can crank things up a notch by having a system that integrates IoT into its operations.

Powering Field Service Scheduling Software Systems With IoT

FSM gives maintenance firms, distributors, manufacturers and other service businesses an interactive platform that optimises the workflow. From the customers booking maintenance work, office staff tracking operations right from their desk, workers interacting with it while on-ground through the mobile app, to the billing and invoicing ? it is all handled through the same system. IoT applications can boost this becoming a critical tool to show the field managers about the precise locations where attention is needed, for accurate worker and job scheduling and improved customer satisfaction. What if you could also have features like auto-scheduling coming on board? Let’s delve deeper into what it means for your FSM system.

Benefits Of Using Service Management Software With IoT Solutions

Its impact of IoT on field management is seen in the transformation of maintenance data into proactive service actions. Research by Gartner shows that in 2020 there will be over 20 billion connected devices, making the reach of IoT really vast. This will fuel the field management industry, unlocking more potential with the mobile workers interacting in real-time with their equipment and headquarters. This speeds up response time to service requests and transforms interoperability across the different devices.

???????? All-round access

The interaction with IoT benefits the technicians, managers, and customers themselves. For instance, while the worker on ground interacts with the FieldElite mobile app, the office staff at headquarters will be engaging them via browser on their smart devices, and even the client gets access to the system through the customer portal.

???????? Linking your different business operations

It doesn’t stop there. Integrating the mobile service management software to the IoT facilitates inventory management, automobile tracking, and even automates accounting, invoicing, and other internal processes of the business, giving you more visibility over your field assets and operations. Here, the sensors that have been enabled in the network will notify you of damaged equipment, and go further to route and dispatch the technician who is most suited to go on-site and repair it.

???????? Nip things in the bud ? A proactive approach

Updates from sensors on the remote equipment are sent over a dedicated network. This is intelligently interpreted by the IoT platform to decide the next course of action, depending on a predefined set of rules. This course of action can be assigning and dispatching the technician through the FieldElite app to fix the equipment before permanent damage occurs. This whole process is automatic, shifting the company from a reactive mode of operations to a proactive and preventative model, resulting in better utilisation of assets.

???????? Minimise time wastage

Less time is spent going checking for flaws in the systems. Take management at a wastewater treatment plant for instance. Simply place IoT sensors on the different pumps, mortars and valves to give you this data. In case of leaks or damage, the appropriate operator is alerted, taking away the need for manual monitoring. Monitoring is done remotely. Hazardous situations such as in the oil and gas industry where workers are faced with issues like flare stacks are handled better, where the IoT sensors minimise downtime and ensure that only necessary visits to the plat equipment are done.

???????? Interactions at the palm of your hand

The field service workers are also equipped with effective communications through aspects like the chat feature on the mobile app, and reporting abilities where they can make notes, take photos and relay this to the headquarters during the course of the job. Information on the system is readily available to the customer and future technicians who will be handling jobs at the facility.

How does the FSM work with other systems? FieldElite’s core role is to manage the mobile workforce. How do you keep track of the sensors of the different equipment, in order to know when maintenance is needed?

Enter ecoVaro: IoT In Energy Management

The 2018-2025 Global Building Energy Management System Analysis and Forecast showed energy consumption in residential buildings accounts for close to 40% of the world’s energy consumption.? Commercial buildings like shopping malls, hospitals, retail stores and hotels take 30%. IoT tools aid in collecting and analysing the real-time data consumption in these falsities, to improve maintenance and reduce down times. It’s a holistic view that is achieved through a network of smart devices monitoring the ventilation, humidity, air-conditioning and lighting systems.

Home automation tools like smart thermostats and bulbs are already becoming popular. Here, they bring savings to the consumers without them having to use up much effort. For broader energy management, these systems will include units like sensors, controls, meters, data analytics tools, and user-friendly applications that the consumers access all this from. It cuts across the board, from households and commercial establishments, to utility firms and government bodies keen on effectively monitoring and managing their energy resources. Industrial and commercial users need data analytics tools to maximise their productivity and reduce costs, while residents in households want to reduce their monthly bills and take a more proactive role in their energy management.

From Smart Devices To Accurate Loggers

The first step in saving energy is cutting down wastage. Smart light, humidity, temperature and air conditioning controls come in to maintain optimal indoor conditions. Lighting units, smart thermostats, sensor-based HVAC control systems are part of the IoT, taking centre stage in automatically maintaining the perfect indoor environment that will keep the building?s energy use at optimum levels. They have been designed with different sensors that check the humidity, light, motion and even CO₂ levels, dynamically adjusting the conditions in the facility. Here, you have situations like smart lights dimming when there is more daylight getting into the room, and then automatically turning off when people leave the room. The smart thermostats can precool the indoor space before the day gets warmer, so that during that scorching midday sun there will be less energy spent by the HVCA to bring down the heat levels.

The whole set up ? from the LED lights adjusting to user preferences and routines, learning thermostats that reduce consumption during peak load times, sensors and data analytics that give the user more control over their consumption, creates a smart energy infrastructure, be it in homes or industrial spaces, from retail stores and factories, to entire cities. This is all geared at cutting down energy costs, with the systems automatically adjusting the building?s lighting, temperature and ventilation, to reduce the energy consumption without compromising the comfort of the building?s occupants. LEED bulbs already record 20% lower maintenance costs than the typical commercial buildings.

Adopting IoT Applications For Your EMS System

How can you take advantage of this? With the EMS loggers, you monitor your facility’s consummation in real-time. Platforms like ecoVaro enable both the utility companies and end-users to access this data. The utility firms will be in a position to tailor the power supply in response to changing demand and also adjust their pricing. The end-users, on the other hand, will be in a position to control their usage at a granular level ? responding to changing environmental conditions, power consumption, and reducing energy waste.

There are also those appliances that come with sensors, from boilers in the household, to heavy production machinery in industries. The EMS systems allow you to continuously monitor the load on the sensor-enabled assets, predict when overheating will occur and pinpoint risks of outages or damage on the line. Maintenance can then be immediately carried out to vent damages to the equipment. That way components like motors are protected from damages that would have ended up costing the firm lots of funds to replace. The data analytics from the EMS platforms enable the energy manager to strike that balance to optimise performance and reduce wear, thus prolonging the life of the equipment.

Even the heavy hitters in the energy sector get to benefit from the IoT. Take power production for instance. When you’re dealing with stations, solar farms and wind fields ? as they provide that much-needed power, they also consume energy and need plenty of maintenance. These are resource-heavy stations and as a manager, you want to keep a close eye on things. This involves a complex approach, from the sensors at the facilities, data analytics, to predictive maintenance. EMS software comes in to continuously monitor the equipment and wiring through the sensors. This enables you to prevent issues like overloads, and ensure that a balanced load is maintained on the line. The EMS goes a step further by enabling you to undertake predictive maintenance, for the timely repair of the equipment on the power grid, minimising accidents, preventing blackouts, and averting the costly down times.

Electricity utilities connecting their power plants and grids to available IoT solution networks get to be more transparent to their consumers, by showing them where the energy they use comes from. This empowers the consumers with the information needed to select the cleanest energy source during that period, which is particularly beneficial for those keen on adopting greener practices. For instance, you can have a system monitoring a network of grids, and dynamically shifting to power sources that have the least amount of emissions at the moment ? what’s gaining popularity as “automated emission reduction”. These lead to utility firms that produce clean energy getting more consumers and growing their revenue base.

Field And Energy Management: How FieldElite and ecoVaro Work Together Through IoT

So, on one hand, you have the energy managers following up on the consumption trends at their facilities, keeping an eye on their equipment.? On the other hand, you have field workers needed to carry out repair and maintenance works at different locations.? How do you join them together to ensure a seamless flow of operations?? The IoT.

This can be seen with ecoVaro and Field Elite interaction. Here, you have two independent systems that are interlinked through the internet and secure cloud systems, bringing more convenience on board for the users.

Picture this: Loggers collecting data from the meters and sensors on-site detect an anomaly, which you will immediately be able to view through the ecoVaro platform. This can be a myriad of issues, from plumbing to electrical systems that need to be worked on, and they are at multiple locations. How do you get them resolved? Dispatch your technicians through FieldElite.

Here’s a snapshot of how this works:

This way, you get to optimise your operations and cut down on coasts ? taking advantage of the data analytics tools brought to you by ecoVaro, and streamlining your workflow through FieldElite. IoT powered workforce and energy management systems thus become key in reducing operational expenses, scheduling repairs and maintenance, and planning for peak hours

Accessing real-time data has the welcome benefit of cutting down on the hours spent on energy management processes. Jobs like meter reading that would have taken lots of time are handled by the system. When it comes to field management, operational efficiency is increased by taking away the manual processes involved with all the paperwork.? The sensors monitored via ecoVaro alert the field service manager about equipment that needs to be checked, and FieldElite shows the field manager issues that are on queue to be resolved. In both cases, you get accurate data that will inform the decisions made ? from the maintenance measures required, to scheduling the jobs for the technicians to handle them. It’s a win-win situation.?

Building Blocks For A Brighter Tomorrow

What’s more, this sets you up for the future. Adopting IoT solutions for your field and energy management operations will score you higher ROIs going forward. The global community is working towards enhancing the efficiency of its operations and putting in place sustainable practices in line with their Social Corporate Responsibility (CSR). This is from service providers like plumbing and electrical repair businesses, to utility firms and power generation plants. Lighting systems, homes, office buildings, factories, communities, transportation and whole cites are getting connected through the internet and more control done via smart devices. This is further accelerated by cloud systems enabling real-time, reliable and secure access to the information. By incorporating these setups into your business structure, you will gain a competitive advantage in your niche. After all, we’re still in the early stages of IoT across the industries.

Energy Management Tips

Energy management is of interest to various stakeholders; be it heads of facilities, heads of procurement, heads of environment and sustainability, financial officers, renewable energy managers and heads of energy. Some of the energy management tips that can be used to achieve considerable energy savings are:

1) Purchasing energy supplies at the lowest possible price

2) Managing energy use at peak efficiency

3) Utilising the most appropriate technology

1. Purchasing energy supplies at the lowest possible price
Purchasing energy supplies at the lowest possible price could be the starting point to great savings of energy costs. This can be achieved through switching your energy supplier. It is always advisable for companies to always take time to compare the energy tariffs to ensure they are on the best tariff and make great savings.

2. Managing energy use at peak efficiency

(a) Free help

There are some online tools that offer energy-efficiency improvements. These could come in handy in helping someone find out where to make energy-efficiency improvements.

(b) Energy monitors

An energy monitor is a gadget that estimate in real time how much energy you’re using. This can help one see where to cut back on energy consumption.

(c) Turning down thermostats

Turning down radiators especially in rooms that are rarely used/empty rooms or programming the heating to turn off when no one is there can go a long way in saving energy and energy costs.

(d) Use energy saving bulbs

Use of energy-saving light bulbs can cut down on energy usage drastically. Replacing all the light bulbs with energy-saving ones could make significant savings on energy usage and replacement costs since energy saving bulbs also have a longer life.

(e) Switching off unnecessary lights

It is also important to switch off lights that are not in use and to use the best bulb for the size of room.

(f) Sealing all heat escape routes

It is recommended that all gaps should be sealed in order to stop heat from escaping. Some of the heat escape routes are: windows, doors, chimneys and fireplaces, floorboards and skirting and loft hatches. The ways through which this can be achieved are:

? Windows- use of draught-proofing strips around the frame, brush strips work better for sash windows

? Doors – use of draught-proofing strips for gaps around the edges and brush or hinged-flap draught excluders on the bottom of doors

? Chimney and fireplace – inflatable cushions can be used to block the chimney or fit a cap over the chimney pot on fireplaces that are not used often

? Floorboards and skirting – Using a flexible silicon-based filler to fill the gaps

? Loft hatches – the use of draught-proofing strips can help to prevent hot air escaping
It is also important to consider smaller holes of air such as keyholes and letterboxes.

3. Utilising the most appropriate technology
Utilisation of technology as an energy management tool can be by way of choosing more energy efficient gadgets and by way of running technological gadgets in an energy efficient manner.

What is Servitisation?

In the current generation, innovation has transformed industries, businesses, economies, and livelihoods. Those who’ve accepted to embrace the changes have prospered and remained afloat and relevant in their respective industries.?

However, failure to embrace change has seen companies like Blockbuster pushed out of business by more innovative and technology-oriented companies like Netflix.?

What does this tell you?

That the only way to stay in business, despite the many challenges your business could be facing, is to remain alert to the dynamic demands of customers, many of which are dictated by technological advancements.?

So, if you’re a manufacturer and you’re keen on diving deeper into technology to stay on top of the game and beat your competition, you must also be expectant of the fast-approaching servitisation-centred economy. Companies like Rolls Royce that have already embraced servitisation are making great gains in their areas of expertise.?

What is Servitisation?

Servitisation can be defined as the transformation of a manufacturing firm from the mere offering of products to the market to providing innovative and invaluable services alongside their products. By so doing, the sale becomes an ongoing engagement and not a one-off event. Cranfield University professors call it “the innovation of an organisation’s capabilities and processes to better create mutual value through a shift from selling a product to selling product-service systems.”?

As foreign as it may seem for some professionals, servitisation has been a need that, though not embraced, its demand remains evident. Nonetheless, firms have hesitated to implement it. Shifting from manufacturing products only to incorporating product-centric services alongside the products is not a walk in the park. It boils down to completely changing the company’s entire structure and processes.

All the same, change is never comfortable, and that’s why it’s always best to focus on the positive for motivation.

Servitisation Case Study

Some manufacturing firms have already embraced servitisation, and they’re reaping big from it. They’ve understood the benefits of offering more value to customers at less cost. What Rolls Royce is doing currently with its “power-by-the-hour” program is a good example of servitisation.

Instead of selling Aero Engines and letting customers take charge of maintenance and uptime, Rolls-Royce now offers a full package that includes a product and relevant services.?

Essentially, what the company is creating is an intimate and long-term relationship with its customers.

The total care package by Rolls Royce means it’s essentially renting out its engines to customers and monitoring data for potential maintenance needs. The plan guarantees that maintenance is only done when necessary and avoidable damage detected in good time. As a result, there is a clear reduction in the overall cost.

Initially, Rolls Royce would make money by basically selling and repairing engines. That meant that the worse the engines, the more repairs required and the more the money the company would make.?

However, things changed when the company realised there is no demand for a product that’s constantly in the repair shop. That prompted Rolls Royce to embrace servitisation.

Servitisation aligns the interests of the customer and those of the manufacturer to ensure everyone benefits. Rolls Royce has been offering this package to airlines since 2010, and the company has seen significant returns as a result.

Benefits

There are several benefits of incorporating servitisation into your manufacturing firm. Below are three of the strongest benefits

Financial Stability– Servitisation establishes a more secure revenue stream because of the long term connection between manufacturer and customer. This also translates to loyal customers, meaning more profit.
Strong Customer Retention Rate– Being more experienced about the equipment and the constant tracking and monitoring that comes with servitisation; manufacturers are realising that they can keep more customers.
Selling a Solution And a Product– Today customers are not just looking to buy a product, instead, they want both the product and the solution to their problem. Meaning you make more money for the product you manufacture and the service you offer to your customers.

Implementation of Servitisation in the Industry

To effectively implement servitisation, there must be an effective two-way flow of information and data in the supply chain. Meaning you may require software like FieldElite for scalable condition monitoring of performance. With FieldElite, for example, servitisation is made easier for you because it enables you to monitor the performance of your assets remotely.

Maintenance and monitoring of assets were traditionally very expensive and time-consuming until the arrival of intelligent software that makes work easier and cost-effective for manufacturers. FieldElite uses advanced learning algorithms to remotely automate the entire process, allowing you to detect, in real-time, the performance and need for maintenance on your asset.

Required Organisational Changes

A few important steps include;

Companies that invest in continuous training and development always have a more competitive edge than their counterparts. Meaning an important step towards servitisation is training the workforce. This is important, considering that the company structure, focus, and process will have to change.

Set up a team that is focused on the challenge, change, and creation. With this, you can easily adjust to industry changes. The team should always work on knowing what should be adjusted and when it should be.?

In the shift to servitisation, adopting a comprehensive service technology is an important step. Such service technology software includes FieldElite. This technology will ensure that you’re able to monitor your product in real-time, meaning you can maintain good performance for as long as possible.

Because servitisation essentially focuses on the customer, take time to study customer behaviour. Knowing what your customers need and want will help you remain relevant in the industry.

Conclusion

As the demand for more benefits and long-lasting relationships with dealers grow, so is the need for manufacturers to adjust. Hence more and more manufacturing companies are leaning towards embracing servitisation as a solution to the growing demand.?

In turn, manufacturers who’re attaching service contracts to their product sales are making more than those who remain stuck in the traditional approach to sales.?

Essentially, servitisation will ensure that, as a manufacturer, you remain relevant to your customers now and in years to come. This is a much better arrangement in terms of saving costs and making more returns. Remember to be successful, you have to be flexible enough to change with demand.