Case Study

Controls & Internal Audit SharePoint Case Study

Project Description: The control self-assessments application was developed for a large business advisory firm in the United States. The objective of the project was to maintain operating effectiveness of each internal control..

Technology Used: Microsoft® SharePoint, SQL Server , SQL reporting services, XML and JavaScript.

Solution: The Kotecso Team developed a control self- assessments application that enabled the company to collect detailed testing of Controls  for all segments, upload documents for each control while doing detail testing and load/import Work Program Summary data from Excel Spreadsheets.

Development of this application involves the following process – the internal control and compliance team first prepares a master list of all the entities, processes, risks, and controls. The admin will then validate and grant read only access to the required portions to the users. The reviewers are granted are permitted to have read only access to Risk and Control portion and Testing portion for Processes and segments assigned to them. The viewer has access to all the portions of the tool. The performer is granted access to add/delete/modify only the Testing portion and Conclusion portion for the specific Risks, Controls and Entities that are assigned to them. Additionally, the CSA application will provide summary reporting capabilities to aid ICC in assessing testing status and tracking issues. Note that the terms business, segments and entities are used interchangeably throughout this document.

Deployment: The control self-assessments application is a way to test business process and procedures within the company for SOX compliance and provide auditing controls for eventual reporting into the SEC - Securities and Exchange Commission. This helped the company to increase efficiency of all the controls by collecting and managing all the risks. The control self-assessments application was completed on budget within the stipulated.