AUTOMATING INTERNAL CONTROLS ASSESSMENTS FOR OUTSOURCED OPERATIONS
First Claim
1. A method for assessing business controls, the method comprising:
- making one or more descriptions of one or more business controls accessible to a user via a user interface;
enabling a user to ascertain a business function characterizing a business relationship between a client and service provider, wherein the business function is associated with the one or more business controls; and
providing a user option to adjust the one or more business controls.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and method for facilitating assessing business controls. To facilitate ensuring that a client'"'"'s control objectives are met by a particular provider, the client may wish to ensure that the control objectives and applicable controls are specified in an SLA defining the relationship between the client and the service provider. In certain large enterprise applications, where a given client may contract with many providers, and the client itself may act as a provider to other clients, effective mechanisms for ensuring the existence of adequate functioning controls may become very complex and susceptible to failed oversight. In an example embodiment, the method includes making one or more descriptions of one or more business controls accessible to a user via a user interface; enabling a user to ascertain a business function characterizing a business relationship between a client and service provider, wherein the business function is associated with the one or more business controls; and providing a user option to adjust the one or more business controls.
-
Citations
21 Claims
-
1. A method for assessing business controls, the method comprising:
-
making one or more descriptions of one or more business controls accessible to a user via a user interface; enabling a user to ascertain a business function characterizing a business relationship between a client and service provider, wherein the business function is associated with the one or more business controls; and providing a user option to adjust the one or more business controls. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for assessing business controls associated with an existing or prospective outsourced business relationship, the system comprising:
-
a computer-readable storage mechanism containing information pertaining to one or more risks and one or more corresponding mitigating controls; a Service Level Agreement (SLA) module adapted to facilitate construction of an SLA between a business and a service provider based on the information in the computer-readable storage mechanism; and an interface module adapted to coordinate information flow between the computer-readable storage mechanism and the SLA module in response to user input thereto. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. A method for assessing one or more business controls to facilitate configuring a business relationship between a client and a service provider, the method comprising:
-
establishing a business function to be outsourced; assessing one or more risks associated with the business function and one or more controls that are adapted to mitigate the risks; indicating a service provider to perform the business function and providing an indication of a selected service provider in response thereto; and automatically generating a Service Level Agreement (SLA) based on the one or more controls and the selected service provider.
-
Specification