CASE Associates Incorporated

Strategies for Improving Business and System Processes

Phone: (503) 598-3944
Fax: (503) 603-0821
daves@caseassociates.com
New Process Change Management

Founded in 1988, CASE Associates Inc. (CAI) specializes in providing project management and quality assurance services to state and local government agencies. Since 1997, CAI has successfully conducted over 25 engagements for Oregon and Washington State agencies. 
CAI consultants have extensive program and project management experience and have directed or overseen the successful installation and implementation of hundreds of projects. They have experience in all phases of project management including leadership, budget responsibility, project initiation, staffing, reporting, implementation, problem tracking, generating and maintaining enthusiasm, and driving the project to successful completion using formal project management tools.
 
All CAI consultants have experience in IT strategic planning, business/system process improvement programs, information systems planning, systems analysis and design, project management, risk management, and quality assurance services. CAI uses its own methodology, the Business/System Process Improvement Program, for conducting strategic planning, quality assurance, and risk management programs. See the section on Business and System Process Improvement for more information.
 
CAI has intimate knowledge of government business processes, standards, networks, and inter-agency information sharing and access requirements. We recognize that state agencies are under constant scrutiny from the public, the media, and the legislature, and that they often must adhere to strict and sometimes contradictory rules. Budget limitations, funding sources, fiscal calendars, legislative initiatives, confidentiality requirements, public disclosure requirements, and procurement processes are just a few of the unique needs that must be considered at all stages of a project. Furthermore, state agency projects often involve interfaces with other agencies at the local, state, and federal level that must be included in the overall project plan.
 
CAI applies the principles of the Capability Maturity Model (CMM) assessments and the Control Objectives for Information and Related Technology (CoBiT) standards to conduct project planning, quality assurance, and risk management programs. CAI is also familiar with and applies the guidelines documented in the Project Management Institute's Book of Knowledge. CAI uses the Control Objectives for Information and Related Technology (CobiT) standards developed by the Information Systems Audit and Control Foundation for use in Information Technology audits.




We work with the audit client to explore and develop internal control assessment tools and checklists. Self-assessment tool used by self-managed work groups may include: balanced score cards, checklists with weighted ratings, internal control questionnaires, flowcharts, team written procedures/instructions, or process control charting.

We partner with the agency to develop an effective process for identifying, analyzing, controlling, and ultimately managing risks. We have a strong history of working with clients to develop ORCA assessments, specifically:
Identifying business objectives

Identifying operational and other risks

Defining business or other controls

Assessing effectiveness of the business process to satisfy objectives and manage risks


CAI and QPE will develop an audit approach and methodology that meets or exceeds requirements. Depending on the required level and type of audit assurance, some or all of these steps may be followed in an audit:
Planning the Audit: understand audit stakeholder requirements, notify/visit auditee, understand auditeeļæ½s system and process documentation, develop an audit plan, develop an audit survey, identify audit resources, and schedule the audit.

Conducting the Audit: assess process capabilities and maturity; assess system and process risks, evaluate internal controls, evaluate evidence, issue opinion, and conduct exit meeting.

Reporting Audit Results: communicate audit results, decide audit report format, verify corrective and preventive actions, maintain audit file, and consult with auditee and stakeholders.

Throughout the planning, auditing, and reporting phases, we have the following goals:

To manage, organize, plan, and report audit results so that they are aligned with government policies and regulations, meet departmental objectives, improve organizational performance, and improve agency governance.

To work with the audit client to identify the indicators of fraud or other irregularities.

To work with agency to develop and deploy risk management strategies that may involve risk avoidance, mitigation, acceptance, sharing, diversification, or control which are integrated into risk management instruction.

CAI applies the principles of the Capability Maturity Model (CMM) assessments and the Control Objectives for Information and Related Technology (CoBiT) standards to conduct project planning, quality assurance, and risk management programs. CAI is also familiar with and applies the guidelines documented in the Project Management Institute's Book of Knowledge. CAI has consulted, developed, and managed Project Management Offices, as well as recommending best practices for the following agencies: the Oregon Department of Transportation, the Oregon Secretary of State, the Oregon State Treasury, the Oregon Division of State Lands, the Oregon Parks and Recreation Department, the Washington Department of Information Services, the Washington Department of Financial Institutions, and the Washington Department of Labor and Industries.




We develop audit internal controls that evaluate and improve agency's governance processes by ensuring (1) values and goals are established and communicated, (2) the accomplishment of goals is monitored, (3) accountability is ensured, and (4) values are preserved.

CAI will conduct regular communications with the client to ensure internal audit activities, plans, and resource requirements (including significant interim changes) are understood and approved.

Open and honest communication between audit lead and audit client emphasize the following:
Adding operational and agency value
Partnering with auditee and audit customer to promote joint problem solving
Ensuring State of Washington policy compliance
Ensuring agency objective alignment with audit results
Moving from detection to prevention
Moving from monitoring to problem solving


Depending on audit scope and requirements, one auditor is designated as the lead auditor. This person at a minimum:
Sets the direction of the audit
Works with other professionals to obtain data
Analyzes information and evidence
Makes meaningful value added audit determinations that satisfy the customer and organization


Depending on the audit scope, the lead auditor also:
Supervises audit to ensure engagement objectives are met, audit quality is assured, and audit staff is developed.
Develops audit-reporting protocols to ensure objective, clear, concise, constructive, and timely communications.
Develops standard processes for constructive intervention, preemptive action, corrective action, and preventive action.
Develops audit protocols for special or unusual circumstances, including but not limited to: fraud, illegal acts, significant risks, inefficiencies, waste, irregularities, regulatory noncompliance, health/safety/environmental non-compliance, materiality issues, or ethical lapses.