Data analysis is critical part of  all Internal audit or internal control assessment engagements. Right kind of data analysis will identify the exceptions, outliers, mistakes, errors and even the process inefficiencies and ineffectiveness.

Data Analysis for internal audit is not about complicated algorithms or complex visualizations. But it is about multiple perspectives with ability to understand and identify the hidden exceptions or deviations. Results from robust data analysis will enable internal audit professionals to assess and make conclusions about overall effectiveness.

Apart from being able to visualize functional requirements, understanding how IT systems are configured to run the business and knowledge regarding where and how the data is organised in the system are essential for any successful data analysis.

CrisMo: Continuous risk assessment and Monitoring

About Data Analytics solution

Data Analytics for Internal Audit in SAP environment

With the synergy of our functional experience and technical expertise in SAP, our data analytics solution will help you to be efficient and effective. 

About CrisMo

Benefits:

Apiruh Consulting Services Pvt Ltd





Our solutions are designed to


Enable organisations to establish integrated GRC platform.


Simple but all-encompassing with standard internal controls framework mapped with various compliance & other risk management requirements.


Supported by centralized data analytics engine for immediate results, making it “ready to go” solution


Automate risk remediation process by using workflows, alerts, notifications etc.

  • Highly cost effective Ready to go solution - Select the process and get the results


  • Readily available content for analysis


  • Simple and pervasive solution covering almost all of critical business processes


  • Business process wise organised risk assessment / control matrix items supported by data analysis​


  • Classified as Informative, Indicative and Inconsistency based on the nature of outcome.


  • Organised as Master data, Business transactions, configuration and Critical Access rights based nature of controls


  • Encourage your inputs for developing company specific or industry specific content. 


  • Self-evolving content database, as inputs are received from multiple clients.


  • No need to buy any data analytics software


  • No need to spend money on getting trained


  • No need to master the beast – SAP to understand the configurations or database tables


  • Discontinue any time


  • Pay as you use – Pay for the processes you select


  • Pay only if you are satisfied with the results.

Benefits :

  • First of its kind solution - SaaS modeled, simple but all-encompassing.

  • ​Easy to Implement – Select and subscribe, you are ready to go !

  • Compliance solution for SOX / IFC etc
  • Internal controls framework for Fraud Risk / Legal Risk
  • Data analytics for internal Audit
  • Operational Enterprise Risk Management framework
  • Self evolving – Risk assessment items content keeps getting better, based on feedback from different customers and their requirements.
  • Early identification and remediation of Emerging risk.
  • Integrated approach – Name may be different but as long as it can be delivered through data analysis, it will be part of CrisMo. Single source of truth 
  • Management (by exceptions) tool – You can make operational risk management integral part of Business by managing business with “Management by exceptions” principle

CrisMo, Continuous risk assessment and monitoring solution enables you to select, plan, execute and review assessment results business process wise. Supported by data analytics engine, it can be used for internal audit, Risk management, Management by exceptions etc. It consists of following modules


I . Risk Assessment Module: Risk Assessment items (Internal control checklist items) are organized business process wise in our repository called - “Global Risk Matrix”.Risk Assessment items are categorized in to the following 4 control domains based on nature of controls

  • Master data
  • Configurations
  • Business Transactions
  • Critical Access Rights

These Risk Assessment items are further classified as Informative, Indicative & Inconsistency based on the type of test   conducted.They are mapped to various parameters like SOX, ICFR, Fraud Risk, Legal Risk, Internal Audit based on relevance.
Reporting is developed to enable review and monitoring and management by exceptions


II. Risk Remediation Module:

  • The risk assessment results are summarized for providing observations and recommendations
  • Management representatives responsible for taking corrective actions are identified as Action by
  • Management reply to the recommendations along with target dates, and action plan are captured
  • Compliance status of each recommendation, action by is updated.
  • Reporting is developed to monitor enable pending risk remediation tasks like management reply and compliance.


III. Data Analytics

  • Risk assessment items are supported by pre-written data analytics queries / scripts.
  • These queries will be run on the data downloaded & the Assessment results will be obtained & updated in Risk Assessment module.