PROJECTmagazine

Data Auditing Quiz: Does Your Compliance Data System Prove Your Innocence?

One if the biggest mistakes I see when visiting client companies, is their underestimation of how well their compliance data system can be audited.

It's understandable.

When you build a transaction system, your goal is to run the business. When you build a data warehouse, your goal is to analyze the business. But when does it become your goal to audit your business practices?

Usually, auditing business practices and data systems become an executive afterthought. It is in response to some regulation like HIPPA, PCI, or Sarbanes-Oxley ( SOX ). Or, it is when you have received notice that a big contract is being audited by an agency like the General Services Administration (GSA).

In all cases, when you are under-prepared for an audit it will cost you time, money and effort. Find out now if your data system proves your innocence and uncover some data audit-proofing tips for total compliance.

Take This Data Auditing Quiz Now to See If Your Compliance Data System Proves Your Innocence:

1. Does Your Data System Defend You from the Auditor's Point of View?

Some auditors want to see you survive an audit. But let's face it. Some auditors are out to get you.
Crusaders trying to prove a point at your expense sometimes spawn audits. So auditors are anticipating that there are bad business practices in place. They feel that it's their job to uncover your bad business practices and expose you. In their eyes you are guilty until proven innocent.
To defend yourself proactively, you have to approach it from the auditor's point of view. Just doing the right thing is not enough. You have to be able to prove that you're doing the right thing. Approaching it from the right frame is essential.

2. Is Your Compliance Data System Built with the Goal of Surviving an Audit?

They way most people attempt to leverage their data systems these days is all wrong.
Here's why…
When data systems were introduced, they were never built to serve the intentions of an auditor.
The key is not to attempt to leverage these systems at all. The key is to build a compliance data system with the goal of surviving an audit. This is taking business intelligence up a level to audit intelligence.
A compliance data system gets it's requirements from legislation, standards, past audit findings, and yes ... auditors. Your goal here is not to twist and turn your existing systems. That would be the equivalent of trying to do your strategic reporting out of your transactional system.

3. Do You Use An Ordinary, Normal Data Warehouse for Compliance?

Compliance data systems are much more robust than normal data warehouses. Like data warehouses, they will organize data from disparate systems into one central location. And, they will apply transformations as necessary.
However, metadata is taken very seriously. There is a clear explanation for everything that's in the data system. Audit trails are important from the original requirement to each data point. Response times are usually optimized for ad-hoc querying, so that auditors don't waste time waiting for the database.

4. Is Your Data System in Real Time?

Real time systems can take you up another level to prove your innocence. The business intelligence buzzword around this technology today is Operational Business Intelligence. These can be great for early warning systems.
As with all new technology though, be careful of the hype. As a result of this new buzz, vendors are preaching the Holy Grail again. The time tested best approach for your data system efforts is to form a good team of professionals, and build it in house.

5. Is Your Data System Cross Functional?

Audit proofing is not a Finance function, or an IT function. It is a cross-functional activity. To get the job done, you will need a good team of auditors, process analysts, subject matter experts, techies and a good coach or project manager.

Most compliance efforts are best practices enforced. So, you will find stakeholders in other departments that will benefit from your total compliance efforts. For example, I recently built a GSA compliance data warehouse for a large company that was funded by their sales department. The VP of Sales was very interested in getting clarity on how discounts were being used. This was a great side benefit for the primary requirement of proving that the government was getting the best discounts.

Leveraging your business intelligence infrastructure to build a compliance data system is an intelligent way to audit-proof your company for total compliance. Start today by writing a project charter for your most important compliance exposure. This two to three day effort will end up saving you huge amounts of time and money.

John Weathington (c) 2008

About the Author:

In a recent GSA compliance effort, John Weathington, The Chief Compliance Coach™, architected and directed the construction of a custom Compliance Data System that fortified a $100 Million contract for Sun Microsystems. Now you can get his FREE 58-page how-to guide to starting a compliance data system that will prove your innocence at: http://www.excellentmanagementsystems.com/ebooks/racehorse.jsp

No one has commented on this article.

Please keep your comments brief and on topic, and remember that this is not a discussion thread.
Name :
	Text ColorAquaBlackBlueFuchsiaGrayGreenLimeMaroonNavyOlivePurpleRedSilverTealWhiteYellow
Comment(s) :

J! Reactions • General Site License
Copyright © 2006 S. A. DeCaro