Answered step by step
Verified Expert Solution
Question
1 Approved Answer
Case Background Big Picture: Determine whether internal controls are effectively mitigating risks. Details: Why is this data important, and what questions or problems need to
Case Background
Big Picture:
Determine whether internal controls are effectively mitigating risks.
Details:
Why is this data important, and what questions or problems need to be addressed?
Besides analyzing company risk, internal auditors test internal controls to ensure that risks are being mitigated. When auditors test internal controls, they test to ensure that a control is designed appropriately and that it functions as intended. Some risks might have one mitigating internal control, while other risks might require multiple internal controls to reach a desired level of residual risk. After an internal control is tested, it is rated as effective, ineffective, or marginal.
To illustrate how well a control is mitigating the risk, we should consider the following questions: How many risks have a residual risk score that is less than its inherent risk score, which would be the result of an internal control mitigating the risk? How many controls were rated as ineffective?
Plan:
What data is needed, and how should it be analyzed?
The data needed to answer the objective is pulled from the internal audit GRC (governance, risk, and compliance) software that houses the Internal Audit departments assessment and ratings of corporate risks, including internal controls and their determined effectiveness.
The data was filtered to only include the auditable entities that were subject to an internal audit last year.
Now it is your turn to evaluate, analyze, and communicate the results!
Hint: This data includes auditable entities, business processes, risks, and internal controls, as illustrated below. One auditable entity can include one or more business processes. One business process can be subject to one or more risks. One risk can be mitigated by one or more internal controls.
When calculating risks in Excel, use the Risk ID field to perform distinct counts. When calculating internal controls in Excel, use the Control ID field to perform distinct counts.
Questions
1.Which auditable entity is responsible for the largest number of internal controls?
2.Which business process includes the largest number of internal controls?
3.Which risk is mitigated by the largest number of internal controls?
4.How many risks started with the inherent likelihood score medium high but now have a residual likelihood score of medium, due to the implementation of internal controls?
5.How many risks started with the inherent likelihood score medium low but now have a residual likelihood score of low, due to the implementation of internal controls?
6.How many risks started with the inherent impact score high but now have a residual likelihood score of medium, due to the implementation of internal controls?
7.How many risks started with the inherent impact score medium high but now have a residual likelihood score of medium low, due to the implementation of internal controls?
8.How many internal controls did the Internal Audit department identify as ineffective? (Hint: Use Test Result.)
Take it to the next level!
9.A risk owner is the employee responsible for the portion of the business process that relates to a specific risk. The risk owner usually reports to the business process owner. Which risk owner is responsible for risks that have, on average, the highest inherent risk score? Which risk owner has the highest average inherent risk? (Hint: Risk = Impact Likelihood.)
10.A business process owner is the employee responsible for the entire business process. The business process owner usually has other employees, such as the risk owners, who report to them. Which business process owner is responsible for risks that have, on average, the lowest residual risk score? (Hint: Risk = Impact Likelihood.)
1 ditable Entity ID 2 -21354 3 -21354 4 -21354 5 -21354 6 -21354 7 -21354 8 -21354 9 -21354 10 -21354 11 -21354 12 -21354 13 -21354 14 -21354 15 -21354 16-21354 17-21354 18 -21354 -21354 19 -21546 -21546 -21546 20 21 22 Auditable Entity Name Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Payroll Processing Payroll Processing Pavroll Processing Raw Data + Business Process Owner Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, drigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Brown, Lauren Brown, Lauren Brown. Lauren Business Process Name Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Payroll Payroll Pavroll Risk Name Risk ID RSK-1561134 Unacceptable Call Processing Times RSK-1565410 Poor Customer Service RSK-1561134 Unacceptable Call Processing Times RSK-1565410 Poor Customer Service RSK-1566730 Non-compliance with company policies RSK-1565410 Poor Customer Service RSK-1565410 Poor Customer Service RSK-1566728 Competency/Training RSK-1566730 Non-compliance with company policies RSK-1565410 Poor Customer Service RSK-1566728 Competency/Training RSK-1566720 Inadequate Internal Reporting RSK-1565410 Poor Customer Service RSK-1565410 Poor Customer Service RSK-1566730 Non-compliance with company policies RSK-1566730 Non-compliance with company policies RSK-1567254 Unauthorized/Inappropriate Access RSK-1567256 Business Disruption and System Failures RSK-208740 Financial reports are not accurately stated. RSK-209114 Payroll transaction records are not accurate. RSK-209169 Year end reporting is not prepared accurately and timelv. Risk Owner Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Brown, Lauren Brown, Lauren Brown. Lauren Inherent Impact Medium Medium High Medium Medium High Medium High Medium High Medium High Medium Medium High Medium High Medium Medium Medium High Medium High Medium High Medium High Medium High High Medium High Medium High High 24 25 26 27 28 29 30 31 32 33 34 35 36 37 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-84659 A Raw Data Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Accounts Pavable + B Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown. Lauren C D Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Corporate Accounts Pavable E F RSK-214847 Wage garnishments are not supported by appropriate documentation, accurately calculated, and paid when due. Inaccurate summary records of annual, sick, and compensatory leave accrued and taken, as well as the remaining balance. RSK-214848 Duplicate/fictitious payroll disbursements are made and posted to the G/L RSK-208842 Duplicate/fictitious payroll disbursements are made and posted to the G/L RSK-208842 Formalized policies and procedures are not in place for payroll processing. RSK-214844 Formalized policies and procedures are not in place for payroll processing. RSK-214844 Duplicate/fictitious payroll disbursements are made and posted to the G/L RSK-208842 RSK-209047 Payroll expenses are recorded incorrectly. RSK-208739 Payroll expenses are recorded in the wrong period. RSK-208741 Disbursements made are not recorded Duplicate/fictitious payroll disbursements are made and posted to the G/L RSK-208842 RSK-209047 Payroll expenses are recorded incorrectly. Calculations in Payroll Module are incorrect RSK-209168 RSK-208922 Business Disruption and System Failures G Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown. Lauren H Medium High Medium Low Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium Low AE-78546 38 AE-78546 39 AE-78546 40 AE-51365 41 AE-51365 42 AE-51365 43 44 AE-22564 45 AE-22564 46 AE-22564 47 AE-21546 48 AE-21546 AE-21546 49 AE-21546 50 51 AE-21546 AE-21546 52 AE-21546 53 AE-21546 54 55 AE-21546 56 AF-21546 Backup and Storage Backup and Storage Backup and Storage Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Network Operations Center Network Operations Center Network Operations Center Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Hernandez, Martin Hernandez, Martin Hernandez, Martin Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Oats, Jason Oats, Jason Oats, Jason Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown Lauren Backup Administration Backup Administration Backup Administration Disaster Recovery Business Continuity Management Business Continuity Management Data Center Operations Data Center Operations Data Center Operations Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll RSK-208909 Disasters and Other External Events Disasters and Other External Events RSK-208909 RSK-208909 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208908 Unauthorized/Inappropriate Access RSK-208908 Unauthorized/Inappropriate Access RSK-208908 Unauthorized/Inappropriate Access RSK-209047 RSK-209168 Payroll expenses are recorded incorrectly. Calculations in Payroll Module are incorrect Duplicate/fictitious payroll disbursements are made and posted to the G/L RSK-208842 Duplicate/fictitious payroll disbursements are made and RSK-208842 posted to the G/L RSK-209114 Payroll transaction records are not accurate. Formalized policies and procedures are not in place for RSK-214844 payroll processing. Involuntary governmental withholdings are not authorized, accurately reported, and timely remitted. RSK-214845 RSK-214847 RSK-209114 Wage garnishments are not supported by appropriate documentation, accurately calculated, and paid when due. Payroll transaction records are not accurate. PSK-209111 Payroll transaction records are not accurate Lopez, Juan Lopez, Juan Lopez, Juan Campbell, Finlay Campbell, Finlay Campbell, Finlay Murphy, Liam Murphy, Liam Murphy, Liam Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown Lauren Medium Medium Medium High High High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High 57 AE-21546 AE-51365 58 AE-51365 59 AE-51365 60 AE-51365 61 AE-51365 62 AE-51365 63 AE-51365 64 AE-51365 65 AE-51365 66 AE-51365 67 AE-51365 68 69 AE-22564 70 AE-22564 71 AE-22564 AE-22564 73 AE-22564 74 AE-22564 75 AE-22564 A B Payroll Processing Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Network Operations Center Network Operations Center Network Operations Center Network Operations Center Network Operations Center Network Operations Center Network Operations Center C Brown, Lauren Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Oats, Jason Oats, Jason Oats, Jason Oats, Jason Oats, Jason Oats, Jason Oats, Jason D Payroll Business Continuity Management Business Continuity Management Business Continuity Management Business Continuity Management Business Continuity Management Business Continuity Management Business Continuity Management Disaster Recovery Disaster Recovery Business Continuity Management Business Continuity Management Data Center Operations Data Center Operations Data Center Operations Data Center Operations Data Center Operations Data Center Operations Data Center Operations F E RSK-209114 Payroll transaction records are not accurate. RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-2033990 Disasters and Other External Events Disasters and Other External Events RSK-2033990 RSK-208907 Disasters and Other External Events RSK-208907 RSK-208908 RSK-233663 Disasters and Other External Events Unauthorized/Inappropriate Access Theft and Fraud RSK-208908 Unauthorized/Inappropriate Access Theft and aud RSK-208908 Unauthorized/Inappropriate Access RSK-233663 Theft and Fraud RSK-208908 Unauthorized/Inappropriate Access G Brown, Lauren Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Murphy, Liam Murphy, Liam Murphy, Liam Murphy, Liam Murphy, Liam Murphy, Liam Murphy, Liam H Medium High High High High High High High High High High High High Medium High Medium Medium High Medium Medium High Medium Medium High 76 AE-22564 37 AE-22564 78 AE-78546 79 AE-78546 80 AE-78546 81 AE-78546 92 AE-78546 AE-78546 33 AE-78546 84 AE-78546 35 AE-78546 96 37 AE-78546 8 AE-78546 39 AE-78546 30 AE-78546 AE-78546 91 AE-78546 92 AE-78546 33 AE-78546 14 5 AE-78546 96 AE-65489 97 AE-65489 38 AE-65489 39 AE-65489 00 AE-84659 01 AE-84659 02 AE-84659 A B Network Operations Center Network Operations Center Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Facilities Management Facilities Management Facilities Management Facilities Management Accounts Payable Accounts Payable Accounts Payable. C Oats, Jason Oats, Jason Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hemandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hemandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Oats, Jason Oats, Jason Oats, Jason Oats, Jason Brown, Lauren Brown, Lauren Brown, Lauren D Data Center Operations Data Center Operations Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration. Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Facilities Management Facilities Management Facilities Management Facilities Management Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable E F RSK-233663 Theft and Fraud RSK-208908 Unauthorized/inappropriate Access RSK-209080 Regulatory Non-Compliance RSK-2816537 Unauthorized/inappropriate Access RSK-2814972 Data Integrity RSK-2814972 Data Integrity RSK 2814972 Data Integrity RSK-208909 Disasters and Other External Events RSK-2816538 Business Disruption and System Failures RSK-2816538 Business Disruption and System Failures RSK-2816538 Business Disruption and Systern Failures RSK-2817057 Obsolete/inadequate technology RSK-2816536 Problem Identification and Resolution RSK-2816535 Problem Identification and Resolution RSK-2816536 Problem Identification and Resolution Business Disruption and System Failures Business Disruption and System Failures RSK 2816538 RSK-2816538 RSK-2816538 Business Disruption and System Failures RSK-2816538 Business Disruption and System Failures RSK 2816537 Unauthorized/inappropriate Access RSK-5595534 Unauthorized/inappropriate Access Theft and Fraud RSK-5595534 Unauthorized/inappropriate Access RSK-5595537 Theft and Fraud RSK-5784057 Unauthorized/inappropriate Access RSK-5784057 Unauthorized/inappropriate Access RSK-5784057 Unauthorized/inappropriate Access RSK-5595537 G Murphy, Liam Murphy, Liam Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Oats, Jason Oats, Jason Oats, Jason Oats, Jason Brown, Lauren Brown, Lauren Brown, Lauren H Medium Medium High Medium Low Medium High Medium Medium Medium Medium High High High Medium Low Medium Low Medium Low Medium Low High High High High Medium High Medium Medium Low Medium Medium Low Medium Medium Medium 103 AE 84659 104 AE-84659 AE-21546 105 AE-21546 106 AE-84659 107 AE-84659 108 AE-84659 109 AE-84659 110 AE-84659 111 AE-84659 112 AE-84659 113 114 AE-84659 AE-84659 AE-84659 115 116 AE-84659 117 118 AE-84659 119 AE-84659 AF-84559 Accounts Payable Accounts Payable Payroll Processing Payroll Processing Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Corporate Accounts Payable Corporate Accounts Payable Payroll Payroll Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable RSK-5784057 Unauthorized/Inappropriate Access RSK-5784057 Unauthorized/Inappropriate Access RSK-209113 Business Disruption and System Failures RSK-209113 Business Disruption and System Failures RSK-5776833 Fraudulent and Ghost Vendors RSK-5776833 Fraudulent and Ghost Vendors RSK-5776833 Fraudulent and Ghost Vendors RSK-5776833 Fraudulent and Ghost Vendors RSK-5776833 Fraudulent and Ghost Vendors RSK-5776833 Fraudulent and Ghast Vendars RSK-5776834 Unapproved Purchase Orders are paid RSK-6776834 Unapproved Purchase Orders are paid RSK-5776835 Unapproved invoices are paid RSK-5776834 Unapproved Purchase Orders are paid RSK-208760 Fictitious or duplicate disbursements are made. RSK-208762 Theft and Fraud RSK-5776834 Unapproved Purchase Orders are paid Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Brown, Lauren Brown, Lauren Bisset, Maribel Medium Medium Medium High Medium High Medium Medium Medium Medium Medium Medium Medium Low Medium Low Medium Medium Low Medium Low Medium High Medium Low AE-84659 120 AE-84479 121 122 AE-84659 AE-84559 123 124 AE 84699 AE-84659 125 125 AE-84659 AE-84659 127 AE-84659 128 AE-84559 129 AE-84659 130 AE-84659 131 AE-84659 132 AE-84659 133 AE-84659 134 135 AE-84659 AE-84659 136 AE-84659 137 A Baw Data Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Pavable + B Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Laurent Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren C D Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable. Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable E F RSK-5776835 Unapproved invoices are paid RSK-5776835 Unapproved invoices are paid RSK-5776835 Unapproved invoices are paid RSK-5776835 Unapproved invoices are paid RSK-5776836 Expense reports are paid without approval. Expense reports are paid without approval. RSK-5776836 RSK-5776836 Expense reports are paid without approval. RSK-208762 Theft and Fraud RSK-5776837 Checks are manually processed without proper approval. Theft and Fraud RSK 208762 RSK-5776838 Manual checks are delivered to unauthorized individuals. Theft and Fraud RSK-208762 RSK-206921 Blank checks/check stock/undelivered checks are not safeguarded RSK-5776839 Proposed payments are never made. Proposed payments are entered without proper authorization. RSK-5776840 Proposed payments are entered without proper authorization. RSK-5776810 Our outside service providers' systems have control deficiencies. RSK-5776841 RSK-5776842 Transactions are posted to the incorrect accounts Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Brown, Lauren Bisset, Maribel Brown, Lauren Bisset, Maribel Brown, Lauren Brown, Lauren Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset. Maribel H Medium Medium Medium Medium Medium Low Medium Low Medium Low Medium High Medium Medium High Low Medium High Medium High Medium Medium Medium Medium Medium High 138 AE-84659 AE-84659 139 140 AE-21354 141 AE-84659 142 AE-84659 AE-65489 143 AE 65489 144 145 AE-65489 145 AE-655489 147 AE-65489 148 AE-21546 149 AE-21546 150 AE-21546 151 AE-21545 152 AE-21546 AE-51365 153 AE-51365 154 AE-51365 155 AE-51365 156 AE-51355 157 AE-51365 158 AE-51365 159 AE-51365 160 AE-51365 A 8 Accounts Payable Accounts Payable Contact Center Operations Accounts Payable Accounts Payable Facilities Management Facilities Management Facilities Management. Facilities Management Facilities Management Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recman Brown, Lauren Brown, Lauren Gonzalez, Rodrigo Brown, Lauren Brown, Lauren Cats, Jason Oats, Jason Oats, Jason Oats, Jason Cats, Jason Brown, Lauren Brown, Laurent Brown, Lauren Brown, Lauren Brown, Lauren Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai D Corporate Accounts Payable Corporate Accounts Payable Contact Center Operations Corporate Accounts Payable Corporate Accounts Payable Facilities Management Facilities Management Facilities Management Facilities Management Facilities Management Payroll Payroll Payroll Payroll Payroll Business Continuity Management Disaster Recovery Business Continuity Management Disaster Recovery Business Continuity Management Disaster Recovery Disaster Recovery Disaster Recovery RSK-5776843 Unauthorized credit card charges are paid. RSK-5776843 Unauthorized credit card charges are paid. RSK-5784373 Talent Gaps RSK-5784146 Data Integrity RSK-5784375 Talent Caps RSK-5783974 Business Disruption and System Failures RSK-5783974 RSK-5784156 RSK-5784252 RSK 6784401 RSK-214840 RSK-5784090 Business Disruption and System Failures Data Integrity Inaccurate Financial Disclosures Talent Gaps The confidentiality of payroll information is not maintained Unauthorized/Inappropriate Access Data Integrity RSK-5784182 RSK-5784277 Inaccurate Financial Disclosures Talent Gaps RSK-5784461 RSK-5784339 Talent Gaps Talent Gaps RSK-5784389 RSK-5784339 Talent Gaps Talent Gaps RSK-5784389 Talent Gaps Talent Gaps RSK-5784339 RSK-5784389 RSK-2063990 RSK-2033990 Disasters and Other External Events Disasters and Other External Events G Bisset, Maribel Bisset, Maribel Gonzalez, Rodrigo Brown, Lauren Brown, Lauren Cats, Jason Oats, Jason Oats, Jason Oats, Jason Cats, Jason Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Medium Campbell, Finlay Medium Campbell, Finlay Medium Campbell, Finlay High Campbell, Finlay High H Medium Medium Medium Medium High Medium Medium High Medium High Medium Low Medium Low Medium Low Medium High High Medium High Medium High Medium Medium Medium Medium 161 AE-51365 162 AE-51365 163 AE-51365 164 AE-51365 165 AE-51365 166 AE-51365 167 AE-51365 168 AE-84659 169 AE-84659 170 AE-51365 171 AE-51365 172 AE-51365 173 AE-51365 174 AE-51365 175 AE-51365 176 177 AE-21546 178 AE-21546 A Raw Data B Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Accounts Payable Accounts Payable Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Payroll Processing Payroll Processing + C Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Brown, Lauren Brown, Lauren Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Brown, Lauren Brown, Lauren D Disaster Recovery Disaster Recovery Disaster Recovery Disaster Recovery Disaster Recovery Disaster Recovery Disaster Recovery Disaster Recovery Corporate Accounts Payable Corporate Accounts Payable Business Continuity Management Business Continuity Management Business Continuity Management Disaster Recovery Business Continuity Management Business Continuity Management Payroll Payroll F E RSK-2033990 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-2033989 Business Disruption and System Failures RSK-2033999 Business Disruption and System Failures RSK-208762 Theft and Fraud Unauthorized credit card charges are paid. Disasters and Other External Events Disasters and Other External Events RSK-5776943 RSK-209907 RSK-209907 RSK-5794339 RSK-5784389 RSK-209907 Talent Gaps Talent Gaps Disasters and Other External Events Disasters and Other External Events RSK-209907 RSK-209169 RSK-209168 Year end reporting is not prepared accurately and timely. Calculations in Payroll Module are incorrect G Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Brown, Lauren Bisset, Maribel Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Brown, Lauren Brown, Lauren High High High High High High High High H Medium High Medium High High Medium Medium High High High Medium High 177 AE-21546 178 AE-21546 179 AE-21546 180 AE-21546 181 AE-21546 182 AE-21546 183 AE-21546 184 AE-21546 185 AE-21546 186 AE-21546 AE-21546 187 AE-21546 188 189 AE-65489 190 AE-65489 191 AE-65489 192 193 194 195 196 197 A Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Facilities Management Facilities Management Facilities Management Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Oats, Jason Oats, Jason Oats, Jason C D Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Facilities Management Facilities Management Facilities Management F Year end reporting is not prepared accurately and timely. Calculations in Payroll Module are incorrect E RSK-209169 RSK-209168 RSK-209169 Year end reporting is not prepared accurately and timely. RSK-208739 Payroll expenses are recorded in the wrong period. RSK-209047 Payroll expenses are recorded incorrectly. RSK-209168 Calculations in Payroll Module are incorrect RSK-209169 RSK-208740 RSK-209047 RSK-209168 Year end reporting is not prepared accurately and timely. Financial reports are not accurately stated. Payroll expenses are recorded incorrectly. Calculations in Payroll Module are incorrect RSK-208741 Disbursements made are not recorded RSK-209114 Payroll transaction records are not accurate. RSK-5595534 Unauthorized/Inappropriate Access RSK-5595537 Theft and Fraud RSK-5595537 Theft and Fraud G Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Oats, Jason Oats, Jason Oats, Jason H High Medium High High Medium High Medium High Medium High High Medium High Medium High Medium High Medium High Medium High Medium Medium Low Medium Low 1 ditable Entity ID 2 -21354 3 -21354 4 -21354 5 -21354 6 -21354 7 -21354 8 -21354 9 -21354 10 -21354 11 -21354 12 -21354 13 -21354 14 -21354 15 -21354 16-21354 17-21354 18 -21354 -21354 19 -21546 -21546 -21546 20 21 22 Auditable Entity Name Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Payroll Processing Payroll Processing Pavroll Processing Raw Data + Business Process Owner Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, drigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Brown, Lauren Brown, Lauren Brown. Lauren Business Process Name Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Contact Center Operations Payroll Payroll Pavroll Risk Name Risk ID RSK-1561134 Unacceptable Call Processing Times RSK-1565410 Poor Customer Service RSK-1561134 Unacceptable Call Processing Times RSK-1565410 Poor Customer Service RSK-1566730 Non-compliance with company policies RSK-1565410 Poor Customer Service RSK-1565410 Poor Customer Service RSK-1566728 Competency/Training RSK-1566730 Non-compliance with company policies RSK-1565410 Poor Customer Service RSK-1566728 Competency/Training RSK-1566720 Inadequate Internal Reporting RSK-1565410 Poor Customer Service RSK-1565410 Poor Customer Service RSK-1566730 Non-compliance with company policies RSK-1566730 Non-compliance with company policies RSK-1567254 Unauthorized/Inappropriate Access RSK-1567256 Business Disruption and System Failures RSK-208740 Financial reports are not accurately stated. RSK-209114 Payroll transaction records are not accurate. RSK-209169 Year end reporting is not prepared accurately and timelv. Risk Owner Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Gonzalez, Rodrigo Brown, Lauren Brown, Lauren Brown. Lauren Inherent Impact Medium Medium High Medium Medium High Medium High Medium High Medium High Medium Medium High Medium High Medium Medium Medium High Medium High Medium High Medium High Medium High High Medium High Medium High High 24 25 26 27 28 29 30 31 32 33 34 35 36 37 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-21546 AE-84659 A Raw Data Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Accounts Pavable + B Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown. Lauren C D Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Corporate Accounts Pavable E F RSK-214847 Wage garnishments are not supported by appropriate documentation, accurately calculated, and paid when due. Inaccurate summary records of annual, sick, and compensatory leave accrued and taken, as well as the remaining balance. RSK-214848 Duplicate/fictitious payroll disbursements are made and posted to the G/L RSK-208842 Duplicate/fictitious payroll disbursements are made and posted to the G/L RSK-208842 Formalized policies and procedures are not in place for payroll processing. RSK-214844 Formalized policies and procedures are not in place for payroll processing. RSK-214844 Duplicate/fictitious payroll disbursements are made and posted to the G/L RSK-208842 RSK-209047 Payroll expenses are recorded incorrectly. RSK-208739 Payroll expenses are recorded in the wrong period. RSK-208741 Disbursements made are not recorded Duplicate/fictitious payroll disbursements are made and posted to the G/L RSK-208842 RSK-209047 Payroll expenses are recorded incorrectly. Calculations in Payroll Module are incorrect RSK-209168 RSK-208922 Business Disruption and System Failures G Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown. Lauren H Medium High Medium Low Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium Low AE-78546 38 AE-78546 39 AE-78546 40 AE-51365 41 AE-51365 42 AE-51365 43 44 AE-22564 45 AE-22564 46 AE-22564 47 AE-21546 48 AE-21546 AE-21546 49 AE-21546 50 51 AE-21546 AE-21546 52 AE-21546 53 AE-21546 54 55 AE-21546 56 AF-21546 Backup and Storage Backup and Storage Backup and Storage Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Network Operations Center Network Operations Center Network Operations Center Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Hernandez, Martin Hernandez, Martin Hernandez, Martin Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Oats, Jason Oats, Jason Oats, Jason Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown Lauren Backup Administration Backup Administration Backup Administration Disaster Recovery Business Continuity Management Business Continuity Management Data Center Operations Data Center Operations Data Center Operations Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll RSK-208909 Disasters and Other External Events Disasters and Other External Events RSK-208909 RSK-208909 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208908 Unauthorized/Inappropriate Access RSK-208908 Unauthorized/Inappropriate Access RSK-208908 Unauthorized/Inappropriate Access RSK-209047 RSK-209168 Payroll expenses are recorded incorrectly. Calculations in Payroll Module are incorrect Duplicate/fictitious payroll disbursements are made and posted to the G/L RSK-208842 Duplicate/fictitious payroll disbursements are made and RSK-208842 posted to the G/L RSK-209114 Payroll transaction records are not accurate. Formalized policies and procedures are not in place for RSK-214844 payroll processing. Involuntary governmental withholdings are not authorized, accurately reported, and timely remitted. RSK-214845 RSK-214847 RSK-209114 Wage garnishments are not supported by appropriate documentation, accurately calculated, and paid when due. Payroll transaction records are not accurate. PSK-209111 Payroll transaction records are not accurate Lopez, Juan Lopez, Juan Lopez, Juan Campbell, Finlay Campbell, Finlay Campbell, Finlay Murphy, Liam Murphy, Liam Murphy, Liam Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown Lauren Medium Medium Medium High High High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High Medium High 57 AE-21546 AE-51365 58 AE-51365 59 AE-51365 60 AE-51365 61 AE-51365 62 AE-51365 63 AE-51365 64 AE-51365 65 AE-51365 66 AE-51365 67 AE-51365 68 69 AE-22564 70 AE-22564 71 AE-22564 AE-22564 73 AE-22564 74 AE-22564 75 AE-22564 A B Payroll Processing Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Network Operations Center Network Operations Center Network Operations Center Network Operations Center Network Operations Center Network Operations Center Network Operations Center C Brown, Lauren Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Oats, Jason Oats, Jason Oats, Jason Oats, Jason Oats, Jason Oats, Jason Oats, Jason D Payroll Business Continuity Management Business Continuity Management Business Continuity Management Business Continuity Management Business Continuity Management Business Continuity Management Business Continuity Management Disaster Recovery Disaster Recovery Business Continuity Management Business Continuity Management Data Center Operations Data Center Operations Data Center Operations Data Center Operations Data Center Operations Data Center Operations Data Center Operations F E RSK-209114 Payroll transaction records are not accurate. RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-208907 Disasters and Other External Events RSK-2033990 Disasters and Other External Events Disasters and Other External Events RSK-2033990 RSK-208907 Disasters and Other External Events RSK-208907 RSK-208908 RSK-233663 Disasters and Other External Events Unauthorized/Inappropriate Access Theft and Fraud RSK-208908 Unauthorized/Inappropriate Access Theft and aud RSK-208908 Unauthorized/Inappropriate Access RSK-233663 Theft and Fraud RSK-208908 Unauthorized/Inappropriate Access G Brown, Lauren Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Murphy, Liam Murphy, Liam Murphy, Liam Murphy, Liam Murphy, Liam Murphy, Liam Murphy, Liam H Medium High High High High High High High High High High High High Medium High Medium Medium High Medium Medium High Medium Medium High 76 AE-22564 37 AE-22564 78 AE-78546 79 AE-78546 80 AE-78546 81 AE-78546 92 AE-78546 AE-78546 33 AE-78546 84 AE-78546 35 AE-78546 96 37 AE-78546 8 AE-78546 39 AE-78546 30 AE-78546 AE-78546 91 AE-78546 92 AE-78546 33 AE-78546 14 5 AE-78546 96 AE-65489 97 AE-65489 38 AE-65489 39 AE-65489 00 AE-84659 01 AE-84659 02 AE-84659 A B Network Operations Center Network Operations Center Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Backup and Storage Facilities Management Facilities Management Facilities Management Facilities Management Accounts Payable Accounts Payable Accounts Payable. C Oats, Jason Oats, Jason Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hemandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hemandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Hernandez, Martin Oats, Jason Oats, Jason Oats, Jason Oats, Jason Brown, Lauren Brown, Lauren Brown, Lauren D Data Center Operations Data Center Operations Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration. Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Backup Administration Facilities Management Facilities Management Facilities Management Facilities Management Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable E F RSK-233663 Theft and Fraud RSK-208908 Unauthorized/inappropriate Access RSK-209080 Regulatory Non-Compliance RSK-2816537 Unauthorized/inappropriate Access RSK-2814972 Data Integrity RSK-2814972 Data Integrity RSK 2814972 Data Integrity RSK-208909 Disasters and Other External Events RSK-2816538 Business Disruption and System Failures RSK-2816538 Business Disruption and System Failures RSK-2816538 Business Disruption and Systern Failures RSK-2817057 Obsolete/inadequate technology RSK-2816536 Problem Identification and Resolution RSK-2816535 Problem Identification and Resolution RSK-2816536 Problem Identification and Resolution Business Disruption and System Failures Business Disruption and System Failures RSK 2816538 RSK-2816538 RSK-2816538 Business Disruption and System Failures RSK-2816538 Business Disruption and System Failures RSK 2816537 Unauthorized/inappropriate Access RSK-5595534 Unauthorized/inappropriate Access Theft and Fraud RSK-5595534 Unauthorized/inappropriate Access RSK-5595537 Theft and Fraud RSK-5784057 Unauthorized/inappropriate Access RSK-5784057 Unauthorized/inappropriate Access RSK-5784057 Unauthorized/inappropriate Access RSK-5595537 G Murphy, Liam Murphy, Liam Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Lopez, Juan Oats, Jason Oats, Jason Oats, Jason Oats, Jason Brown, Lauren Brown, Lauren Brown, Lauren H Medium Medium High Medium Low Medium High Medium Medium Medium Medium High High High Medium Low Medium Low Medium Low Medium Low High High High High Medium High Medium Medium Low Medium Medium Low Medium Medium Medium 103 AE 84659 104 AE-84659 AE-21546 105 AE-21546 106 AE-84659 107 AE-84659 108 AE-84659 109 AE-84659 110 AE-84659 111 AE-84659 112 AE-84659 113 114 AE-84659 AE-84659 AE-84659 115 116 AE-84659 117 118 AE-84659 119 AE-84659 AF-84559 Accounts Payable Accounts Payable Payroll Processing Payroll Processing Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Corporate Accounts Payable Corporate Accounts Payable Payroll Payroll Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable RSK-5784057 Unauthorized/Inappropriate Access RSK-5784057 Unauthorized/Inappropriate Access RSK-209113 Business Disruption and System Failures RSK-209113 Business Disruption and System Failures RSK-5776833 Fraudulent and Ghost Vendors RSK-5776833 Fraudulent and Ghost Vendors RSK-5776833 Fraudulent and Ghost Vendors RSK-5776833 Fraudulent and Ghost Vendors RSK-5776833 Fraudulent and Ghost Vendors RSK-5776833 Fraudulent and Ghast Vendars RSK-5776834 Unapproved Purchase Orders are paid RSK-6776834 Unapproved Purchase Orders are paid RSK-5776835 Unapproved invoices are paid RSK-5776834 Unapproved Purchase Orders are paid RSK-208760 Fictitious or duplicate disbursements are made. RSK-208762 Theft and Fraud RSK-5776834 Unapproved Purchase Orders are paid Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Brown, Lauren Brown, Lauren Bisset, Maribel Medium Medium Medium High Medium High Medium Medium Medium Medium Medium Medium Medium Low Medium Low Medium Medium Low Medium Low Medium High Medium Low AE-84659 120 AE-84479 121 122 AE-84659 AE-84559 123 124 AE 84699 AE-84659 125 125 AE-84659 AE-84659 127 AE-84659 128 AE-84559 129 AE-84659 130 AE-84659 131 AE-84659 132 AE-84659 133 AE-84659 134 135 AE-84659 AE-84659 136 AE-84659 137 A Baw Data Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Payable Accounts Pavable + B Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Laurent Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren C D Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable. Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable Corporate Accounts Payable E F RSK-5776835 Unapproved invoices are paid RSK-5776835 Unapproved invoices are paid RSK-5776835 Unapproved invoices are paid RSK-5776835 Unapproved invoices are paid RSK-5776836 Expense reports are paid without approval. Expense reports are paid without approval. RSK-5776836 RSK-5776836 Expense reports are paid without approval. RSK-208762 Theft and Fraud RSK-5776837 Checks are manually processed without proper approval. Theft and Fraud RSK 208762 RSK-5776838 Manual checks are delivered to unauthorized individuals. Theft and Fraud RSK-208762 RSK-206921 Blank checks/check stock/undelivered checks are not safeguarded RSK-5776839 Proposed payments are never made. Proposed payments are entered without proper authorization. RSK-5776840 Proposed payments are entered without proper authorization. RSK-5776810 Our outside service providers' systems have control deficiencies. RSK-5776841 RSK-5776842 Transactions are posted to the incorrect accounts Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Brown, Lauren Bisset, Maribel Brown, Lauren Bisset, Maribel Brown, Lauren Brown, Lauren Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset, Maribel Bisset. Maribel H Medium Medium Medium Medium Medium Low Medium Low Medium Low Medium High Medium Medium High Low Medium High Medium High Medium Medium Medium Medium Medium High 138 AE-84659 AE-84659 139 140 AE-21354 141 AE-84659 142 AE-84659 AE-65489 143 AE 65489 144 145 AE-65489 145 AE-655489 147 AE-65489 148 AE-21546 149 AE-21546 150 AE-21546 151 AE-21545 152 AE-21546 AE-51365 153 AE-51365 154 AE-51365 155 AE-51365 156 AE-51355 157 AE-51365 158 AE-51365 159 AE-51365 160 AE-51365 A 8 Accounts Payable Accounts Payable Contact Center Operations Accounts Payable Accounts Payable Facilities Management Facilities Management Facilities Management. Facilities Management Facilities Management Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recman Brown, Lauren Brown, Lauren Gonzalez, Rodrigo Brown, Lauren Brown, Lauren Cats, Jason Oats, Jason Oats, Jason Oats, Jason Cats, Jason Brown, Lauren Brown, Laurent Brown, Lauren Brown, Lauren Brown, Lauren Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai D Corporate Accounts Payable Corporate Accounts Payable Contact Center Operations Corporate Accounts Payable Corporate Accounts Payable Facilities Management Facilities Management Facilities Management Facilities Management Facilities Management Payroll Payroll Payroll Payroll Payroll Business Continuity Management Disaster Recovery Business Continuity Management Disaster Recovery Business Continuity Management Disaster Recovery Disaster Recovery Disaster Recovery RSK-5776843 Unauthorized credit card charges are paid. RSK-5776843 Unauthorized credit card charges are paid. RSK-5784373 Talent Gaps RSK-5784146 Data Integrity RSK-5784375 Talent Caps RSK-5783974 Business Disruption and System Failures RSK-5783974 RSK-5784156 RSK-5784252 RSK 6784401 RSK-214840 RSK-5784090 Business Disruption and System Failures Data Integrity Inaccurate Financial Disclosures Talent Gaps The confidentiality of payroll information is not maintained Unauthorized/Inappropriate Access Data Integrity RSK-5784182 RSK-5784277 Inaccurate Financial Disclosures Talent Gaps RSK-5784461 RSK-5784339 Talent Gaps Talent Gaps RSK-5784389 RSK-5784339 Talent Gaps Talent Gaps RSK-5784389 Talent Gaps Talent Gaps RSK-5784339 RSK-5784389 RSK-2063990 RSK-2033990 Disasters and Other External Events Disasters and Other External Events G Bisset, Maribel Bisset, Maribel Gonzalez, Rodrigo Brown, Lauren Brown, Lauren Cats, Jason Oats, Jason Oats, Jason Oats, Jason Cats, Jason Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Medium Campbell, Finlay Medium Campbell, Finlay Medium Campbell, Finlay High Campbell, Finlay High H Medium Medium Medium Medium High Medium Medium High Medium High Medium Low Medium Low Medium Low Medium High High Medium High Medium High Medium Medium Medium Medium 161 AE-51365 162 AE-51365 163 AE-51365 164 AE-51365 165 AE-51365 166 AE-51365 167 AE-51365 168 AE-84659 169 AE-84659 170 AE-51365 171 AE-51365 172 AE-51365 173 AE-51365 174 AE-51365 175 AE-51365 176 177 AE-21546 178 AE-21546 A Raw Data B Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Accounts Payable Accounts Payable Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Business Continuity and Disaster Recovery Management Payroll Processing Payroll Processing + C Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Brown, Lauren Brown, Lauren Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Schneider, Nikolai Brown, Lauren Brown, Lauren D Disaster Recovery Disaster Recovery Disaster Recovery Disaster Recovery Disaster Recovery Disaster Recovery Disaster Recovery Disaster Recovery Corporate Accounts Payable Corporate Accounts Payable Business Continuity Management Business Continuity Management Business Continuity Management Disaster Recovery Business Continuity Management Business Continuity Management Payroll Payroll F E RSK-2033990 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-2033990 Disasters and Other External Events RSK-2033989 Business Disruption and System Failures RSK-2033999 Business Disruption and System Failures RSK-208762 Theft and Fraud Unauthorized credit card charges are paid. Disasters and Other External Events Disasters and Other External Events RSK-5776943 RSK-209907 RSK-209907 RSK-5794339 RSK-5784389 RSK-209907 Talent Gaps Talent Gaps Disasters and Other External Events Disasters and Other External Events RSK-209907 RSK-209169 RSK-209168 Year end reporting is not prepared accurately and timely. Calculations in Payroll Module are incorrect G Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Brown, Lauren Bisset, Maribel Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Campbell, Finlay Brown, Lauren Brown, Lauren High High High High High High High High H Medium High Medium High High Medium Medium High High High Medium High 177 AE-21546 178 AE-21546 179 AE-21546 180 AE-21546 181 AE-21546 182 AE-21546 183 AE-21546 184 AE-21546 185 AE-21546 186 AE-21546 AE-21546 187 AE-21546 188 189 AE-65489 190 AE-65489 191 AE-65489 192 193 194 195 196 197 A Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Payroll Processing Facilities Management Facilities Management Facilities Management Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Oats, Jason Oats, Jason Oats, Jason C D Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Payroll Facilities Management Facilities Management Facilities Management F Year end reporting is not prepared accurately and timely. Calculations in Payroll Module are incorrect E RSK-209169 RSK-209168 RSK-209169 Year end reporting is not prepared accurately and timely. RSK-208739 Payroll expenses are recorded in the wrong period. RSK-209047 Payroll expenses are recorded incorrectly. RSK-209168 Calculations in Payroll Module are incorrect RSK-209169 RSK-208740 RSK-209047 RSK-209168 Year end reporting is not prepared accurately and timely. Financial reports are not accurately stated. Payroll expenses are recorded incorrectly. Calculations in Payroll Module are incorrect RSK-208741 Disbursements made are not recorded RSK-209114 Payroll transaction records are not accurate. RSK-5595534 Unauthorized/Inappropriate Access RSK-5595537 Theft and Fraud RSK-5595537 Theft and Fraud G Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Brown, Lauren Oats, Jason Oats, Jason Oats, Jason H High Medium High High Medium High Medium High Medium High High Medium High Medium High Medium High Medium High Medium High Medium Medium Low Medium LowStep by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started
Principles Of Commodity Economics And Finance
Authors: Daniel P. Ahn
1st Edition
0262038374, 9780262038379
