RSA Archer Audit Engagements & Workpapers

EMC logo

What are audit engagements and workpapers?

Audit engagements are the mechanism that internal audit teams use to scope, plan and execute their evaluations of risks and associated internal controls, and related areas of their organization. Audit workpapers are the means to document the results of their evaluations, or test work.

Why is the proper execution of audit engagements, including workpaper documentation, so important?

A significant challenge internal audit teams face managing their audit engagements is lack of risk-driven audit coverage, inconsistency and inefficiency. Many internal audit groups cannot focus more time on risk and compliance activities because they are too absorbed in administrative work. Further, audit procedures and engagements are often performed inconsistently, and audit teams spend countless hours inefficiently managing audit resources.

They also struggle to track the status of engagements and workpapers because their teams use multiple documents and systems. Teams cannot effectively reconcile their time and expense back to their audit plan nor report real-time updates to audit executives. They lack visibility into the status of findings generated during past audits. Audit reports are not easily updated with changes to audit findings, remediation plans and workpapers, and there are constant fire drills getting information to external auditors.

RSA Archer Audit Engagements & Workpapers

The RSA Archer Audit Engagements & Workpapers use case addresses the problems outlined above through key features that include:

  • Audit universe tracking with automatic updates on time and expense from audit engagements
  • Best practices and industry standards are built into workflows for audit engagement and workpaper documentation, review and approval workflow
  • Centralized Audit Program Library and workpaper repository
  • Audit report and planning memo templates
  • Audit findings and remediation plan management with review comments capabilities through the RSA Archer Issues Management use case (see Data Sheet)
  • Offline audit engagement capabilities


With RSA Archer Audit Engagement & Workpapers, you will be able to:

  • Ensure audit engagements and workpapers are performed consistently and per prevailing standards
  • Reduce external auditor time and requests by allowing them to self-serve the information they need
  • Easily generate audit reports with up-to-date detail and findings
  • Free up time to place more focus on risk-based auditing and strategic projects
  • Provide management and the Board with the information they need more readily


Often, internal audit teams cannot focus on helping the business evaluate new risks and opportunities because they are spending too much time performing administrative and duplicative tasks. The RSA Archer Audit Engagements & Workpapers use case helps transform the efficiency of the audit department, complete better-scoped audits more efficiently, and decrease audit expenses. The use case is also integrated with other RSA Archer risk and compliance use cases enabling your organization to move toward Integrated Risk Management (IRM). As your company drives business growth with new initiatives, technology adoption or market expansion, your overall governance, risk and compliance (GRC) or IRM program must evolve, innovate and manage risk with more agility and integration than before.  Managing the audits performed by internal audit – the third line of defense, alongside risk management and compliance testing performed by second line of defense groups, and control self-assessments performed by management is one ingredient to becoming more integrated, efficient and effective across all three lines of defense.

RSA Archer can help your organization manage multiple dimensions of compliance and risk on one configurable, integrated software platform. With RSA Archer solutions, organizations can efficiently implement risk management processes using industry standards and best practices and significantly improve their business risk management maturity.

For more information, visit or read the Audit Engagements & Workpapers Datasheet.

Update your feed preferences





submit to reddit


  • No Related Posts

RSA Archer Audit Planning & Quality

EMC logo

What is audit planning?

Audit planning is the practice where internal audit functions assess the risk across their audit universe and determines the audit engagements they need to perform in the months and quarters ahead. They plan their audits based on risk and compliance gaps, strategic objectives of the organization, important topics and other priorities.


What is audit quality measurement?

Audit quality measurement is the execution of quality surveys to monitor the effectiveness and comprehensiveness of audit processes.  These surveys provide key insight on how well the audit function is meeting the business’ needs and working with business and IT management during an audit.


Why is audit planning and quality important?

According to PwC’s 2018 State of the Internal Audit Profession Study and survey of more than 2,500 audit executives, 82% of innovative audit functions collaborate with other lines of defense to align technology tools’ uses and functions, vs. 45% for non-innovative audit functions.  Internal audit’s main challenge is not having access to broad, dynamic enterprise risk and control information and analysis, but it’s actually using the information for agile audit planning.  Instead, many audit teams rely only on their point-in-time risk assessments to drive audit work. This prevents internal audit from adjusting their audit plans to rapidly changing risks and business concerns.


With decentralized audit plan and risk assessment documentation captured in multiple tools and systems that are difficult to integrate, there is no easy, fluid way to manage audit plans, let alone coordinate objectives among risk and compliance groups.  Internal audit is also under pressure from audit committees and management to improve their processes; yet their quality control procedures are sporadic, inconsistent and difficult to follow up on.


RSA Archer Audit Planning & Quality

The RSA Archer Audit Planning & Quality use case addresses the problems outlined above through key features that include:

  • Complete workflow to create and assess audit entities, perform risk assessments, and create and manage audit plans
  • Workflow to schedule audits and tie forecast and actual expense and time in between audit engagements and the audit plan
  • Centralized location for storing and managing audit plans, audit entities, and assessment results
  • Audit quality assurance and review questionnaire workflows


With RSA Archer Audit Planning & Quality, you will be able to:

  • Execute a more dynamic, risk-driven audit plan that is easily adjusted to match the organization’s priorities and focuses on the most important risks
  • Easily provide Board-level reporting that keeps the audit committee well-informed of the status of audit plans, risks and critical findings
  • Demonstrate the strategic value of internal audit and more efficient use of audit resources
  • Reduce external auditor fees by providing self-access to information they need


RSA Archer Audit Planning & Quality enables internal audit teams to define their audit universe, assess risks and plan audit engagements that better address risk, and manage their audit staff and audit schedule. RSA Archer Audit Planning & Quality is a critical element of Integrated Risk Management (IRM). Since RSA Archer Audit Planning & Quality integrates management risk and control information, internal audit can ensure their audit objectives are aligned with IRM teams and play their essential role as the third line of defense. As your company drives business growth with new initiatives, technology adoption or market expansion, your internal audit function can evolve and react to risk with more agility and integration than ever before.


RSA Archer can help your organization manage multiple dimensions of risk on one configurable, integrated software platform. With RSA Archer solutions, organizations can efficiently implement risk management processes using industry standards and best practices and significantly improve their business risk management maturity.


For more information, visit or read the Datasheet.

Update your feed preferences





submit to reddit


  • No Related Posts

BLOK Technologies Provides Update on Greenstream Networks’ Cannabis Industry Technology

VANCOUVER, British Columbia, Oct. 17, 2018 (GLOBE NEWSWIRE) — BLOK Technologies Inc. (“BLOK Tech” or the “Company”) (CSE: BLK) (OTC: BLPFF) (FRANKFURT: 2AD) is pleased to provide an update on the development progress of its 100% wholly-owned subsidiary Greenstream Networks Inc. (“Greenstream”). As the Canadian Government’s Cannabis Act bringing about the legalization of Cannabis comes into effect today, October 17, 2018, Greenstream is poised to provide a comprehensive technology solution to the Cannabis industry.

Greenstream is developing and commercializing a blockchain-enabled supply chain integrity platform to ensure the safe, legal and authenticated flow of products and value through the cannabis market and has made significant progress on the development of its technology and related infrastructure since its acquisition by BLOK Tech in January 2018.

“We are pleased with the progress of the Greenstream Network as the industry moves towards full legalization,” said BLOK Tech CEO Rob Dawson. “Greenstream is developing and will commercialize a multi-component payment and supply chain integrity system to ensure the industry can effectively operate in this complex regulatory environment with multiple jurisdictions in Canada and beyond.”

Greenstream has made significant progress to date.

In March 2018, Greenstream was accepted as a Silver Member of The Linux Foundation and a General Member of Hyperledger. Hyperledger is an open source collaborative effort created to advance cross-industry blockchain technologies. It is a global collaboration, hosted by The Linux Foundation, including leaders in finance, banking, Internet of Things, supply chains, manufacturing and technology. In joining these two prestigious communities, Greenstream will be collaborating in a community with global technology companies such as: IBM, Cisco, Intel, SAP and JP Morgan as well as blockchain start-ups from around the world.

In April 2018, Greenstream announced that it had completed the Minimum Viable Product (“MVP”) of its Greenstream Network, for the Canadian Cannabis industry, and also announced the Alpha release of the Greenstream Payments Platform enabling Canadian Cannabis businesses to process payments & exchange value across the Cannabis ecosystem. The Greenstream Network Platform is being built on leading-edge blockchain platforms including the Hyperledger stack, an open-source, collaborative technology initiative supported by partners such as IBM, Linux, Cisco, Intel, SAP and JP Morgan.

In July 2018, Greenstream was accepted into the Oracle Scaleup Ecosystem, a global acceleration program for start-ups. Oracle’s global start-up mission is to provide enriching, collaborative partnerships to enable next-generation growth, business development, and to drive cloud-based innovation for start-ups throughout all stages of their development. The program is designed for start-ups and venture capital and private equity portfolio companies to enable hypergrowth and scale.

In August 2018, BLOK Tech entered into a Memorandum of Understanding (“MOU”) with Varipay Inc. (“Varipay”) to collaborate on the development of a payment gateway to be integrated into the Greenstream Network Platform.

In August 2018, Greenstream also successfully completed a deployment of its payments network and applications to the Oracle Cloud Infrastructure (“Oracle Cloud”), as part of the previously announced strategic relationship with Oracle on July 11, 2018.

The deployment has been fully tested and optimized by the Greenstream technical team and the platform, including a demo environment, are running smoothly and at a speed that is scalable. This represents a key milestone in the platform’s development in that it is operating in multiple environments, including the world-class infrastructure provided by Oracle. It provides a proof-point for the technical excellence of the system and assurance to the Cannabis industry that the Greenstream Network is enterprise-ready. It is further proof that Greenstream is a key step closer to having an enterprise-grade platform for integration with major customers through the Oracle Scaleup Ecosystem.

Near Term Developments

BLOK Tech is working on collaboration and strategic partnerships with Cannabis industry companies, suppliers and technology providers to build out implementations and pilot projects using the Greenstream Network Platform.

Following the Alpha release of the payments platform earlier this summer, the Greenstream technology team is focused on building the seed to sale tracking and traceability platform, GreenTrack. The platform aims to bridge the gap within existing seed to sale solutions in the Canadian Cannabis industry to benefit consumers, industry participants and regulators. GreenTrack will enable consumers and businesses to verify product pedigree & track the products across the Cannabis industry.

BLOK Tech and Greenstream are joining forces to closely work with stakeholders on documenting and integrating the regulatory requirements of the Cannabis industry in its various jurisdictions in North America, South America and Europe. This will help BLOK Tech & Greenstream to expand its technology across other jurisdictions complying with regional regulatory requirements.

The Greenstream Verifiable Digital Identity System (“GreenID”) component including a decentralized, point-to-point exchange of information about businesses to confirm the authenticity within the cannabis industry for the execution of smart contracts will be developed later in the fiscal year. In its full release, the Greenstream Network Platform will be comprised of an integrated GreenID, GreenTrack & the Payments platform to enable the regulators, industry participants & consumers to ensure supply chain, financial & identity compliance across the Cannabis ecosystem.

About BLOK Technologies Inc.

BLOK Technologies Inc. is a public company that invests in and develops emerging companies in the blockchain technology sector. The Company’s approach is to provide capital, technology and management expertise to the companies it develops. BLOK Tech’s Greenstream technology platform is designed to effectively manage value transfer, supply chain integrity and identity verification in complex and highly regulated industries. This scalable and adaptable platform is being developed on the Hyperledger technology stack and with the support of Oracle Cloud infrastructure. BLOK Tech continues to grow its business into adjacent industries and emerging technologies. The Company systematically identifies early-stage technologies with potential to disrupt and innovate within their industry and invests the necessary resources to ensure the success of their projects.

For additional information regarding BLOK Technologies and other corporate information, please visit the Company’s website at BLOKTECHINC.COM


“Robert Dawson”

President & CEO

For further information, please contact:

James Hyland, B.Comm.

Vice President Corporate Development, Director

(604) 442-2425

Statements in this news release may be viewed as forward-looking statements. Such statements involve risks and uncertainties that could cause actual results to differ materially from those projected. There are no assurances the company can fulfill such forward-looking statements and the company undertakes no obligation to update such statements. Such forward-looking statements are only predictions; actual events or results may differ materially as a result of risks facing the company, some of which are beyond the company’s control.


Help Boost Your Clients’ and Your Profitability with Dell’s Expanded PC as a Service (PCaaS) Offering

PC as a Service now extends the affordable price-per-seat solution that saves money and supports an optimal end-user experience to small & medium businesses. Build and grow stronger customer relationships by meeting their Digital Transformation needs.

What is Dell PC as a Service?

Dell PC as a Service combines hardware, software, lifecycle services, and financing into one all-encompassing solution providing for a single, predictable price per seat per month. Dell has expanded the existing PC as a Service for Enterprise (300+ seats) and created PC as a Service for Business (20-300 seats) for small and medium businesses with fewer PC needs.

The main difference between the two products are:

  1. Deployment – Basic Deployment, ProDeploy, ProDeploy Plus – is optional in PCaaS Business
  2. Flexible financing options – Flex Up (no limit), Flex Down or Mid-term upgrade (5, 10 or 15%) – are available for some customers
  3. There is no Services Delivery Manager assigned to a PCaaS Business account

PC as a Service is available in 21 countries:

Americas – United States, Canada

Europe, Middle East & AfricaUnited Kingdom, Germany, France, Netherlands, Sweden, Italy, Poland, Spain, Belgium, Switzerland, Denmark, Ireland, Norway, Finland, Portugal, Luxembourg, Austria

Asia Pacific and Japan – Australia, New Zealand

How Do Customers Benefit?

With Digital Transformation making the IT environment more complex and requiring the use of fewer and fewer resources for traditional IT functions, Dell EMC’s PC as a Service for Business (20-300 seats) and PC as a Service for Enterprise (300+ seats) allow you to meet your customers at their point of need, cement your role as their trusted partner and boost your margins.

Our PC as a Service solutions provide the following benefits to customers:

  • Predictable budget planning
  • Reduced IT effort to manage computing needs
  • Accelerated PC refresh keeps end-users in the most relevant technology
  • Flexibility throughout the offer designed to fit your business needs
  • Technology tailored to how your users want and need to work
  • Up to 25% savings on PC lifecycle management1

How Do Partners Benefit?

With the ability to extend these benefits of the flexible PC as a Service solution to smaller-sized customers (20 to 300 seats), Dell’s offering will help you grow profitability, develop lasting customer relationships, and accelerate future sales.

Partners who resell this solution reap the following benefits:

  • Upfront payment for a multi-year deal.
  • Dell Financial Services (DFS) referral fees plus back-end partner program rebates
  • Built-in, mid-term customer touchpoint to increase or upgrade the systems deployed
  • Opportunity to co-deliver deployment services
  • Opportunity to add your branded services to the price-per-seat deal (if approved by DFS)
  • PC as a Service is a fix-term agreement, which makes it easy for channel to sell the follow-on refresh solution and to retain customers from refresh to refresh

Boost your profitability with the help of these Marketing Campaign Material for PCaaS

Utilize the full package of marketing assets in the PC as a Service campaign available on the Digital Marketing Platform: NEW PCaaS Campaign Material

Footnote: 1. Based on the Forrester® Dell Client solutions cost estimator tool commissioned by Dell and Intel. Estimated savings is calculated over 3 years and includes hardware, software, services and other resource adjustments.


Save Costs & the Planet with IoT

EMC logo

I love well-designed solutions where everyone wins. Our recent collaboration with Vodafone and Utilitywise is a great case in point – three companies coming together to provide an IoT-based energy monitoring solution for thousands of companies in the UK. The results speak for themselves. Access to real-time data has delivered up to 20 percent savings on business operating costs for customers with a clear return on investment within twelve months. Meanwhile, reduced energy usage translates into a cleaner environment. Combining expertise As is the case with all successful collaborations, the three partners brought different expertise to … READ MORE


Update your feed preferences





submit to reddit


  • No Related Posts

RecoverPoint for Virtual Machine:Cannot Create New Consistency Group (IOFEenabled)

Article Number: 500000 Article Version: 3 Article Type: Break Fix

RecoverPoint for Virtual Machines,RecoverPoint for Virtual Machines 5.0

Cannot protect any new Consistency Group

RecoverPoint tries to protect VMs with IOF instead of with vSCSI

Symptoms found in the logs:

Although the customer isn’t using IOF splitters, you will see in the logs IOF control actions like ‘create disk policy’.

In addition, control logs will shows that isIOFEnabled in the siteSettingsMap is N/A:


To find this log, search in control logs for ‘IOFEnabled’.

Affected version 5.0 and 5.0.1

isIOFEnabled option in control’s site settings is unset, causing control to try using IOF. One possible explanation for that it is unset is after NDU from a version older than 4.3.1 to 4.3.1.x, and then to 5.0 or 5.01.

Upgrade RP4VM version to 5.0


A solution exists for this issue but intervention from EMC technical support personnel is required. Depending on when connectivity is restored and what state the environment is in, a specific plan of action will be developed.

Contact the Dell EMC Customer Support Center or your service representative for technical assistance and reference this EMC knowledgebase solution ID.


Vibe 4.0.5 is now available!


Collaboration means different things to different people. For managers, it’s about increasing productivity and supporting mobility. For teams, it’s about working together on projects, managing and sharing documents, and retaining knowledge. Micro Focus Vibe delivers on both fronts, helping you bring people, projects and processes together in one secure space to enhance productivity—no matter where …

+read more

The post Vibe 4.0.5 is now available! appeared first on Cool Solutions. qmangus


  • No Related Posts

ShareFile Custom Workflows

Create a Workflow Workflow Triggers Workflow Actions Workflow Access (Share a Workflow with Others) Monitor or Review Workflow Instances

User-added image

Create New Workflow Template

To get started with Workflows, navigate to the Custom Workflows dashboard and select New Workflow.

User-added image

Provide a workflow name and description. Select a folder in your ShareFile account where your workflow and its relevant data is stored.

User-added image
User-added image

Workflow Triggers

A “trigger” is a specific event that “triggers” a process. When that event occurs, the workflow is initiated.

You can select “when a file is uploaded”, or “when a form has been completed” via the Workflows mobile app.

User-added image

If selecting “a form is completed”, you can select a form you have already created. If you have not created a new Form, click Create New Form to access the Form Creation menu.

For more information about creating workflow forms and submitting them via the mobile app, see the following articles:

“When a File is Uploaded” Trigger

User-added image

Choosing the “when a file is uploaded” trigger allows you to customize the trigger further. You may limit the trigger to activate only when specific file types are uploaded.

Designate the folder you wish to monitor for file uploads. This trigger will only activate for the folder you select in this menu.

TIP! Podio Triggers No Longer Supported

Podio Triggers are no longer supported. If you were using the Podio Triggers in Custom Workflows, we recommend archiving these workflows.

User-added image

Workflow Actions

User-added image

Action screen allows you to determine what happens once a trigger has been activated. Provide an Action name, then select the action that should occur following the trigger.

You arrange for a notification email to be sent automatically or for an approval workflow to be initiated.

“Initiate an Approval” Action

User-added image

Approval allows you to designate individuals on your account that are responsible for approving or providing feedback when the file has been uploaded or the form has been submitted.

User-added image

Under Outcomes, you can designate what happens when a file is approved or rejected. For example, you can close and notify upon approval, or select Next Step for a rejection. When selecting Next Step, you’ll need to configure another action to occur.

“Send an Email” Action

User-added image

If you select the “Send an Email” action, you can designate Subject, Recipient, and CCs as well as the items to be included in the email message sent to the recipient.

You may select all or some of the items of the workflow. You can also add items from your computer or ShareFile.

Export data to an Excel file Action

User-added image

The Export data to an Excel file action, allows you to export all the data or selectively export the desired data from the workflow. Clicking on the submitted instance of the workflow will provide the Excel file with all the details that were selected.

Post data to a web service Action

User-added image
The Post data to a web service action, allows you to post all the data or selectively post the desired data from the workflow in JSON format.

Citrix ShareFile Custom Workflows – Post to Web Service for more information.

User-added image

The POST Web Service URL needs to be provided where the workflow data in the JSON format needs to be posted to.

Once you choose what happens when the workflow is triggered, proceed to Admins and Viewers.

User-added image

Admin and Viewers to a Workflow

User-added image

Here, you can customize the users that the workflow is available to. In order to be added to this list, individuals must be current, active users on your ShareFile account.

Note: In order to manage a workflow, a user must have the Create and Deploy Workflow Actions and Triggers permission.

If a user is given access to this workflow, they will be able to access the necessary form from within the Workflows mobile app and submit it.

Initiate – Allow the user to initiate workflows (required for users submitting completed forms via Workflows mobile app!)

Manage – Allow the user to manage or customize existing workflow

View Template Reports – Allow the user to view and access template reports

Manage Templates – Allow the user to view and manage workflow Templates

Manage Settings

Before you move on, consider verifying the Workflow details and customizing the Workflow Instance field with some data-tags, which will automatically pull data or information (such as author or date).

User-added image

Share Link Settings

This setting is applicable for any item created or uploaded as part of the workflow. User has the capability to set the expiration of the workflow or set the number of accesses per user beyond which the share would no longer work and would provide proper error message.

User-added image

Review Summary and Enable your Workflow

Review Summary provides a quick reference of the complete Workflow. Enable your workflow to make it available to your users.

User-added image

User-added image

Monitor or Review Workflow Instances

Once you have created and assigned workflows to users, any instances of that workflow will be tracked by clicking on the template listed under Workflow Templates The Workflow Instances tab is displayed. The user now has the options to filter the instances based on statuses and versions if any.

User-added image

Click on an instance to view its details and progress, as well as download any attachments associated with the workflow.

User-added image


  • No Related Posts

Citrix ShareFile Custom Workflows – Post to Web Service

This article describes how Custom Workflows can be integrated with third party applications using Post to Web Services action. It is assumed that reader is aware of HTTP, Web service , POST, and Custom Workflows web composer application.

To post data to webservices hosted on-premises, use Citrix Cloud Connector. Otherwise, you can jump to Configuring Post-to-Web-Service in Custom Workflows


SpanVA – pingable & SEP Integration?

I need a solution

Hi all,

Quick question – is the SpanVA pingable? I am trying to work out if the server hosting SEPM can communicate with SpanVA to send logs to..

Also, is it possible to see anywhere in SpanVA if it is accepting logs from SEPM or ProxySG for example?