How COBIT helps you achieve SOX Compliance

First released way back in 1996, COBIT has already been around for quite a while. One reason why it never took off was because companies were never compelled to use it ? until now. Today, many CEOs and CIOs are finding it to be a vital tool for achieving SOX compliance in IT.

Thanks to SOX, COBIT (Control Objectives for Information and related Technology) is now one of the most widely accepted source of guidance among companies who have IT integrated with their accounting/financial systems. It has also gained general acceptability with third parties and regulators. But how did this happen?

Role of control frameworks in SOX compliance

You see, the Sarbanes-Oxley Act, despite having clearly manifested the urgency of establishing effective internal controls, does not provide a road map for you to follow nor does it specify a yardstick to help you determine whether an acceptable mileage in the right direction has already been achieved.

In other words, if you were a CIO and you wanted to find guidance on what steps you had to take to achieve compliance, you wouldn’t be able to find the answers in the legislation itself.

That can be a big problem. Two of your main SOX compliance obligations as a CEO or CIO is to assume responsibility in establishing internal controls over financial reporting and to certify their effectiveness. After that, the external auditors are supposed to attest to your assertions. Obviously, there has to be a well-defined basis before you can make such assertions and auditors can attest to anything.

In the language of auditors, this ?well-defined basis? is known as a control framework. Simply put, once you certify the presence of adequate internal controls in your organisation, the external auditor will ask, ?What control framework did you use??

Knowing what control framework you employed will help external auditors determine how to proceed with their evaluations and tests. For your part, a control framework can serve as a guide to help you work towards specific objectives for achieving compliance. Both of you can use it as a common reference point before drawing any conclusions regarding your controls.

But there are many control frameworks out there. What should you use?

How SOX, COSO, and COBIT fit together

Fortunately, despite SOX?s silence regarding control frameworks, you aren’t left entirely to your own devices. You could actually take a hint from the SEC and PCAOB, two of the lead organisations responsible for implementing SOX. SEC and PCAOB point to the adoption of any widely accepted control framework.

In this regard, they both highly endorse COSO, a well-established internal control framework formulated by the Committee of Sponsoring Organisations of the Treadway Commission (COSO). Now, I must tell you, if you’re looking specifically for instructions pertaining to IT controls, you won’t find those in COSO either.

Although COSO is the most established control framework for enterprise governance and risk management you’ll ever find (and in fact, it’s what we recommend for your general accounting processes), it lacks many IT-related details. What is therefore needed for your IT processes is a framework that, in addition to being highly aligned with COSO, also provides more detailed considerations for IT.

This is where COBIT fits the bill.

How COBIT can contribute to your regulatory compliance endeavors

COBIT builds upon and adheres with COSO while providing a finer grain of detail focused on IT. You can even find a mapping between COBIT IT processes and COSO components within the COBIT document itself.

Designed with regulatory compliance in mind, COBIT lays down a clear path for developing policies and good practice for IT control, thus enabling you to bridge the gap between control requirements, technical issues, and business risks.

Some of the components you’ll find in COBIT include:

IT control objectives

These are statements defining specific desired results that, as a whole, characterise a well-managed IT process. They come in two forms for each COBIT-defined IT process: a high-level control objective and a number of detailed control objectives. These objectives will enable you to have a sense of direction by telling you exactly what you need to aim for.

Maturity models

These are used as benchmarks that give you a relative measurement stating where your level of management or control over an IT process or high-level control objective stands. It serves as a basis for setting as-is and to-be positions and enables support for gap analysis, which determines what needs to be done to achieve a chosen level. Basically, if a control objective points you to a direction, then its corresponding maturity model tells you how far in that direction you’ve gone.

RACI charts

These charts tell you who (e.g. CEO, CFO, Head of Operations, Head of IT Administration) should be Responsible, Accountable, Consulted, and Informed for each activity.

Goals and Metrics

These are sets of goals along with the corresponding metrics that allow you to measure against those goals. Goals and metrics are defined in three levels: IT goals and metrics, which define what business expects from IT; process goals and metrics, which define what the IT process should deliver to support It’s objectives; and activity goals and metrics, which measure how well the process is performing.

In addition to those, you’ll also find mappings of each process to the information criteria involved, IT resources that need to be leveraged, and the governance focus areas that are affected.

Everything is presented in a logical and manageable structure, so that you can easily draw connections between IT processes and business goals, which will in turn help you decide what appropriate governance and control is needed. Ultimately, COBIT can equip you with the right tools to maintain a cost-benefit balance as you work towards achieving SOX compliance.

Check our similar posts

UK Hauliers Pull Together on ESOS

ESOS is what UK business needed, to encourage it to become more responsible for the environmental consequences of making money. Government has met with industry leaders to hammer out the finer details. Now there are heartening signs of intra-industry collaboration, for the example the FTA approach we discuss here.

The Freight Transport Association (FTA) is one of the UK?s biggest trade associations, and exists to represent the interests of companies moving goods by air, rail, sea and road. It is their representative at national, European and local level that advises them on legal compliance. In February 2015, it announced plans to help the industry comply with ESOS too.

The association has been active since the announcement of the UK?s Energy Saving Opportunity Scheme. It has engaged with government and membership through the portal of its Logistics Carbon Reduction Scheme (LCRS). The Environment Agency has singled this out as a benchmark other industries could follow.

FTA general manager for consultancy and tendering Karen Packham recently said, ?With our highly experienced and fully qualified team of transport auditors ?the FTA is best placed to offer practical advice and is able to provide specialist audits to ensure members are fully compliant ? and will gain all the benefits that the scheme has to offer.?

These co-audits with Environment Agency specialists advising, will focus on the full range of operational and supporting activities, and ensure that all haulage companies with over 250 employees do the following:

Assess energy use across their full spread of buildings, transport media and industrial activity

Examine energy-intensive pressure points and identify savings opportunities that provide financial benefit

Nominate an ESOS person to conduct future audits, or oversee and approve them independently

Report to the Environment Agency as scheme administrator per statutory intervals

Ecovaro has energy management software that turns metrics into high-level information that busy people understand. Give us a call if you are puzzling how best to present your data. We believe two heads can achieve so much more together.

7 Challenges Facing Mobile Field Service ? And Overcoming them with FSM Solutions

Managing a mobile workforce comes with its set of challenges. There are multiple coordination levels, administrative hurdles when distributing tasks amongst your employees, the need to meet your customers? expectations, whilst still operating profitably. Your goal is to rake in more revenue, while striking a balance between the number of employees and the quality of the service being rendered. Under utilisation of the company resources may be misinterpreted to mean that you need more employees- which will affect your bottom line. Repeat visits with older jobs affect the response time for new client appointments. Clients get frustrated when their needs are not met on time. Remember that, for your client, their priority is getting their issue sorted- be it that pipe leak, electrical fault, damaged gas valve, or window installation completed on time. Administrative challenges on your end will simply come off as excuses, costing your brand dearly. The different fields share similar challenges- from utility firms, pest control, installation and repair services such as with plumbers and electricians, those running residential and commercial window cleaning companies, to property managers in charge of different buildings. Here are some of the obstacles faced:

1. Coordinating your team

Running things from the office can get hectic when your technicians are out on ground, and clients are at different locations. From appointments being delayed because the workers met traffic on their way, those calling in sick and requiring you to find replacements on short notice, clients who cancel appointments without notice- they all present a logistical nightmare. There is also the need to have a skill-based task distribution in place. Here, the focus is on getting the right technician for the job, not someone who has simply “dealt with it before as they helped their colleagues on a similar job“. With your firm having different personnel, you want to ensure that you spend the most appropriate technician to your client. This also aids the employees themselves, by increasing their morale as they will be dealing with tasks that they are particularly adept at, score you a high first-time fix rate, and avoid having to do follow up visits to resolve issues that were not properly addressed the first time round.

Capterra undertook a field service software survey, which showed that 82% of organisations adopting FSM solutions saw an increased rate of first-time fixes, and a 90% rise in actual conversations from quotes.

How field service job management software impacts businesses. Source: Capterra

Follow-ups tend to cost extra with the additional dispatch, and take away your fiend agents from the work that had been scheduled to be handled. Resolving these logistical issues with traditional approaches can be problematic, especially with all the paperwork involved. In fact, let’s delve into that.

2. Mounds of paperwork

Having loads of data streaming in from your field workforce can put one on edge. Organising the documents, creating the spreadsheets and typing away at calculators, sorting the files in cabinets and the stress that comes when a single file appears lost in the heaps of sheets – it creates a bottleneck for your operations. Manually handling the data at the central office also compromises on the accuracy of the process due to human error, from syntax issues when transferring information, incorrect inputs, to duplicate errors- which is expected to occur with increased frequency due to the tiring nature of the process. Actually, 46% of the respondents surveyed by the Service Council said that paperwork and admin work was the worst part of their day.

The field worker is also affected by the paperwork. From having to come to the office each morning to collect the documents needed for the day, walking with the bulky files from one site to another, perusing through lots of sheets whenever they want mire information about a particular customer or the job description- and the frustration that comes when some documents have been forgotten back at the office- it hampers productivity. Running out of copies of paper will also be unavoidable when your staff are away from the office- and more time will be spent coming back to restock. There are also additional issues like the forms getting soiled or torn, and even the wind blowing them away as your technicians are out in the field. Dealing with the contracts, collecting signatures for each job that is handled, jotting down notes concerning the particular tasks that they are taking care of- it increases the workload. In fact, this often results in errors in data entry, and jobs being poorly documented.

Fortunately, this doesn’t have to be the case for your firm. Technological advancements have seen solutions being developed to minimise the paperwork involved. These mobile service management software allow the field worker to access all the details of the job via handy apps on their smartphones and tablets- as is the case with FieldElite. Instead of walking around with the documents and files, the information is stored via cloud, and is accessible in real-time. The job documentation- from photos, notes to the customer?s e-signature are all collected through the app, and the information is securely stored and immediately available to the personnel back at the head office.

Service analytics- where you get to observe product demand, performance of your workforce and analyse your customer base growth through the dashboard reporting modules that come with the FMS software is a key tool for decision makers of the company. You get to optimise your performance without having to resort to adding more work hours, or pushing your employees into overtime. Field service analytics has been shown to increase profitability for leading companies by 18%, going by the ?Get Smart: Business Intelligence and Analytics for Service Organizations? study done by Aberdeen Group.

3. Scheduling conflicts

First, there are multiple jobs that need to be attended to- and disappointing your clients will lead to backlash. Secondly, you have a large team of workers- and you want to optimise on their productivity at an individual level. From an administrative perspective, you are also required to provide proper work structures that incorporate your employees? safety during the jobs being handled- and not to run them like mules, overworking them in a bid to hit your targets. Thirdly, the workers have different individual hours of operations- or they work in shifts. Running all this from a central point, allocating the jobs as needed and managing the different schedules, can be a tall order without the right field service scheduling software.

When your customers book an appointment, they expect that your company will deliver on its mandate, providing the services that they are paying you for as required. On the other hand, as the company, you are relying on your employees to meet those expectations. This means that you should have structures in place to ensure that your field workers stick to their assigned schedules. For this you will need to know their location in real-time, track their performance, and check on their adherence to the set schedules. Working with field service job management software allows you to handle the logistics of every task from one dashboard. By tracking your technicians while they are out in the field, you will be able to allocate orders faster, monitor the incoming customer requests, and manage the task distribution more efficiently. When you have an FSM that allows your workers to coordinate with the head office via mobile app, there will be an increased rate of job completion, and a reduction in overtime. Both your clients and employees get to be happy at the end of the day.

4. Lonely workers

Working in the office has its perks. You are surrounded by your colleagues, and can easily get the attention of anyone in management if needed. However, while out in the field, the workers can feel disconnected from the company structure, left to their devices while still bearing the responsibility of presenting the company in positive light- as they also double up as your brand ambassadors. The loneliness can get to them, with a report by the Service Council showing that isolation was the worst part of the work day for 21% of technicians. The chat feature that comes with the mobile service management software apps is one of the reasons behind their popularity, keeping the employees connected to the rest of the manager at the central office, and even other field employees- which makes them feel as part of one large family.

Safety is also a concern, especially for cases where your field staff will be working in hazardous situations – like conducting repairs on top of radio towers, dealing with gas equipment in concealed spaces. The central office needs to remain in constant communication with the workers, and have the appropriate structures in place to handle emergencies. You don’t want to lose employees because they don’t feel that their safety is a priority to you. A skilled technician is an asset that should be protected- and certainly you wouldn’t want to incur extra funds to hire and train personnel- which will end up being an additional strain to your budget over time. Field service job management software with features that allow your employees to check-in remotely via app will be handy in notifying the head office of their arrival at the job site, and in case of any incident, the field manager can quickly see the employees? last location, and dispatch help to them.

5. Difficulty in assessing performance metrics

When you have a situation where timesheets are only handed in after the workday- and in some cases at the end of the week, it becomes difficult to assess the level of productivity of your field workers. Are you getting value for your money with the wages that are being paid out? Are there lots of lost work hours due to logistical hitches- or cases where the field worker delay the tasks, or take out sections of their day to attend to matters of personal interest- and still bill you for it? All this translates to poor customer service, with issues ranging from cancelled and rescheduled appointments, unmet targets, disagreements based on the scope of work being handled, to client dissatisfaction for not having their issues addressed in a timely manner- which becomes a hit on your brand.

FSM comes in to enable the field service manager to always be in the loop during the entire process- knowing exactly how long the workers are spending on each particular task, the jobs that are pending, cancelled or rescheduled, in order to constantly review and optimise the planning of the firm?s activities. With software like FieldElite, you even get a birds-eye view, as the work areas are mapped out, that way you will be in a position to direct your field workers on aspects like the best routes to take to avoid traffic gridlocks.

6. The break factor

How do you plan for breaks? Jobs are different, and there will be unexpected issues cropping up regularly. However, the field worker is still entitled to breaks during the working day- such as the all-important lunchtime. The problem arises when there is unextended time on some job sites, and cases of unscheduled breaks being taken. These have a ripple effect, as they will cause delays on other projects that are on queue, and you can also expect customer complaints to be coming in hot and hard. From a management point of view, you want to have the ability to respond to the issues as they arise, and reassign the jobs accordingly. Mobile service management software gives you this power.

7. Customer relationship management

Customers want to be part of the process, staying in the loop with the service appointments that have been scheduled- and understandably so. From the booking process, to following up on the progress of the job- it all factors in. In case there are issues that crop up- like service vehicles being delayed, situations where extra parts need to be ordered, or the session cancelled and scheduled on a different day- being fully transparent with your customers will be a great boost to your brand. Gaining new clients and retaining the current ones requires the firm to maintain a quality customer service.

Negative feedback because of your customers? feeling neglected will be a setback for your business. Integrating the customer relationship management into the field service will go a long way in enhancing their experience. Here, software solutions like FieldElite have also got you covered with a customer self-serve portal, accessible online through their browsers. This has the welcome benefit of reducing the number of calls as they conduct follow-ups, since they will be in a position to track the project right from the comfort of their homes and office desks, thus increasing customer satisfaction.

Job & Staff Scheduling with FieldElite Mobile Service Management Software

Field Service Management (FSM) software systems are designed to enable you to manage your mobile workforce from a central point- and do away with the paperwork involved with the process. They connect your technicians on the ground (via app on their phones), to the staff at the head office- who have an interactive dashboard accessed through their browsers. The office team will have access to all the jobs that are to be handled by the company, simplifying the management process and taking away the risks that come with manual data entry. Here, we will walk you through a quick process of scheduling a job for your personnel with FieldElite.

Say you are a HVAC contractor, licensed, bonded and insured. You’ve made quite a name for yourself in the industry, and have a wide range of clients- in both residential and commercial establishments. Consequently, you also have a large workforce to attend to the different situations- from installing to repair and maintenance. One of your clients- let’s call them ABC Computer Supplies, has an issue with their HVAC unit- perhaps a pipe is leaking. It needs to be fixed, and ABC have booked an appointment.? Your goal here is to get one of your personnel to handle the task as soon as possible, and this field service scheduling software comes in handy.

There are two approaches that you can take:

1. Job Scheduling

From your Dashboard, on the left-hand side you will see the menu option. Clicking on Jobs, will take you to all jobs carried out by your company.

The filters will allow you to view different categories of jobs:

Complaint– This means that there was an issue with on ground during the task delivery, and the client lodged a complaint.
On hold– Here, different aspects can cause a job to be paused- like when spare parts or equipment required for repair jobs have been ordered, and one needs to wait for them to be shipped in from a different location.
Pending– This is basically your in-tray, a list of jobs that are to be carried out.
In Progress– The technicians are on the ground, attending to the client’s needs, and you’re getting routine updates from them.
Incomplete– Though the job had been assigned to the required technician, it was not completed in the set amount of time, thus requiring an additional visit to the site. Given that the FSM solution increases the first-time fix rate, cases of ?incomplete tasks? are reduced.
Complete– The task is successfully done and the customer has appended their e-signature, and now it can be invoiced.
Cancelled Invoice– The head office determines that a particular invoice shouldn’t be paid, and thus cancels it.

Our focus here is the pending tasks, so use this filter. ABC’s HVAC job will be among these. Clicking on its Job ID will open up the details of the task, with such an Update Job window:

This section contains all the information of the job- both past and present, which you can update in real-time. Any changes will be recorded by the system and can be viewed on the “Audit” tab.

As you can see here, the HVAC repair job is both “pending” and “urgent”. No one really likes sitting in an office that feels like an oven. Being the headquarters, it’s likely handles lots of foot traffic, and the damaged HVAC unit will make the working conditions really difficult. It’s best not to keep the client waiting, right?

So, head on over to the Supervisor and Workers section (on the same “Details” tab), and select the personnel suited for the task.

Set the time that the task will take for your technician, and once satisfied with the details of the job, click on Update. Voila! You’re done.

Immediately this happens, the worker received a notification on their app, telling them that they have been assigned the job.

From the app, the technician will be able to view the specifics of the HVAC job, including notes and attachments that you can add directly from your own dashboard, such as schematics of the building and reports from other technicians who installed the air conditioning system for the facility. You also get to add products that will be required for the task- like the pipe and panel mounted socket shown here. As the system also includes an inventory of the products used, their quantity and costs, you will be able to keep an accurate record of the supplies as they as are used.

As such, the field workers will not have to keep coming back to the central office to get documents and reports of new tasks, or walk around with bulky files. When they are carrying out the job, they will also be able to keep the staff at the office updated about its progress, through the chat feature on the mobile app, taking photos and adding notes as required.

2. Staff Scheduling

With this approach, the perspective is basically: ?So I have a couple of jobs- which of my employees has time to handle them?? The FSM allows you to optimise your productivity- by ensuring that you get the most out of the staff work hours, and avoid cases of jobs going into overtime.

Follow these steps:

Select ?Scheduler? from the left-hand side of the window. You will have a view of the workers of your company and how their day is planned out, and a summary of the unassigned jobs.

Here, you can tell whose busy, and who can have a new task assigned to them at the click of a button- which is far more effective than keeping on jotting down points in your diary or going through files of documents.

If the job has yet to be added to the system- like for the cases of new clients, simply click on the ?Add Job? button and key in its details.

2. Scroll down, you will see a list of unassigned jobs.

3. Next, click on the edit button under ?Actions?. This will take you to the same ?Update Job? window described in the first approach, in order to assign the preferred worker to the role.

This real-time dispatching avoids cases of your desk getting cluttered with paper sheets, and prevents duplicate entries as each job has its own ID and task details- from the scheduling to the invoicing. In this case, your HVAC technician will have access to the information needed right at the palm of their hand, to ensure that the task at ABC?s head office goes seamlessly. The optimised schedule will enable the task to be carried out faster- restoring normalcy to your client’s facility.? In case the client’s location is on the route that one of your technicians takes while heading home, you can take advantage of this by giving them the task towards the end of their working day- thus clearing more of your backlog, sorting out your client, and easing your technician?s worries about getting home late.

As you can see, the field service scheduling software enables you to easily and efficiently handle your workflow, avoid the mess that is associated with manual documentation and cases of your employees getting conflicting schedules and overlaps- which would strain them and dampen their morale. Streamlining your workflow and standardising operations ultimately results in increased customer satisfaction.