Search
HomeSitemap
About Us
Consultants Skill Sets
Consulting Solutions
Educational Events
Jobs
Resources
Success Stories
Verticals
 
Home > Success Stories >> By Solutions > Internal Audit Solutions
By Solutions
 

Aligned enterprise risk management documentation and testing processes for the company's information technology internal controls.

 

Business Challenge:

 

A large pharmaceutical company established an initiative to fully comply with Sarbanes-Oxley (SOX) regulations for year ending 2004. The company completed this initiative within the desired timeframe. However, during subsequent years, they needed to align their enterprise risk management plan for their internal compliance function that served multiple regulatory authorities. This enterprise risk management initiative considered leveraging the overlapping regulatory compliance efforts and needed to remain flexible to focus the annual audit plan on the control areas of high risk.

 

Relevante Solution:

 

Relevante assisted with revising the enterprise risks plan for compliance with SOX and the FDA. We interviewed process owners, revised documented processes, identified and aligned key controls from multiple regulatory authorities, and reported to management on our findings. Our CobiT-based control evaluation approach provided management with a scorecard by control area of their risk universe, critical areas, and control points as well as a risk mitigation summary, gap listing, and remediation plan. We also helped inform personnel of the important aspects of complying with regulatory authorities.

 

We revised the enterprise risk management plan, related work papers, and we have been asked to continue to work closely with the internal and external auditors on evolving compliance issues, new process documentation, and testing results.

 

Value Delivered:

 

The Pharmaceutical major, with Relevante’s assistance, aligned their enterprise risk management with best practices with respect to SOX and FDA compliance. The company’s internal controls were compliant and streamlined for year ending 2006.

 

Our phased approach to compliance ensured participation from the company’s management and coordination with external auditors during each step so that deliverables were on time and on target, and costs were minimized. By educating the process owners about regulatory compliance and internal controls, we were able to ensure complete cooperation and a smooth and successful compliance project. The company was extremely satisfied with the value we added during this engagement, that we are now working with them on a number of other compliance related projects, including ongoing testing of internal controls.
 

 
Legal Disclaimer. Privacy Statement. Copyright © 2010 Relevante, Inc.