Internal Audit

It allows the generation and coverage of the Universe Audit to support the definition of the program and audit plans

Try KRC

CONTEXT

Enables the mapping of processes for legal entities through direct entry or continuous import from company systems. It manages the repository of the various types of controls (262, 231, privacy, entity-level control, IT general controls, etc. and corporate controls), assigning the responsible person, scope, method, type, frequency, test plan, etc. It enables the creation of test plans. It manages the structure of internal and external auditors, their requirements, and suitability.

UNIVERSE AUDIT IDENTIFICATION

It enables the generation and coverage of the Audit Universe to support the definition of the audit program and plans based on priority and coverage indicators: Results of previous audits: presenting the level of implementation of action plans; Risk-based: if a Risk Management model is present, the system allows processes and controls to be associated with risks. Risk assessment is an element for the development of the audit program and plans; 262-based: the acquisition of the company's financial statements is an additional element for the development of the audit program and plans.

DEFINITION OF THE ANNUAL PROGRAM AND AUDIT PLAN

It allows for the definition of the annual audit program for various areas and legal entities, the generation of individual plans for defining the agenda of activities and the controls to be investigated, the collection of objective evidence through appropriate checklists during execution, the preparation of the report of findings and the list of NC/OSS and related AC. Audit plans can be graphically modified in Gantt charts. A workflow is available for defining priorities and approving the list of audits to be performed. It is possible to attach supporting documents and images, even using tablets. Alerts are automatically sent to the schedule on the home page of the various contacts and are notified by email.

 

 

 

REPORT DRAFT AND MANAGEMENT EVALUATION

It enables the generation of reports, following the completion of audits, at different organizational levels, activating escalation processes based on the definition of rules and evaluation by management, before the final closure of the audit report.

COMMUNICATION OF RESULTS

It allows the communication of results to the various types of users involved. If a Risk Management Model is in place, it allows control assessments to be sent to the dedicated structure for possible updating of the risk assessment itself.

IMPROVEMENT ACTIVITIES

It allows you to manage the improvement activity plan both by incorporating proposals from the audited departments and those formulated by internal and external auditors.

 

 

 

 

 

 

 

 

 

Modules

Whistleblowing
Internal Audit
Integrated Risk Management
Model 231
Anticorruption
Privacy
Business Continuity
Quality
Information Security
Human Resources
Health and Safety
Facility Management
Environment
Plaint Maintenance
Behavior Based Safety
Corporate Social Responsibility
ERM - ESG
Project Risk Management
Insurance Risk Management
Sustainability Strategy and Reporting
Sustainability strategy and reporting
Integrated Management Systems