Management Roles

When the data center operations department of a securities brokerage firm received the results of an external operational audit, the managers were unsure as to how they should respond to the comments on the audit.

An MCS consultant reviewed the audit comments and their implications with the department managers. The review included discussions with the managers on the role of the auditors to identify operational vulnerabilities versus the role of the manager to decide the level of vulnerability that is or is not acceptable. Each of the audit comments was evaluated as to the probable and possible exposure of the firm and the estimated cost of reducing the exposure. A formal response was then prepared for each comment and presented to corporate management.

Corporate management approved each response and included funding in the following budget cycle for all of the proposed remedies. The remaining exposures that the department managers decided not to remedy were placed on an on-going action list for periodic review.

to return to Service Highlights.