Internal Audit

1. Context

Enables mapping of Processes for Legal Entities through direct entry or through continuous import from company systems. Manages the repository of the various types of Controls (262, 231, Privacy, Entity Level Control, IT General Controls, etc. and Company) by assigning them the Responsible, the Area, Mode, Type, Frequency, Test plan, etc. Allows the creation of Test Plans. Manages the structure of internal and external auditors, the related requirements and suitability.

2. Audit Universe Identification

It allows the generation and coverage of the Universe Audit to support the definition of the program and the audit plans based on priority and coverage indexes: Results of previous audits: presenting the level of implementation of the action plans; Risk-based: in the presence of a Risk Management model, the system allows processes and controls to be associated with risks. The risk assessment is an element for the construction of the program and the audit plans; 262-based: the acquisition of the economic and patrimonial balance sheet represents a further element for the construction of the program and the audit plans.

3. Definition of the annual program and Audit plans

It allows the definition of the annual audit program in the various areas and legal entities, the generation of individual plans for the definition of the agenda of activities and the controls that will be investigated, the detection through appropriate checklists, during the execution, of the objective evidence , to the preparation of the report of the results and to the list of NC / OSS and relative AC. Audit plans can be modified graphically in Gantt charts. A workflow is available to define priorities and approve the list of audits to be performed. It is possible to attach documents and support images also through the use of tablets. The alerts are automatically sent in the schedule on the home page of the different contacts and forewarned via email.