Make sure to read the following tip for a sneak peak at just some of the great content that will be presented at the GRC2012 conference in Milan, June 6-8.
The following snippet has been taken from Turnkey Consultings's Carlos Jamies's presentation “Lessons for using continuous controls monitoring to reduce risk in important financial processes”.
Understanding Continuous Control Monitoring (CCM)
- The actual control sits within the configuration in your backend system
- CCM monitors the status of these controls, and alerts when exceptions are found
- It can assess the effectiveness of internal controls on a regular basis
- Is a software solution which provides real-time status of internal controls
- Mainly automated-type controls can be continuously monitored
- CCM is achieved by linking a rule in the tool to an executable program in the back-end system (e.g., SAP ERP)
- There are over 120 standard rules available in PC
- Requires table logging enabled in the backend system
- CCM can save time and labor costs, as well as prevent money being lost due to fraudulent activities
**An example of CCM can be an alert sent to the control owner triggered by changes to system parameter settings (configuration controls)
Benefits of CCM
- Controls are easier to operate (less room for error)
- Controls take less time/overhead to operate
- You can embed escalation procedures to ensure controls are operated
- Control documentation is stored centrally, resulting in lower overhead for audit teams and control operators
- Internal testing and control self-assessments are stored centrally, resulting in less overhead communicating test plans and results to external auditors
- Making internal audit more efficient so that focus can move from compliance to optimization
I look forward to seeing you at the event!