Auditing Robotic Process Automation (RPA)

Organizations implement and execute automation e.g. through the creation of Robotic Process Automation (RPA) initiatives, comprising portfolios of programs and projects, which become the vehicles for executing the organization’s Robotics strategy.
Financial institutions and banks automate more and more business processes using Robotic Process Automation. The business needs and benefits (e.g. automation of manual repetitive manual tasks) together with the full implementation costs is defined in the business case, which justifies the required investment. Financial institutions are regulated entities and specific regulations like MaRisk require banks to perform sufficient oversight.
Audit departments therefore need to define and implement specific Audit Programs in order to cover RPA specific risks and controls.
Agenda for Auditing Robotic Process Automation (RPA):
1) Introduction incl. Importance of RPA and Types of Robotics
2) Robotics in the Banking Industry incl. Robotics Center of Excellence, Robotics Delivery Model and RPA Framework
3) Audit Program incl. High Level Risk Assessment, Key Controls, Risks and Test Plans as well as Lessons Learned




Detlef Gross
Detlef Gross ist Diplom-Informatiker (FH) und hat sein Studium in Darmstadt und in Sunnyvale (USA) absolviert. Von 1997 bis 2010 war er als Seniorberater und Director schwerpunktmäßig in den Bereichen IT-Servicemanagement, Business Continuity und Sicherheitsberatung tätig. Seit 2011 führt er Audits als Principal Auditor für die Deutsche Bank durch. Er ist zertifiziert als Certified Information Systems Auditor (CISA) und ITIL Expert und war auch bei der Qualitätssicherung von ITIL aktiv beteiligt.


IBS Schreiber
IT-Compliance Project



IT-GRC-Kongress Newsletter

Sie möchten über den IT-GRC-Kongress
auf dem Laufenden gehalten werden?