Total Quality Management

Total Quality Management (TQM) is another business management approach that focuses on the involvement of all members of the organisation to participate in improving processes, products, services, and the culture in which they work in. It is important that every team member realises how each individual and each activity affects, and in turn is affected by, others.

With the use of combined quality and management tools, TQM also aims to reduce losses brought about by wasteful practices, a common concern in most companies. Using the TQM strategy, business would also be able to identify the cause of a defect, thereby preventing it from entering the final product.

Deming’s 14 Points

At the core of the Total Quality Management concept and implementation is Deming’s 14 points, a set of guidelines on quality as conceptualised by W Edwards Deming, one of the pioneers of quality. Deming’s 14 points are as follows:

  1. Create constancy of purpose for improving products and services.
  2. Adopt the new philosophy.
  3. Cease dependence on inspection to achieve quality.
  4. End the practice of awarding business on price alone; instead, minimise total cost by working with a single supplier.
  5. Improve constantly and forever every process for planning, production and service.
  6. Institute training on the job.
  7. Adopt and institute leadership.
  8. Drive out fear.
  9. Break down barriers between staff areas.
  10. Eliminate slogans, exhortations and targets for the workforce.
  11. Eliminate numerical quotas for the workforce and numerical goals for management.
  12. Remove barriers that rob people of pride of workmanship, and eliminate the annual rating or merit system.
  13. Institute a vigorous program of education and self-improvement for everyone.
  14. Put everybody in the company to work accomplishing the transformation.

But if you were to reduce to bare bones the TQM philosophy from Deming’s 14 points, it would all come down to two simple goals:

  1. To make things right the first time; and
  2. To work for continuous improvement.

As with all other quality management process, the end goal is to be able to offer products and services that meet and even exceed customer’s expectations.

Find out more about our Quality Assurance services in the following pages:

Check our similar posts

How COBIT helps you achieve SOX Compliance

First released way back in 1996, COBIT has already been around for quite a while. One reason why it never took off was because companies were never compelled to use it ? until now. Today, many CEOs and CIOs are finding it to be a vital tool for achieving SOX compliance in IT.

Thanks to SOX, COBIT (Control Objectives for Information and related Technology) is now one of the most widely accepted source of guidance among companies who have IT integrated with their accounting/financial systems. It has also gained general acceptability with third parties and regulators. But how did this happen?

Role of control frameworks in SOX compliance

You see, the Sarbanes-Oxley Act, despite having clearly manifested the urgency of establishing effective internal controls, does not provide a road map for you to follow nor does it specify a yardstick to help you determine whether an acceptable mileage in the right direction has already been achieved.

In other words, if you were a CIO and you wanted to find guidance on what steps you had to take to achieve compliance, you wouldn’t be able to find the answers in the legislation itself.

That can be a big problem. Two of your main SOX compliance obligations as a CEO or CIO is to assume responsibility in establishing internal controls over financial reporting and to certify their effectiveness. After that, the external auditors are supposed to attest to your assertions. Obviously, there has to be a well-defined basis before you can make such assertions and auditors can attest to anything.

In the language of auditors, this ?well-defined basis? is known as a control framework. Simply put, once you certify the presence of adequate internal controls in your organisation, the external auditor will ask, ?What control framework did you use??

Knowing what control framework you employed will help external auditors determine how to proceed with their evaluations and tests. For your part, a control framework can serve as a guide to help you work towards specific objectives for achieving compliance. Both of you can use it as a common reference point before drawing any conclusions regarding your controls.

But there are many control frameworks out there. What should you use?

How SOX, COSO, and COBIT fit together

Fortunately, despite SOX?s silence regarding control frameworks, you aren’t left entirely to your own devices. You could actually take a hint from the SEC and PCAOB, two of the lead organisations responsible for implementing SOX. SEC and PCAOB point to the adoption of any widely accepted control framework.

In this regard, they both highly endorse COSO, a well-established internal control framework formulated by the Committee of Sponsoring Organisations of the Treadway Commission (COSO). Now, I must tell you, if you’re looking specifically for instructions pertaining to IT controls, you won’t find those in COSO either.

Although COSO is the most established control framework for enterprise governance and risk management you’ll ever find (and in fact, it’s what we recommend for your general accounting processes), it lacks many IT-related details. What is therefore needed for your IT processes is a framework that, in addition to being highly aligned with COSO, also provides more detailed considerations for IT.

This is where COBIT fits the bill.

How COBIT can contribute to your regulatory compliance endeavors

COBIT builds upon and adheres with COSO while providing a finer grain of detail focused on IT. You can even find a mapping between COBIT IT processes and COSO components within the COBIT document itself.

Designed with regulatory compliance in mind, COBIT lays down a clear path for developing policies and good practice for IT control, thus enabling you to bridge the gap between control requirements, technical issues, and business risks.

Some of the components you’ll find in COBIT include:

IT control objectives

These are statements defining specific desired results that, as a whole, characterise a well-managed IT process. They come in two forms for each COBIT-defined IT process: a high-level control objective and a number of detailed control objectives. These objectives will enable you to have a sense of direction by telling you exactly what you need to aim for.

Maturity models

These are used as benchmarks that give you a relative measurement stating where your level of management or control over an IT process or high-level control objective stands. It serves as a basis for setting as-is and to-be positions and enables support for gap analysis, which determines what needs to be done to achieve a chosen level. Basically, if a control objective points you to a direction, then its corresponding maturity model tells you how far in that direction you’ve gone.

RACI charts

These charts tell you who (e.g. CEO, CFO, Head of Operations, Head of IT Administration) should be Responsible, Accountable, Consulted, and Informed for each activity.

Goals and Metrics

These are sets of goals along with the corresponding metrics that allow you to measure against those goals. Goals and metrics are defined in three levels: IT goals and metrics, which define what business expects from IT; process goals and metrics, which define what the IT process should deliver to support It’s objectives; and activity goals and metrics, which measure how well the process is performing.

In addition to those, you’ll also find mappings of each process to the information criteria involved, IT resources that need to be leveraged, and the governance focus areas that are affected.

Everything is presented in a logical and manageable structure, so that you can easily draw connections between IT processes and business goals, which will in turn help you decide what appropriate governance and control is needed. Ultimately, COBIT can equip you with the right tools to maintain a cost-benefit balance as you work towards achieving SOX compliance.

Be pound poor and become Penny rich

Energy management is and should be perceived as a long-term investment by organisations. Having said this, the need for all organisations to implement energy management strategies now cannot be overstated as these strategies will save their costs of running the business in future.

Many organisations may shy off from implementing energy efficiency measures in place opting to save the associated costs or to use the cash for other projects that may be perceived as high priority in the short run. This is most likely to occur when cost cutting is a priority. Long-term planning is however critical for energy efficiency programs. Taking steps to improve building management and energy efficiency will and does pay dividends in the near-term and may be a competitive tool in the long-term.

Be energy smart
All energy management projects begin with being energy smart which calls for the understanding of energy usage. Use of Smart Meters that give real time readings of energy usage, can dramatically help businesses understand the benefit which energy management brings to the organisation.

Smart meters also cut the amount of time businesses spend on administration by allowing them to pay accurate bills, based on accurate readings. Some suppliers also support businesses to identify areas of energy wastage/inefficiency and help setting targets for energy reduction that guide behavioural change with regard to energy in the organisation.

Use of technologies that record the energy usage at the water or electricity meters putting data into a system where the users can graph it has made it easy to compare energy consumption in various departments, sites or buildings. Appropriate measures can then be implemented to improve the efficiency.

Partnerships between businesses and energy suppliers
Since the long-term benefits of reduced energy consumption is beneficial to both suppliers and consumers; the responsibility of managing energy consumption is being taken by both. Businesses should work with the suppliers on cost reduction strategies through identifying areas where energy is being wasted and advising businesses on how to save energy. Of key importance when choosing an energy supplier therefore is their depth of understanding of a business’ energy management needs.

Capitalise on government incentives
Businesses should always explore varied financing mechanisms for their energy efficiency programs e.g. government schemes generating electricity and selling it to the grid.

The Better Way of Applying Benford’s Law for Fraud Detection

Applying Benford’s Law on large collections of data is an effective way of detecting fraud. In this article, we?ll introduce you to Benford’s Law, talk about how auditors are employing it in fraud detection, and introduce you to a more effective way of integrating it into an IT solution.

Benford’s Law in a nutshell

Benford’s Law states that certain data sets – including certain accounting numbers – exhibit a non-uniform distribution of first digits. Simply put, if you gather all the first digits (e.g. 8 is the first digit of ?814 and 1 is the first digit of ?1768) of all the numbers that make up one of these data sets, the smallest digits will appear more frequently than the larger ones.

That is, according to Benford’s Law,

1 should comprise roughly 30.1% of all first digits;
2 should be 17.6%;
3 should be 12.5%;
4 should be 9.7%, and so on.

Notice that the 1s (ones) occur far more frequently than the rest. Those who are not familiar with Benford’s Law tend to assume that all digits should be distributed uniformly. So when fraudulent individuals tinker with accounting data, they may end up putting in more 9s or 8s than there actually should be.

Once an accounting data set is found to show a large deviation from this distribution, then auditors move in to make a closer inspection.

Benford’s Law spreadsheets and templates

Because Benford’s Law has been proven to be effective in discovering unnaturally-behaving data sets (such as those manipulated by fraudsters), many auditors have created simple software solutions that apply this law. Most of these solutions, owing to the fact that a large majority of accounting departments use spreadsheets, come in the form of spreadsheet templates.

You can easily find free downloadable spreadsheet templates that apply Benford’s Law as well as simple How-To articles that can help you to implement the law on your own existing spreadsheets. Just Google “Benford’s law template” or “Benford’s law spreadsheet”.

I suggest you try out some of them yourself to get a feel on how they work.

The problem with Benford’s Law when used on spreadsheets

There’s actually another reason why I wanted you to try those spreadsheet templates and How-To’s yourself. I wanted you to see how susceptible these solutions are to trivial errors. Whenever you work on these spreadsheet templates – or your own spreadsheets for that matter – when implementing Benford’s Law, you can commit mistakes when copy-pasting values, specifying ranges, entering formulas, and so on.

Furthermore, some of the data might be located in different spreadsheets, which can likewise by found in different departments and have to be emailed for consolidation. The departments who own this data will have to extract the needed data from their own spreadsheets, transfer them to another spreadsheet, and send them to the person in-charge of consolidation.

These activities can introduce errors as well. That’s why we think that, while Benford’s Law can be an effective tool for detecting fraud, spreadsheet-based working environments can taint the entire fraud detection process.

There?s actually a better IT solution where you can use Benford’s Law.

Why a server-based solution works better

In order to apply Benford’s Law more effectively, you need to use it in an environment that implements better controls than what spreadsheets can offer. What we propose is a server-based system.

In a server-based system, your data is placed in a secure database. People who want to input data or access existing data will have to go through access controls such as login procedures. These systems also have features that log access history so that you can trace who accessed which and when.

If Benford’s Law is integrated into such a system, there would be no need for any error-prone copy-pasting activities because all the data is stored in one place. Thus, fraud detection initiatives can be much faster and more reliable.

You can get more information on this site regarding the disadvantages of spreadsheets. We can also tell you more about the advantages of server application solutions.

Ready to work with Denizon?

Contact Us Today