In this chapter, we will introduce and develop a comprehensive risk-governance framework that is fit-for-purpose for data analytics and automation programs in the accounting, finance, and operations functional settings. We explore the critical need for governance in anticipation of widespread adoption of data analytics tools and capabilities across medium-to-large enterprises. The marked pace of change as development capability is put into the hands of end-users leads to a far more complex risk environment. We will begin this chapter with a discussion of how organizational risk appetite must be reevaluated, as new channels of processing risks are introduced through the adoption of analytics. We will discuss how to draw a cross-functional and inclusive governance framework around IT, process owners, project teams, internal audit, and control stakeholders to ensure the required knowledge and perspective exists to provide adequate oversight. We will highlight the key risks introduced to the processing environment by data analytics and introduce methods for the assessment, measurement, and monitoring of such risks – and provide an approach to mitigate and manage them with risk response capabilities.

In the past, the control environment which safeguarded an enterprise from processing risk was centered around the core technology stack. The advent of self-service data analytics tools has dramatically shifted an enterprise's technology ...