Connect with Us

About Us

The Decision Factor offers insightful comments and observations on analytics—from views on new technology approaches and market dynamics to the latest industry trends driving demand for faster, smarter information analysis. This blog contains personal views, thoughts, and opinions from SAP employees, mentors, and friends working in the area of analytics. It’s not endorsed by SAP nor does it constitute an official communication of SAP.

Archives

Part Two: Auditing on an iPad – Really??

Integrated Business Planning -- the Inevitable Journey for Finance

In my last blog, I discussed the advantages of leveraging mobility to improve the effectiveness of managing the audit process, considering the opportunities for improved professionalism, ease of evidence capture, improved work paper management, and improved auditor engagement.

In this blog, I’d like to consider the ways that audit databases can be used to improve the effectiveness of audit planning and to help with critical research during an audit project.

Audit work papers can be stored on laptop hard drives, on shared drives, or within various document management systems.

Of course, we all understand the professional and …

Auditing on an iPad – Really?

http://www.dreamstime.com/stock-photography-holding-tablet-computer-her-hand-woman-image32840612

I’m sure you don’t need me to point this out—but we’re all accustomed to wandering around with a plethora of mobile devices, including tablets and phones. And yes, they come in very handy—getting directions to an offsite meeting, locating a restaurant, booking tickets for a show, clearing e-mail on the fly.

But have you noticed that increasingly, as we use these devices more, our expectations for what we can do on a mobile device are increasing? We have less tolerance for websites (and the brand behind them!) that don’t work well on our mobile device. And, increasingly, we find …

Self-Service BI: Let Your Users Lead but Keep an Eye on Them

http://www.dreamstime.com/stock-photos-child-climbing-fence-trying-to-climb-sport-playground-image37914103

When I take my little boy for a stroll in the park, I like observing how small, growing children interact with adults. You can tell the different parenting styles: the protective mum that isolates her children from others, the one who just lets them be but keeps an eye on them at all times, and the one that has no idea where her kids are but relies on the playground fence—she knows they won’t be able to go very far.

Governing self-service business intelligence (BI) is a bit like being a parent of a child that has grown fast …

Dead Rats in Risk Management

http://www.dreamstime.com/royalty-free-stock-photo-dead-mouse-image7220815

It seems that almost every day I read blogs or articles in professional journals lamenting the fact that business executives aren’t supporting risk management initiatives in their business or not consuming the reports and conclusions of their risk management professionals.

In addition, we see evidence regularly in the press that risk management is failing and that catastrophic and harmful losses persist. There’s a reason for this. Risk management practices embrace beliefs and methodologies that create apparently” profound reports—but instead it’s ponderous and essentially useless information. It results in inert, albeit attention grabbing, charts and graphs.

I call them dead …

Dead Rats and GRC

Dead Rats and GRC

GRC Quiz:

Please select the best answer:

1. A flight attendant in a commercial airliner notices smoke coming from the stove in the rear galley. He is trained to:

a. Immediately contact the pilot and report a “material weakness” in the smoke detection system.

b. Immediately contact the pilot and report smoke coming from the stove in the galley.

2. You are awoken in your home in the middle of the night by the sound of intruders. You should:

a. Immediately call the police and report a “key risk indicator.”

b. Immediately …

GRC Strategy Quadrant: Understanding Type D Risks

GRC Strategy Quadrant: Understanding Type D Risks

A Better Way to Classify Risks

There’s nothing new about classifying risks by category – strategic risk, operational risk, and so on. But I’m suggesting the strategy for managing risks is dramatically different for each section of the quadrant. And we make mistakes when we use a response strategy that doesn’t match the risk type.

In my previous blogs, I illustrated the GRC Strategy Quadrant, which classifies risks based on the risk “appetite” of the business and the perceived risk level, and I explained Type A, Type B and Type C

Misunderstanding Risk and Controls

Misunderstanding Risk and Controls

Time and again I hear that risk management is seen as something that is required by the regulators, perhaps by the board or top management, but is not seen as something that helps individual managers succeed.

Time and again I hear that boards are not receiving the information they need to know whether the risks to the organization’s strategies are managed appropriately.

Time and again I hear of organizations that are satisfied (i.e., complacent) with the periodic management of a list of significant risks — as if risks are somehow less dynamic than the business environment.

Time and again I …

GRC Strategy Quadrant: Understanding Type C Risks

Misunderstanding Risk and Controls

A Better Way to Classify Risks

There’s nothing new about classifying risks by category – strategic risk, operational risk, and so on. But I’m suggesting the strategy for managing risks is dramatically different for each quadrant. And we make mistakes when we use a response strategy that doesn’t match the risk type.

In my previous blogs, I illustrated the GRC Strategy Quadrant, which classifies risks based on the risk “appetite” of the business and the perceived risk level, and I explained Type A and Type B Risks in detail.

Today, I’m covering Type C …

GRC Strategy Quadrant: Understanding Type B Risks

GRC Strategy Quadrant: Understanding Type B Risks

In a recent blog, I illustrated a GRC Strategy Quadrant that I think can be used to tailor risk management strategies to different types of risks.

A Better Way To Classify Risks

There’s nothing new about classifying risks by category – strategic risk, operational risk, and so on. But I’m suggesting that the strategy for managing risks is dramatically different for each quadrant. And we make mistakes when we use a response strategy that doesn’t match the risk type.

In last week’s blog, I defined the four types of risks, and explained Type A in detail. …

GRC Strategy Quadrant: Type A Risks Explained

GRC Strategy Quadrant: Type A Risks Explained

In a recent blog , I illustrated a GRC Strategy Quadrant that I think can be used to tailor risk management strategies to different types of risks.

A Better Way To Classify Risks

There’s nothing new about classifying risks by category—strategic risk, operational risk, and so on. But I’m suggesting that the strategy for managing risks is dramatically different for each quadrant.

The quadrant classifies risks based on the risk “appetite” of the business and the perceived risk level. I will illustrate my points over the next few blogs, starting with Type A risks today.