Top down risk assessment approach

TRINITY INDUSTRIES 9

Trinity Industries

Robert Shulzinsky

Southern New Hampshire University

Introduction

Risk assessment remains crucial in management of huge companies like the Trinity Industries. Trinity Industries Inc. is a recognized dealer in diversified industrial products with several product-based businesses. As a means of risk management and handling, the overall management has always used the bottom-up approach of risk management. Analytically, there are several weaknesses associated with this method of risk management. Nevertheless, the method also has noticeable strengths. There are certain recommendations for the top-down method of risk assessment which serves as the best alternative in this case. The alternative seems better than the other current one as it complies with most of the Sarbanes-Oxley Act (SOX) regulations that were passed in 2002 (Turner, 2014). The paper seeks to address the bottom-up approach in details touching on the strengths, weaknesses and a comparison with the top-down approach of risk assessment. The essay will also dwell on the SOX related expenses.

The bottom up approach is among some of the most important investment strategies. The strategy depends on selection of individual stocks. Unlike other approaches, it does not observe general economic trends but rather the management and performance of industries. This method uses mathematical model in analyzing risks hence data-intensive. Most users report that the use of this method is tedious due to the numerous mathematical formulations associated with it. As some point, it turns technical hence poses a lot difficulties among users. The approach dies not use historical data. This makes it more of a forward-looking approach rather than backward-looking approach as in the case of top-down approach. Trinity Industries Inc. has used the risk assessment approach for some time and thus there are evident strengths and weaknesses attributed top this method (Ammons, 2014).

Strengths and weaknesses

There various strengths that can be attributed to the bottom-up risk assessment approach. These positive factors are some of the reasons why Trinity Industries have used the method over the years. Bottom-up approach gives more details on the procedures and controls been used in company operation. The use of mathematical model ensures that finer details of the data are revealed hence the data-intensive nature of the approach. This is essential as it enables the organizations to achieve substantive data. The model provides extra data making the process comprehensive. This provides an extensive follow-up essential for effective internal control (Turner, 2014).

Despite the fact that feature is great, there are certain weaknesses associated with the bottom-up approach. In line with the control and standards, the approach does not apply the standard SOX regulations. The mathematical model makes the method tedious and time-consuming. The data-intensive features make the assessment approach prone to errors. The management of Trinity Industries Inc. participates in tedious data gathering and investigations to provide substantive data that is fed on the arithmetic model. Above all, it has associated unreasonable labor and capital costs. Nevertheless, the approach has been effective except for the weaknesses listed above. A recommendation that the industries should have done in the first year include identification of the internal control gaps. As matters stand, there is need to set robust controls for documentation of procedures. In the last report, the Trinity Industries had achieved about 1249 control exercise and grouping levels, this was recommendable. Implementing the top-down approach that is consistent with the SOX guidelines would have created a material impact in the control process (Ammons, 2014).

Comparison between bottom-up and top-down risk approach

Ideally, the two methods have significant impact in internal control and management for companies. The bottom-up approach has a great impact on organizational returns and investments whereas the top-down risk assessment approach delays the investment. The top-down approach is less data-intensive hence less tedious. Analytically, it has reasonable capital cost and labor costs. The bottom-up approach is time consuming with high labor demands hence associated capital and labor costs. Additionally, the top-down approach conforms to most of the SOX compliance laws hence one of the best approaches that should be adopted in the current market place. It view of these interplay of strength and weaknesses, the most appropriate approach is the top-down approach. Though this approach is associated with delayed returns, it will eventually materialize. The conformation to set management standards will improves the various aspects of material weakness for the Trinity Industries Inc. (Turner, 2014).

It is worth appreciating that both the two approaches have some impacts in company internal control structure. The bottom-up approach is tedious but provides comprehensive details of company data and information. This however contributes to the noticed material weakness. Trinity Industries has issues with documentation procedures which as lead to loss of financial data over the years. Using this approach puts the already vulnerable internal structure of the company at greater risk of data loss. This negatively impacts the overall operational process. The top-down approach has some positive impacts on the internal control structure. With the compliance to the SOX guidelines, the risk of data and financial loss is minimized. The method builds up a responsible workforce that will ensure effectiveness in operational management (Ammons, 2014).

.

In the pilot project, there were some critical insights that were noted down. It was realized that several processes should be changed to meet the internal control desires. A steering committee was formed and the process conducted in compliance to SOX guidelines. The pilot project assessed the individual databases with reference the SOX guidelines. After the pilot project, the team was trained on the documentation procedures with appropriate templates to be used given. A final control catalog for each process was then developed. While doing these analysis and substantive tests, an action plan for gap closure was then developed. The propose closure would minimize the operational gaps identified throughout the project (Turner, 2014).

Memo

Trinity Industries

To: All Staff Members

From: Project Coordinator

Subject: SOX results in year 1

Date: 1st January 2018

The comprehensive test in the first year was aimed at testing the set policies. The project management team which composed of Oracle Financials and the steering committee decided to do the below tests; risk assessment on the bottom-ups and database application for central repository of SOX controls. A final control catalog was made to communicate the results for the specific processes.

Analytically, the results indicated that there was an issue with documentation procedures and data management gaps. With these gaps, there is need for careful analysis of financial processes and data management to evade complying with the SOX guidelines. The gaps identified led to training of workforce on the proposed new risk assessment approach to facilitate change management. The external audit revealed some deficiencies in operation and general material weakness that affected the internal structure (Schultze, 2011).

SOX related expenses

Trinity Industries has accrued and continue to face the burden of SOX related expenses. The company should adopt measures that will reduce these expenses. One of the best approaches is centralizing the IT system infrastructure. The decentralized IT system is difficult to manage and thus prone to various technological errors and breaches. Another approach is investing in automatic SOX controls. An automated operational control app will ensure that the documentation procedures and other system procedures comply with the set guidelines. The automatic controls ensure automatic rejection of non-complying details and programs hence minimizing the fraudulent transactions. Keeping back-up checks is essential to cover up whenever the normal control checks fails. Additionally, applying Electron Record Programs (ERP) is also important in improving the performance efficiency. There recommendations are likely to reduce the SOX related expenses (Schultze, 2011).

The major sources of cost in Trinity Compliance maintenance and testing are revenues and profits acquired from company’s sales. The revenues and profits are used to procure the necessary materials and equipment used by the organization. In ranking the sources, it is important to understand that they are all important as they help to keep the organization functional. However, the income made from sales come first followed by the profits and revenues achieved through sales. The choice of Oracle as a software was essential in overall management. The software was proven to be very effective than other programs in the marketplace. Generally, it offers the best sales solutions. Other software programs that can be compared to Oracle include Sales Force Software and Rimini Street Software. Unlike the Oracle, Sales Force Software does not offer customer management platform this makes it less efficient. The Rimini Streets Software is very effective though less advantageous compared to the famous Oracle which provides predictive analytics. The predictive analytics creates good sales workforce hence beneficial. These sounding differences make Oracle software the best compared to other available options (Schultze, 2011).

References

Ammons, D. (2014). Municipal Benchmarks: Assessing Local Performance and Establishing Community Standards. Routledge

Schultze, U. (2011). The SOX compliance journey at Trinity Industries. Journal of Information Technology Teaching Cases.

Turner, J.R (2014). The Handbook of Project-based Management (Vol. 92) New York, NY: McGraw-Hill