topleft
topright

Unified Framework

Basis for a Unified Framework

Operational Goals

Operations Overview
Supply Chain Event Management (SCEM)
Business Activity Monitoring (BAM)
Implementation
Fast Track with Categoric
Procurement and Operations
ERP Solutions

Governance

Overview and Stakeholders
Compliance Frameworks, Regulations and Bodies
Continuous Audit
Intelligent Controls Assurance

By Business Role

Business Role Overview
The Board
Audit Committee
Senior Management
Internal Audit
Risk Management
Compliance
Operations
I.S. and I.T.
I.S. and I.T.
The IS/IT function can realize major advantages from adopting the integration capabilities embedded within the Categoric solution instead of striving to integrate disparate systems “in-house and manually” (i.e., one-off, internally-developed integration solutions for each different project and requirement).

In the past organizations may have found it difficult to justify an off-the-shelf solution due to the up-front investment needed to establish the base on which to build the necessary rules and activities, and the subsequent problem of loading this initial investment cost against the first risk-based project to use the solution.

The Categoric solution overcomes this issue by supporting an incremental deployment model - one where our customers can simply make an investment to achieve their initial project requirements, with the comfort of knowing that as the subsequent use of the technology grows, it will scale seamlessly and consistently to create an enterprise-wide solution.


The client can then choose either to use their own in-house skills to further these projects and create the rules and alerts needed or avail themselves of the Categoric consultancy option to achieve their objectives.


Categoric generally drives returns within I.S. and I.T. in the following areas:

  • Extending the life and utility of existing systems
  • Reducing resource requirements
  • Reducing skills requirements
  • Making it easier to accommodate new technologies <
  • Facilitating faster responses to the businesses' requests for change

Of these, the first three usually are both the easiest to quantify and the largest in terms of hard monetary benefits.


Leverage existing IT investment
Large potential savings can be found from not having to replace existing systems. The Categoric solution can act as a “band aid” to existing systems, leveraging more value from the investment – e.g. by providing an integration bridge with another systems which would not have been possible otherwise.


This means that overwhelming benefit can be derived from the fact that the Categoric solution provides this single interface point between multiple disparate systems.

Rather than developing a new interface between any two systems when the organisation needs them to be integrated, each component can have a single interface to the Categoric software which acts as a “broker”, thus dramatically decreasing the number of interfaces needed.


The Categoric solution therefore:

  • reduces the number of interfaces needing to be developed and maintained
  • makes it easier and faster to develop interfaces (using the Categoric software tools)
  • reduces rework time because reusing interfaces rather than developing afresh results in fewer bugs (and thus reduced testing effort).
  • reduces skills requirements because, typically, Categoric’s software cushions developers and users from having to deal with many underlying technicalities.
  • may avoid the need to hire or contract expensive specialist personnel.

Empower business units and reduce pressure on IT
The standard approach enabled by using the Categoric solution also delivers value within operations by reducing the requirement for specialist IT skills. This means that an existing data-base administrator within a business unit could already have the necessary expertise to use the tool and (with a small amount of training) become empowered to "own" the day to day usage. They could work with a designated business process owner to create new rules and alerts and so could reduce the demands and pressure on IT and potentially remove any "bottlenecks".

The fact that new monitoring, alerting and reporting capabilities can be utilized and deployed directly by the business units themselves demonstrates a high degree of business responsiveness from the I.S./I.T function and emphasizes their value contribution as a business enabler.


As incremental projects and processes are deployed, the time taken will continue to reduce due to improving familiarity and skill levels of IT staff and general users with the Categoric solution.


IT and Governance 

Chief information officers (CIO) and through them the IT function, are responsible for the security, accuracy and the reliability of the systems that manage and report financial and other data.


Financial accounting and Enterprise Resource Planning and other systems are often integrated in various ways - throughout the initiating, authorizing, processing, and reporting of financial data, for example -  and therefore need to be assessed for compliance purposes.


So although primary boardroom responsibility for corporate financial reporting rests with the chief executive officer (CEO) and chief financial officer (CFO), the chief information officer (CIO) also plays a significant role in ensuring that adequate controls are in place.


SOX and the I.T. function
As an example of how this effects I.T. it is useful to consider the US Sarbanes-Oxley Act as this in particular has a profound impact on the I.S./I.T. area. While it mostly focuses on high level checks and balances, there are four of the 36 sections that have specific ramifications for IT:

  • Section 302: Company CEOs/CFOs must certify that they have reported any deficiencies or material changes in internal controls to the audit committee. Also, the officers must sign off on accuracy of company financial statements and periodic reports, and certify a number of attestations that they have reviewed the financial report, the report is true and not misleading, and that the officer accepts responsibility for ensuring effective disclosure controls.
  • Section 404: management and auditors must certify in annual reports that their internal controls are sound.
  • Section 404(a) states that each annual report must include an "internal control report" stating that management is responsible for an adequate internal control structure and an assessment by management of the control structure's effectiveness.
  • Section 404(b) requires that an accounting firm attest to, and report on, management's assertions regarding its assessment of the effectiveness of the company's internal controls.
  • Section 409: corporations are required to disclose, on a rapid and current basis (48 hours), additional information concerning material changes in its financial condition or operations.
  • Section 1102 imposes penalties for anyone who tampers with a record, document, or other object with the intent to impair the object's integrity or availability for use in an official proceeding.

In each of these instances the Categoric solution could assist the I.S/I.T function achieve the necessary control to demonstrate compliance. Many organizations adopted an initial approach that relied heavily on manual testing of controls to achieve the necessary level of compliance.

In retrospect they are now aware that this can only be a short term solution as they have found that this method is simply too costly to continue in the long term.  Further information is contained in the section on - Governance - Compliance Frameworks etc - above on the left-hand menu.
 
[ Back ]
Copyright 2007 WKD Solutions Limited Incorporating Categoric Software  (View Site Map)