Which of the following phases is involved in the Data Extraction, Validation, Aggregation and Analysis?

Which of the following phases is involved in the Data Extraction, Validation, Aggregation and
Analysis?

Which of the following phases is involved in the Data Extraction, Validation, Aggregation and
Analysis?

A.
Risk response and Risk monitoring

B.
Requirements gathering, Data access, Data validation, Data analysis, and Reporting and
corrective action

C.
Data access and Data validation

D.
Risk identification, Risk assessment, Risk response and Risk monitoring

Explanation:

The basic concepts related to data extraction, validation, aggregation and analysis is important as
KRIs often rely on digital information from diverse sources. The phases which are involved in this
are:
Requirements gathering: Detailed plan and project’s scope is required for monitoring risks. In the
case of a monitoring project, this step should involve process owners, data owners, system
custodians and other process stakeholders.
Data access: In the data access process, management identifies which data are available and
how they can be acquired in a format that can be used for analysis. There are two options for data
extraction:
Extracting data directly from the source systems after system owner approval Receiving data
extracts from the system custodian (IT) after system owner approval Direct extraction is preferred,
especially since this involves management monitoring its own controls, instead of auditors/third
parties monitoring management’s controls. If it is not feasible to get direct access, a data access
request form should be submitted to the data owners that detail the appropriate data fields to be

extracted. The request should specify the method of delivery for the file.
Data validation: Data validation ensures that extracted data are ready for analysis. One of its
important objective is to perform tests examining the data quality to ensure data are valid complete
and free of errors. This may also involve making data from different sources suitable for
comparative analysis. Following concepts should be considered while validating data:
Ensure the validity, i.e., data match definitions in the table layout
Ensure that the data are complete
Ensure that extracted data contain only the data requested
Identify missing data, such as gaps in sequence or blank records
Identify and confirm the validity of duplicates
Identify the derived values
Check if the data given is reasonable or not
Identify the relationship between table fields
Record, in a transaction or detail table, that the record has no match in a master table
Data analysis: Analysis of data involves simple set of steps or complex combination of commands
and other functionality. Data analysis is designed in such a way to achieve the stated objectives
from the project plan. Although this may be applicable to any monitoring activity, it would be
beneficial to consider transferability and scalability. This may include robust documentation, use of
software development standards and naming conventions.
Reporting and corrective action: According to the requirements of the monitoring objectives and
the technology being used, reporting structure and distribution are decided. Reporting procedures
indicate to whom outputs from the automated monitoring process are distributed so that they are
directed to the right people, in the right format, etc. Similar to the data analysis stage, reporting
may also identify areas in which changes to the sensitivity of the reporting parameters or the
timing and frequency of the monitoring activity may be required.
Answer D is incorrect. These are the phases that are involved in risk management.



Leave a Reply 0

Your email address will not be published. Required fields are marked *