Robotics risks & controls: Managing the changing risk profile

Session Description: 

Session abstract:  Software Robotics, or Robotic Process Automation (RPA) promises to transform the cost, efficiency and quality of executing many of the back office and customer-facing processes that businesses rely on people to perform.  RPA uses software to execute business processes in a repetitive, audited and controlled manner with very limited human participation.  Although many legacy IT risks and controls apply to RPA there are distinctive differences in the development, deployment and operation of RPA software that introduces unique risks, and may require the modification of existing IT controls.  Some examples include the process-centricity of RPA development and operation, and the hybrid-nature of its access requirements (e.g. it’s a non-human account that acts like a human).  Join us as we provide an overview of RPA, and present best practices for the identificationof risks and controls in a new or existing RPA process at the enterprise, program, platform and process-level. 


Session Presenters:

Cathy Cobey is a Partner in the Advisory Services practice of Ernst & Young LLP.  She has over 23 years of experience in information security, risk and controls.   Cathy leads our NextGen technology risk and controls services in Canada.  This includes services related to the governance and control of emerging technology including robotics, cognitive intelligence, IoT and artificial intelligence.  She works with clients to realize the opportunities for NextGen technology and advises risk and challenge (e.g. ORM and Internal Audit) functions on their role in managing the risks of emerging technologies.

Roopa Sharma is a Senior Manager in EY’s Advisory practice in Toronto, and a member of the IT Risk Advisory group at EY. Roopa has 13+ years’ experience in information systems general controls and application controls review for internal and external audits, including developing and providing internal control and internal audit programs for both legacy and emerging technologies. Specialization also includes third party control evaluations for service organizations.  She also has experience in evaluating and auditing system controls, conducting pre- and post-implementation reviews, and assessing the adequacy of enterprise risk management and compliance functions.

Yvonne Zhu is a Senior Manager in the Advisory Services practice of Ernst & Young LLP. She has over 12 years of experience in information security, risk and controls. In addition to information technology audit and evaluation of third party service organization, she also focuses on the governance and controls over emerging technologies. This includes developing risk and controls matrices for various emerging technologies and advising client on how to manage these risks.


Date & Time: Feb 15, 2018 08:30 AM to
Feb 15, 2018 12:00 PM
[America/Toronto UTC -5]


Add to my Calendar
Location: Holiday Inn (Kitchener)
30 Fairway Road S
Kitchener ON

Get Driving Directions
Registration Closes: Feb 14, 2018 05:00 PM

Event Coordinator:

Admin Support
 Registration Fees
Member Price
Registration Fee  
Non-member Price
Registration Fee  

Registration is now closed.


Powered By