How Winshuttle Supports Audits and 3 Lines of Defense in Finance

By Winshuttle Staff Blogger on Nov 9, 2016

If you have a palate for change, you must be inclined to make change for the better.  A financial audit is subject to continuous change and in the realm of SAP, this can be particularly challenging. Internal audits have a key role in the corporate governance structure to provide assurance on managing risks. To ensure the effectiveness of risk management, your management team needs to be able to rely on adequate line functions – including monitoring and assurance functions around the efficacy of operations and controls reporting within the organization.

Audits Assessment Results Statgist Strategize Concept

An audit provides assurance that these monitors and controls exist and are being adhered to. The ‘Three Lines of Defense’ model is a way of explaining the relationship between these functions, and serves as a guide to how responsibilities should be divided.

The first line of defense is management controls and internal control measures. The second line is the scrutiny, oversight and review of business activities by personnel like controllers, systems security, risk assessors, quality managers, inspectors or compliance officials. Some of these functions are merged with audit functions in smaller organizations, but in an ideal world, an audit is the third line of defense.

As the third line of defense, internal audits (and the internal audit function) review activities of the business in relation to the first line of defined controls and measures, against the proof of inspection by the second line of defense. They then report findings and recommendations to senior management and any relevant governing body or audit committee. The 3rd line provides an independent perspective and challenge to work practices which strengthen the organization’s ability to report accurately and manage risk around systems and controls. Additional lines of defense include external audits and regulatory scrutiny – however these are outside the control of the organization.

A model for the three lines of defense

Winshuttle assists the third line of defense by providing reporting mechanisms within both the Studio and Foundation products, with governance capabilities to help provide insight into how Winshuttle is used in conjunction with Excel and SAP or Forms with Workflow and SAP.

WS-Whitepaper-imageLearn more about how Winshuttle can assist with Audit and Compliance challenges when working with SAP systems by reading this whitepaper.


About the author

Staff Blogger

The Winshuttle blog is written by professional thought leaders who are dedicated to providing content on a variety of topics, including industry news, best practices, software updates, continued education, tips and techniques, and much more.

Questions or comments about this article?

Tweet @Winshuttle to continue the conversation!