Upload
mricky
View
1.322
Download
2
Embed Size (px)
DESCRIPTION
Citation preview
QAD Enterprise Solutions &
Global Corporate Governance
Maryann Hafner / Solution EngineerMarch 2004
Globalization
Corporate Governance
Corporate Governance
Corporate Governance
What is it?Operating a business organization in
compliance with all government and agency laws and regulations
Focus now on principle-based vs. historical rules-based for accounting and disclosure
Overarching goal of
performance with integrity
Corporate Governance
Principles: current global regulations
Context: ERP application relevance
Support: QAD enterprise solutions
global Corporate Governance
1.Sarbanes-Oxley Act of 2002 (SOX)– Adopted by USA and associated Global Operations
2. International Financial Reporting Standards
(IFRS) International Accounting Standards (IAS) 2005– Adopted by European Union (EU), Australia, Hong Kong,
Korea, Malaysia, Singapore, Canada, China, Russia-pending, global movement in EEA, Iceland and Norway…mandatory and optional
regulatory compliance
SOX vs. IFRS
IFRS Driving Purpose Directly remove barriers to cross-border trading
– single capital market. Uniform reporting standard to provide internationally comparable financial & non-financial information on which to base economic decisions
SOX Driving Purpose Legislatively demand corporate responsibility
and accountability from corporate executives to all stakeholders in order to restore investor confidence.
It’s about…
integrity of operations transparency of
disclosure
accountability for
accuracy
Sarbanes Oxley Act of 2002
sox
Corporate Governance in US
1.Sarbanes-Oxley Act of
2002 (SOA, SOX, Sarbox…) Compliance Deadlines: (varying)
– 404 - Fiscal Year ending on or after June 15, 2004 > $75M Fiscal Year ending on or after June 15, 2005 < $75M
Primary Initiatives: (Business Systems)1. Disclosure of internal business controls
& processes2. Accelerated Reporting Deadlines3. Exec Certification - personal liability for
accuracy 4. Rapid Disclosures of material events
Sarbanes-Oxley Act Section 302Mandates CEO and CFO
personal certification of financial statements and filings including personal review, does not contain untrue information, responsibility, design and assessment of effectiveness of disclosure controls and procedures in place – disclosure of weaknesses to auditors and audit committee.
Section 906 Mandates CEO and CFO
personal certification ensuring 10-K’s, 10-Q’s, annual reports as well as periodic reports containing financial information complies with Sarbanes-Oxley/1934 Act, represents an accurate representation of the firm’s financial condition.
Section 404Requires annual filing of internal
control evaluation report, whereby, companies are required to document existing controls that have bearing on financial reporting, test them for effectiveness, report gaps and deficiencies. Must establish and maintain internal controls that conform to standards for financial reporting (e.g.,COSO Framework). External auditor attestation.
Section 409 Requires disclosure to public
information on a “rapid and current basis” of material changes to the firm’s financial condition or operations.
Sarbanes-Oxley Timeline Section 404 Internal Control Activity Phasing
Phase I – Discovery & Documentation NOW
Phase II - Gap Analysis FY04 Audits
Phase III – Remedial Action 2004 - 2006
Phase IV – Monitor FOREVER
SOX Internal Control Timeline
Internal Control…
What is it? A process, effected by an entity’s board of
directors, management and other personnel designed to provide reasonable assurance regarding the achievement of objectives in the following categories– Effectiveness and efficiency of operations– Reliability of financial reporting– Compliance with applicable laws & regulations
- as defined by COSO
Enterprise Risk Management
It means Internal Control… …is a process. It is a means to an end, not an end in
itself. …is effected by people. It’s not merely policy
manuals and forms, but people at every level of an organization.
…can be expected to provide only reasonable assurance, not absolute assurance, to an entity’s management and board.
…is geared to the achievement of objectives in one or more separate but overlapping categories.
Internal Control:COSO Framework
for Enterprise Risk Management
•Operations
•Financial Reporting
•Compliance
•Activities
•Business Unit
•Divisions
•Enterprise
MONITORING
INFORMATION AND COMMUNICATION
CONTROL ACTIVITIES
RISK ASSESSMENT
CONTROL ENVIRONMENT
UN
IT A
UN
IT B
AC
TIV
ITY
1
AC
TIV
ITY
2A
CT
IVIT
Y 3
Evaluating Internal Control: 3
DimensionsConsists of 2 points of focus1. Entity level 2. Activity (process) level
Consists of 3 objectives:1. Effectiveness and efficiency of operations (safeguarding of
assets)
2. Reliability of financial reporting 3. Compliance with applicable laws and regulations
Consists of 5 components:1. Control environment2. Risk assessment3. Control activities4. Information and Communication5. Monitoring
Internal Control is
unique to an organization
Enterprise risk management is a dynamic process.
No two entities will, or should, apply enterprise risk management in same manner.
Capabilities and needs differ dramatically by industry and size, and by culture and management philosophy…one company's application of the enterprise risk management framework – including the tools and techniques employed and the assignment of roles and responsibilities for enterprise risk management – often will look very different from another COSO Framework
International Financial Reporting Requirements
IFRS
Corporate Governance - GLOBAL2. International Financial Reporting
Standards (IFRS), aka International Accounting Standards (IAS)
Compliance Deadlines:
– European Union by 2005 – HOWEVER must have comparative
financial data for prior years– Various national adoption
• Permitted or not permitted as option• Required for some or all domestic listed
companies
IFRS Initiatives
1. CONSOLIDATIONS - Consistent & comparable Global Financial Reporting
2. TRANSPARANCY - Additional detail disclosure of enterprise wide information, analysis and reporting of business by segment
3. MEASUREMENT for assets & liabilities - Valuation and Recognition
4. Harmonized PERFORMANCE measurement
5. MOVE from national GAAP to IFRS
Rules-based
Principle-based Accounting & Disclosure
Regulated Corporate Governance
Software Applications Compliance Support
Gartner….Sarbanes-Oxley does not regulate
technology; however, using technology effectively can reduce the cost, time and risk of an enterprise’s compliance activities.
Although Sarbanes-Oxley doesn’t directly regulate information technology, IT is the backbone of the financial processes that the law regulates
AMR Research 2003
compliance support
Software Tools & Systems1.ERP (manufacturing, distribution, accounting…)
2. Best-of-breed financial (revenue management…)
3. Business Process Management4. Risk and Reporting Management5. Business Performance Management -
Analytics/BI6. Document and Records Management 7. Compliance Management – documentation &
analysis
8. Auditor Tools9. Basic IT system infrastructure/Security Mgmt10.Basic IT system infrastructure/Collaboration
(e-mail, storage and tracking)
compliance support
and Enterprise Corporate Responsibility
An ERP application/system can…– provide automated process controls and
tools that enable an enterprise to be able to support compliance
An ERP application/system does not…– make an enterprise compliant
An ERP application/system is not…– “compliant” in and of itself
Global internal visibility Global external transparency & comparability Harmonized data and reporting Consistent “real-time” performance disclosure Systematized/documented internal control Systematized/documented event workflow “Real-Time” alert event notification Audit Dashboards,“Electronic Audit Committees” Integrated disparate systems Centralized shared business processes
technology-enabled accountability
Internal Control:COSO Framework
for Enterprise Risk Management
•Operations
•Financial Reporting
•Compliance
•Activities
•Business Unit
•Divisions
•Enterprise
MONITORING
INFORMATION AND COMMUNICATION
CONTROL ACTIVITIES
RISK ASSESSMENT
CONTROL ENVIRONMENT
UN
IT A
UN
IT B
AC
TIV
ITY
1
AC
TIV
ITY
2A
CT
IVIT
Y 3
ERPSuppo
rt
IC ComplianceSupportOperations Internal Control Related
System Security Process Security Information Security–validation, completeness, integrity,
authorization Communication Security - documents, consolidation Process Automation and Maps – enterprise standard/consistent Process Workflow – authorizations and approvals Enterprise Operations Visibility –inventory, credit, performance Process/Controls Monitoring – manufacturing, distribution,
admin Enterprise Scorecard analysis – KPIs strategic objectives Close Process - signoff, consolidation, reconciliation, speed,
visibility Event / Exception Alerts – initiate remedial action/disclosure
ERP
IC ComplianceSupportReporting Internal Control Related
Data Harmonization Disparate systems Integration Financial Results – consolidations, XBRL, accelerated Audit - internal and external Operations process/performance monitoring Intermediary financial performance real-time monitoring Integration with non-financial Information Secure Collaboration
ERP
IC ComplianceSupportCompliance Internal Control Related
Reduced reconciliation, consolidation, close time Accelerated period-end results & reports publication Faster access to repeatable and meaningful
information for Alerts and KPIs for potential “material event”
occurrences
ERP
QAD Enterprise Applications
Compliance Support
QAD
Compliance Support Architecture
People
SystemsProcesses
Design toObsolescen
ce
Requisition To Pay
Service & Support
Plan & Fulfill
Plan &
Execute
Quote To Cash
Financial Reporting
BI Ale
rts
Secu
rity
A
udit
Tra
ils
Tra
ceabilit
y
Valid
atio
n Docu
ment M
anagem
ent
eSig
natu
res
Work Flow
XBRL
Financial Transparenc
y
Financial Accountability
Financial Integrity
Consolidation
Business Processes
Financial Shared Services
QAD Financial Compliance
Support GoalsFinancial Business Process Cycles
(BPC)– Increase enterprise visibility– Increase data integrity– Increase process integrity– Reduce reconciliation/close time– Raise security– Automate manual processes– Enhance auditibility/traceability– Deliver enterprise key information– Capture required transaction information
compliance support Activities
QAD product business process Controls/Security Utilization Customer Assessment program (QScan)
QAD product security and controls utilization customer training
QAD current and imminent product launches supporting data and process integrity and security
QAD base-product enhancements regarding business data and process security, internal control, analytics and reporting
QAD new product development regarding enterprise internal control, visibility, data rationalization, shared services, analytics, alerts and reporting
“Co-partner” for complementary compliance support software
QAD Global Services to address organizational unique system requirements
compliance support
New QAD Product/Feature ReleaseseB2 – Financial Enhancements
– Logistics Accounting • Control liabilities and variances on logistics charges
– Extended Account Structure• Additional reporting and analysis capability
– Linked Site Costing• Eliminate costly copy processes• Removes the need for redundant data at distribution sites
– Purchase & Work Order Accounting• Associate purchasing and AP variance accounts by product line,
site and supplier type• Maintain work order accounts by product line and site
– Multi-Entity Accounting• Visibility of inter-company accounts by entity• Use shared services for Account Payable with a database
compliance support
New QAD Product/Feature ReleaseseB2.1 Shared Services Domain
Provides new infrastructure support for enterprise transparency
One DB with Multiple Base Currencies and Chart of Accounts
One DB with Centralized IT admin control & standardization Enhanced business unit & user security Shared Services foundation for process standardization Enhanced GL consolidation foundation and features GL enterprise consolidation within DB - no export needed Enhanced GL transaction drill-down within database Enterprise centralization with flexible business unit
operation autonomy
MFG/PRO eB2.1 Shared Services Domain Solution
Plant 1Plant 1
Plant 1Logical Partition
by Domain
ERPDatabase
Single MFG/PRO eB2.1 Shared Services Domain Database
Plant 2Plant 2
Plant 2Logical Partition
by Domain
ERPDatabase
Plant 3Plant 3
Plant 3Logical Partition
by Domain
ERPDatabase
EnterpriseG/LReporting
EnterpriseG/LReporting
eB2.1 Shared Services DomainBusiness Unit Operations & GL Consolidation
Plant 1Logical Partition
by Domain
Plant 2Logical Partition
by Domain
Plant 3Logical Partition
by Domain
Plant 4Logical Partition
by Domain
ENTERPRISELogical Partition
by Domain
GL Consolidation GL Consolidation
eB2.1 Shared Services Domain GL Entity Consolidation
Entity 1000Domain A
EUR
Entity 2000Domain B
SFR
Entity 3000Domain C
GBP
Entity 4000Domain D
MXP
Entity 5000Domain E
CND
Entity 6000 Domain F
USD
Entity 9001Domain G
EUR
Entity 9002 Domain H
USD
Entity 9999Domain I
USD
Consolidation
Consolidation
Consolidation
eB2.1 Shared Services DomainGL Consolidation Drill-Down
During consolidation cross-reference records are created, linking source transaction to consolidation record
Drill-down functions are available, allowing drill-down from consolidation to detail records in other domains
DomainUser Security
In User Maintenance:
Defines the Domains to which a user can have access
Which Domain is the primary Domain (the one to which a user logs in by default.)
The Security Groups to which a user belongs for each domain -determines menu functions to which he/she will have access for a specific domain.
General Security Enhancements Enhanced Password Complexity & Aging:
– Allows specification of minimum length and amount of numeric/non-numeric signs
– Forcing users to periodically change passwords– Prevention of re-use of passwords
Enhanced User Administration:– Introduction of User Groups (replacement of old security
groups) Enhanced Intrusion Detection:
– E-mail to administrator group– After number of failed login attempts, deactivation of
account– Logon Attempt Report
compliance support
New QAD Product/Feature Releases
compliance support
New QAD Product/Feature ReleasesAdvanced Inventory
Management (AIM)– Enhanced data control and accuracy by
use of automated barcoding and radio-frequency techniques
– Allows decreased inventory carrying costs– Decreased inventory and space
optimization– Inter-warehouse movement traceability
and transaction analysis – Obsolescence risk management
compliance support
New QAD Product/Feature ReleasesAudit Trails
Infrastructure on all QADDB tablesConfigurable by tableSecure, computer generated, time-
stampedRecord date and time of
operator entries actions that create, modify, or delete e-records
Will not obscure previously recorded information
Retention as long as required for subject electronic records
Audit Trails
compliance support
New QAD Product/Feature ReleasesCSS – Customer Self-Service
Customer Self-Service for direct system order capture and visibility
Systematically controlled catalog management
Automated standard order processReduction in administration expense
QAD CSS
compliance support QAD Product Releases
Lean Manufacturing Enhanced Supply Chain transaction data integrity Enhanced performance evaluation Integrated visualization tool Focus on eliminating waste and continuous
improvement Allows decreased inventory, lead times, operating cost Improved demand accuracy Increased agility, quality, floor space
QMobile (Mobile Business) Field Service Transactions – data captured at source
point Increased assurance of data integrity
compliance support
QAD Development ProjectsQXtend - Interoperability Framework
Supply-chain electronic commerce
Unified framework for system and process integration
Provides traceability, authentication, encryption processes
XBRL output: standard financial reporting submittal format
Desktop 3 - Screen Configuration
HiddenFields
DisabledFields
w/ defaults
compliance supportQAD Development Projects
Desktop 3 Business Unit Dashboard/Charting Engine
compliance support
Desktop 3 - Chart Servercompliance support
Desktop 3 - Embedded Process Flow Maps
compliance support
compliance support QAD Development Projects
Business Intelligence (BI) Solution
For company-wide shared reporting and analysis critical to managing an enterprise effectively
Extract from MFG/PRO databases– From multiple sites / functional departments / databases and systems– other SQL databases
Transform Data into Information– Transformation during replication– Provide flexibility through scripting
Load data– Automatically load data into Powerplay Cubes– Distribution of reports, PDF, etc.
Supplier
Customer
Compliance
Manufacturing
QAD BI – Pre-defined Business
Models Sales Analysi
s
Forecasting
VendorRating
FinancialControlling
InventoryMonitoring
ServicePerforman
ce
Manufacturing
Performance
QAD BI - Powerplay Web interface: Sales Analysis Model
compliance support
QAD Development ProjectsDistributed Order Management
global integration and coordination with Local order execution Global standardization and control of customer processes Single point of global access and interface for orders Global enterprise customer and item data harmonization Global aggregated credit risk management and visibility Global consolidated inventory visibility Global visibility of orders/commitments across the enterprise Automated/systematic global enterprise order process Single source of information for enterprise inventory &
customers Sourcing logic for Demand Chain optimization and integrity
Execution / Lean / JIT / EMT / ERP PlanningSingle eB2.1 Shared Services Domain Database
Plant 1 –ChicagoLogical Partition
by Domain
BU 3 –ParisLogical Partition
by Domain
DC 2 –MilanLogical Partition
by Domain
Plant 4 –San PauloLogical Partition
by Domain
Distributed Order Management – Business Rules
Facility 5 – LondonLogical Partition
by Domain
Central Order CAPTURE and VISIBILITY - User Interface
Central Office
QAD Enterprise Solution
Customer
Business and Accounting Software Developers’ Association
UK based, not-for-profit
International standards body
250 plus members
Accounting, Human Resources, Logistics, Manufacturing, Taxation & Web-based applications
Established 1993
Elected General Council Cross IndustryRecognised by OECD, UN, EU, FEE, BoE, DTI, Inland Revenue, HM C&E, HM Treasury, OGC, OeE
BASDA & IFRSBusiness and Accounting Software Developers’ Association
QAD BASDA MembershipBASDA IFRS White Paper
– Software Recommendations
Software Application Vendor ConsortiumBASDA Accreditation Scheme – Q4/04Accreditation Test information/criteria
accessGlobal QAD IFRS analysis of requirements
compliance support
QAD Projects in Analysis/Definition
MFG/PRO Operational ProcessesMFG/PRO Financials ReportingEvent ManagementFinancial Shared Services E-Signatures
accountability
transparency
integrity
Corporate Governance QAD compliance support
Optimal Corporate Performance
Thank You
Maryann HafnerContact: [email protected]