Connect with Us

About Us

The Decision Factor offers insightful comments and observations on analytics—from views on new technology approaches and market dynamics to the latest industry trends driving demand for faster, smarter information analysis. This blog contains personal views, thoughts, and opinions from SAP employees, mentors, and friends working in the area of analytics. It’s not endorsed by SAP nor does it constitute an official communication of SAP.


Myths in Risk Management: Control Effectiveness

Myths in Risk Management: Control Effectiveness

In my last blog, Control Effectiveness—Is the Glass Half Empty?, I examined how control effectiveness is often measured incompletely and inaccurately. Let’s look at what we learned and discuss a better way to determine effectiveness.

There are three lessons we can learn about making conclusions on control effectiveness:

Controls’ effectiveness can’t be measured against “control objectives”. Control effectiveness can only be measured against the broader, business (or in the examples, community and therapeutic) objectives. (Most of the major corporate failures we have seen in the financial crisis have rated …

Myths in Risk Management: Control Effectiveness — Is the Glass Half Empty?

Myths in Risk Management: Control Effectiveness -- Is the Glass Half Empty?

Control effectiveness opinions are what we expect from auditors. But what does a control effectiveness opinion really tell us?

None of us would conclude a glass is half full without knowing how big the glass actually is. The amount of liquid currently in a glass doesn’t tell you anything unless you know how much liquid the glass will hold.

Similarly, control effectiveness opinions are often based on knowing only half the facts. Many, if not most, of the major corporate failures we have experienced have happened to companies whose external auditors reported effective internal controls. What was missing?

Seeing the …

Prosecuting Wall Street: Uncomfortable Truths about Fraudulent Financial Reporting

In 2010, the Committee of Sponsoring Organizations (COSO) published a research study, “Fraudulent Financial Reporting: 1998-2007,” to provide a comprehensive analysis of fraudulent financial reporting occurrences investigated by the U.S. Securities and Exchange Commission (SEC) between January 1998 and December 2007.

The instances of fraudulent financial reporting analyzed in the report straddled the implementation of Sarbanes Oxley and preceded the massive failures of some of the nation’s largest and most prestigious financial institutions.

A Couple of Findings

The most common fraud technique involved improper revenue …