1. Prepare and Plan:
Review future state process flows
- Identify compliance drivers or audit requirements
- Identify future state business process risks and control points
- Identify control objectives and control techniques
2. Conduct control design workshop
with business IT
- Confirm business process risks and control points
- Confirm control objectives and control activities
- Identify additional control requirementsDetermine next steps/action plan for controls testing
3. Post Workshop
- Conduct working sessions to review controls framework with business
- Socialize deliverables with key stakeholders
- Develop controls test scripts to perform controls testing
- Complete fit gap requirement analysis
4. Complete control design
Test/validate : automated controls during Testing Cycles
- Finalize and obtain approval for controls fit/gaps
