Posted by: Robert Davis
Compliance Management, Compliance Verification Systems, Continuous Monitoring, Control System, Data Provisioning, Decision Techniques, Enterprise Resource Planning, ERP, Exception Reporting Systems, Expert Systems, Inference Engine, Knowledge Acquisition, Knowledge Engineer, Knowledge-base, Management Information Systems, MIS
According to The Institute of Internal Auditors, “Continuous monitoring of controls is a process that management puts in place to ensure that its policies and procedures are adhered to, and that business processes are operating effectively.” Though manual performance monitoring may suffice in low technology situations, in most high technology environments automated controls become a necessary part of the IT architecture for ensuring information reliability and integrity. As suggested by John Verver in Risk Management and Continuous Monitoring, the technology underpinnings to enable an effective continuous monitoring strategy should include several key components: independence from the system that processes the datum; the ability to compare data and information across multiple platforms; the ability to process large volumes of datum; and prompt notification to management of items that represent control exceptions.
“View Part I of the Compliance through Automation: Continuous Monitoring series here“