what

job title, keywords

where

city, state, zip

Post a Job

 

 

AuditNet®

Global Audit Advisory for Industry

Industry Leadership Opportunity

Providing Industry Guidance and Requirements Oversight

 

 

Industry Nominations and Commitments of Support

AuditNet and RuleSphere invite public comments and commitments of support regarding our Global Audit Advisory industry initiative described herein. This document describes the industry boards that manage and oversee the industry requirements across the broad market segment known as Governance Risk Compliance (GRC). It is these GRC requirements that now make up AuditNet’s Audit Work Programs (AWPs).

 

If you’d like to get involved please let us know. For more information, please contact either Jim Kaplan of AuditNet or Leslie Bryce or Phil Wilson of RuleSphere.

 

• Jim Kaplan (contact info) AuditNet@gmail.com, Telephone 1(703) 839-5101
• Leslie Bryce, E-Mail leslie@RuleSphere.com, Telephone 1(877)438-0742 Ext. 712
• Phil Wilson; E-Mail phil@RuleSphere.com, Telephone 1(877)438-0742 Ext. 711

 

Overview

AuditNet (www.AuditNet.org) is well known, globally, in the audit world. The organization provides over 2000 Audit Work Programs (AWPs) via subscription-based services. AuditNet’s subscription services serve audit, financial, accounting, IT, HR, and many other functions. Overall, AuditNet’s mission is to lead the industry in Governance Risk and Compliance (GRC) work practices / disciplines, supporting technology, and content. AuditNet and partners from around the globe serve GRC professionals across the enterprise in pursuing business excellence.

 

AuditNet has become the first audit trade organization to launch a Requirements Management program to document, manage, and disseminate GRC requirements. GRC requirements encompass the core procedures for running a successful audit as well as driving business practices for non-audit roles. In addition to audit procedures, requirements include tips, notes, examples, and process guidance for Information Technology and business functions. The approved requirements (referred to as a “baseline”) for a particular industry is of extreme importance. The GRC requirements content assists companies in deriving country-specific and company-specific requirements. By deriving additional requirements the organization can improve their ability to sustain compliance. They also move themselves to more predictable and effective work practices.

 

Sponsoring Organizations

AuditNet is teamed with RuleSphere International, Inc. (www.RuleSphere.com). Together, these sponsoring partners document and manage GRC requirements for each industry that is launched. In addition, Gatherspace, ( www.Gatherspace.com ) is helping us with their advanced requirements management repository that is our core web-based platform for collaboration across requirements management processes.

 

Industry Orientation

Currently, AuditNet and RuleSphere are working on the initial industry requirements for the following industries:

 

• Pharmaceutical / Biotech
• Insurance
• Retail

 

Other industries will be added as additional governing boards are formed (as described below).

 

The Launch of Industry Audit Advisories

We are now looking to fill board member roles for specific industry audit advisories. There are two audit advisory boards that drive the direction of each industry and these, in turn, are run by governing boards. These function as global standards committees as they oversee the needs and requirements for a specific industry domain. This document describes these two boards in detail and lays out a process for nominating an individual (or nominating yourself) for a post on one of the boards.

 

1.) The Global Audit Advisory (GAA)

 

Board Role / Title: Industry Managing Director

 

2.) The Industry Change Control Board (ICCB).

 

Board Role / Title: GRC Industry Change Control Director

 

 

Offer To Participate

You can nominate an individual for one of the two following roles or sign up for a post by forwarding your resume.

 

1. Participate as an Industry Managing Director for a term of 1 year on a Global Audit Advisory for a particular industry that you have significant experience in. Please submit a current resume to be considered. No prior requirements management experience is needed as you will receive education and training by the program sponsors.

 

2. Participate as a GRC Industry Change Control Director for a term of 1 year on an Industry Change Control Board to help guide the direction of GRC requirements for a particular industry that you have experience in. Please submit a current resume to be considered. No prior requirements management experience is needed as you will receive education and training by the program sponsors.

.

 

Prior Understanding of Requirements Management

Nominees are not required to have any prior background in the work discipline known as “requirements management”. RuleSphere will provide education and training assistance (at no charge) in getting up to speed. The time period to get up to speed is less than 2 hours.

 

 

Meeting & Time Commitments

 

• Industry Managing Directors are required to attend 4 quarterly (phone and web) Global Audit Advisory (GAA) meetings and 4 monthly meetings over the 1 year term. The monthly time commitment is approximately 3-4 hours.

 

• GRC Industry Change Control Directors are required to attend 10 monthly (phone and web) Industry Change Control Board (ICCB) meetings over the 1 year term where your peers and yourself will vote on requirement change requests. The monthly time commitment is approximately 4-5 hours.

 

Benefits for Participation as an Industry Director or Managing Director

 

1. Industry Visibility, Respect, & Notoriety – The greatest benefits that are achieved by participating in AuditNet’s industry leadership standards body are threefold. You will have gained significant global visibility in a major standards body role. You will gain respect from peers for your leadership role. You will also achieve notoriety based on your participation as a Managing Director or a GRC Change Control Board Director for the industry that you have chosen to focus on. Your participation and leadership have major importance for your industry because you will help guide your industry needs and requirements across. GRC, audit, and finance / accounting areas of concern.

 

2. Prestige and Career Growth – You ability to step outside your current full-time role and participate in a global standards body is significant. It will immediately generate prestige for building your career. It is a wonderful way to grow your career as well. You signal that you are able to manage global industry requirements in areas such as audit, security, finance, etc.

 

3. AuditNet and RuleSphere System Discounts for Your Organization – Your organization will receive a discount (TBD) during the term of your participation with either one of our standards bodies.

 

4. Free System Usage for You – You will be provided with free system access to the Software-as-a-Service platforms that we use.

 

5. Role Validation and Job Referrals – The sponsoring organizations will provide you with validations that you have helped us to launch industry standards for GRC requirements.

 

6. Opportunity for Industry Advancement – Once you have participated as a GRC Industry Change Control Director, The current Managing Directors will vote on your opportunity to progress up to the next level and join the Managing Director members for your industry. This role allows you to participate in major GRC requirements management decisions for a formal period of one year as well as being granted other voting privileges thereafter.

 

7. Grandfathering - Your Managing Director role for a specific industry is retained by you for as long as you are involved with AuditNet.

 

8. Honorarium – To be voted upon by the sponsors based on business results at end of each calendar year.

 

9. Certificate – You will receive a frame-able certificate that validates your board title and the industry that you have served.

 

 

Additional Information Regarding Board Responsibilities and Board Member Duties

 

The Global Audit Advisory (GAA)

The Global Audit Advisory (GAA) is an AuditNet-sponsored governing board that represents the needs of a particular industry. It is made up of individuals who hold the title of Industry Managing Director. The organization’s focus is on oversight and guidance regarding the categories of GRC requirements that will be pursued by AuditNet.org and partners. GAA oversight spans a relatively wide set of topics known generally by the acronym, GRC, for Governance Risk and Compliance. The GAA board is international in nature and can be composed of individuals from around the world who are able to converse and write in English.

 

The Global Audit Advisory (GAA) board is made up of Managing Directors for various industries. GAA Managing Directors leverage their audit experience based on their own legal jurisdiction (country) and former job experiences. The business objective is to enable GAA Managing Directors to collaborate with their peers on top GRC needs, regulations, rules and laws relating to their industry. Over time and as we identify appropriate candidates, GAA’s will be spun off to focus their efforts solely on a specific industry.

 

Each Managing Director will have participated in the role of Industry Director of the Change Control Board (ICCB) for at least 1 year prior to becoming a Managing Director for an industry. This requirement will be optional during the formation and start-up period of the initial industries. The start-up period will run from 2009 – 2012.

 

Vision of the GAA – The Global Audit Advisory (GAA) board provides industry leadership in the area of Governance Risk Compliance (GRC) requirements management. GRC is a broad market segment that  includes finance, accounting, security, internal / external  audit management, human resources, legal, and many other functions. The GAA board will provide guidance, direction, and oversight to drive the improvement of the GRC requirements content for the target industry. Specifically, the board will make decisions that define the overall topical content that forms the industry’s global GRC requirements baseline. All subscribers from the target industry will be able to access these GRC requirements as a benefit in helping organizations nail down the details of Audit Work Programs (AWPs).

 

The GAA Board also provides industry leadership by understanding and promoting the importance of requirements management in sustaining compliance and for building a strong governance infrastructure. Board members are expected to apply requirements management within their organization and recommend this work discipline as a best practice (see note below).

 

Mission of the GAA – The Industry Managing Directors that make up the Industry’s Global Audit Advisory (GAA) guide the creation and validation of the topical categories and sub-categories that make up the industry’s Audit Work Program (AWP) taxonomy. The industry’s GRC taxonomy is composed of GRC requirements. The GAA provides advice and guidance on the addition of new requirements categories as needed to address changing standards, regulatory mandates, laws, and best practices within the industry.

 

Goals of the GAA – Manage the taxonomy (a list of categories and sub-categories) that forms the GRC requirements baseline for a designated industry or industry group (e.g. pharmaceutical / biotech).

 

Business Objectives of the GAA

• Ensure that the scope of GRC requirements taxonomy is regularly assessed for new or outmoded requirements categories.
• Help to identify source documents that provide requirements direction.
• Identify other sources of existing requirements (e.g. individuals, organizations, etc.)
• Provide industry spokesperson services.
• Recruitment of Additional Managing Directors including qualification assessment and voting

 

Note: Requirements management has been identified in the newly emerging best practice framework of CMMI-For-Services (CMMI-CVS). CMMI-CVS has been developed and is owned and distributed by Carnegie Mellon University’s SEI organization. AuditNet and RuleSphere have no commercial interest in this framework except for the guidance that is provided to service organizations in audit and other functions. We recommend requirements management, change management and process automation and will be aligning our Software-as-a-Service platforms with work practices that help business excellence. AuditNet and RuleSphere recommend that your organization explore the CMMI-For-Services framework and contact CMU SEI for licensing information.

 

 

Industry Change Control Board (ICCB)

The Industry Change Control Board (ICCB) is an AuditNet-sponsored governing board that represents the needs of a particular industry. It is made up of individuals who hold the title of GRC Industry Change Control Director. The organization’s focus is on oversight and guidance regarding the Governance Risk Compliance (GRC) requirements content that makes up the audit work programs (AWPs). The ICCB is international in nature and can be composed of individuals from around the world who are able to converse and write in English.

 

Based on subscriber and ICCB-initiated change requests, the ICC board members approve, reject, or shelve (defer) change requests. They approved changes to the requirements content are then made through the services of RuleSphere.

 

Vision of ICCB

The Industry Change Control Board (ICCB) provides industry leadership by helping to manage and oversee the GRC requirements content. The ICCB controls all changes to the GRC requirements content for a particular industry and at a detailed level.

 

Work with the Global Audit Advisory (GAA) to produce an improved taxonomy (set of categories and sub-categories of requirement topics) to increase the breath of requirements coverage in order to meet the ever-evolving standards, best practices. laws, and regulations of the industry.

 

Mission of ICCB

Define the direction of an “industry requirements baseline” (i.e. controlled requirements content) for a designated industry of industry grouping (e.g. pharmaceutical / Biotech). The requirements baseline relates to a global perspective of requirements content falling into Governance Risk Compliance (GRC) markets.

 

The Industry Change Control Board, or ICCB, is the governing board that recommends the requirements content baseline. The requirements baseline provides a valuable set of GRC requirements that can be used by auditors, finance, accounting and many other enterprise functions. The baseline serves as a useful starting point for more detailed requirements work by the subscribing organizations of AuditNet’s Audit Work Programs (AWPs). The ICCB board acts as an oversight and recommending body for the requirements baseline and does not, in any way, guarantee, enforce, or legislate compliance of specific companies or subscribers to AudtitNet services.

 

Goals of ICCB

§         Manage the requirements change (submission and approval) process.

§         Based on board assessment and discussions the ICCB then decides how to best handle the GRC requirement change request.

§         Voting is conducted by the board to approve, reject, or defer a change request.

§         Controlled changes are then made to the requirements baseline by RuleSphere based on the approved changes specified by the ICCB.

 

Business Objectives of ICCB

§         Direct and oversee the GRC requirement change process for a designated industry.

§         Work with your Industry Director peers on the Industry Change Control board to receive, analyze, and vote on GRC requirement change requests.

§         Guide RuleSphere’s role in GRC requirements administration.

§         When analyzing change requests, the board will determine if a Request-For-Change (RFC) should be approved, rejected or shelved until more is known about the request-for-change.

§         Provide approval to RuleSphere to make controlled changes to the requirements based on subscriber change requests that are approved.

 

 

 

---