AUDITING CLIENT - SERVICE PROVIDER RELATIONSHIPS WITH REFERENCE TO INTERNAL CONTROLS ASSESSMENTS
First Claim
1. A method for auditing a client-service provider relationship, the method comprising:
- determining a scope of an audit with reference to an audit plan;
ascertaining one or more business entities or processes that are subject to audit based on the scope; and
retrieving one or more business controls associated with the one or more business entities or processes.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for facilitating auditing a client-service provider relationship. An example method includes determining a scope of an audit with reference to an audit plan; ascertaining one or more business entities or processes that are subject to audit based on the scope; and automatically retrieving one or more business controls associated with the one or more business entities or processes. In an illustrative embodiment, the example method further includes electronically accessing one or more Service Level Agreements (SLAs) associated with the one or more business entities to extract one or more descriptions of controls. A description of each control is electronically stored in association with one or more descriptions of one or more risks associated with each control. A description of each control is stored, in a library of risks and controls, in association with one or more risks.
53 Citations
20 Claims
-
1. A method for auditing a client-service provider relationship, the method comprising:
-
determining a scope of an audit with reference to an audit plan; ascertaining one or more business entities or processes that are subject to audit based on the scope; and retrieving one or more business controls associated with the one or more business entities or processes. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 18)
-
-
15. The method of claim 15, wherein initiating adjustment includes sending an electronic message instructing management of a business entity to renegotiate the SLA.
-
19. An apparatus comprising:
-
one or more processors; and logic encoded in one or more tangible media for execution by the one or more processors and when executed operable to; determining a scope of an audit with reference to an audit plan; ascertaining one or more business entities or processes that are subject to audit based on the scope; and automatically retrieving one or more business controls associated with the one or more business entities or processes.
-
-
20. A processor-readable storage device including instructions executable by a digital processor, the processor-readable storage device including one or more instructions for:
-
determining a scope of an audit with reference to an audit plan; ascertaining one or more business entities or processes that are subject to audit based on the scope; and automatically retrieving one or more business controls associated with the one or more business entities or processes.
-
Specification