The European Consolidation Board together with the ECBFI work with Large Organisations across Europe with their complex integration plans and Pan European Functions to be able to mitigate risks and working towards IP and brand Protection, read more..
The ECBFI are Partnering with Chief Information Officers, Compliance Officers and Human Resources by overcoming their challenges with benchmarked best practices and legal advice. They also work with Small & Medium Organisations using an automated Software tool.
LARGE ORGANISATIONS WITH 1000 OR MORE STAFF
The ECBFI have consolidated critical components of an effective ethics and compliance program into a single integrated solution:
During the short history of IT, there has been very little focus on controls. IT professionals have been free to do what they thought appropriate in the fast-paced technology environment. In most cases, they focused on delivery (appropriate in a fast-paced business environment) without considering internal controls, standards, or effective development and deployment practices. But the days of freelance development and deployment are gone.
IT professionals, whether they like it or not, are now subject to numerous audits (both internal and external), with a focus on IT internal controls.
The challenge is to continue performing as a value-driven organization while complying with regulatory oversight, knowing that the business will continue to be relentless in its demand for technology.
The ECBFI professionals make a decision on how to deal with the compliance requirements and paranoia while adding value to the organisation.
The approach being taken at Employers Insurance Company is centered on incorporating the Control Objectives for Information and related Technology (COBIT) processes that bring the greatest value to IT along with satisfying the compliance requirements associated with the IT process. The following example of change management illustrates this.
The ECBFI point out that a typical change management audit entails the random selection of change requests (if they are available) and producing all the supporting chain-of-evidence documentation that shows (at a minimum) sponsor approval, testing sign-off, migration to production approvals and post implementation acceptance.