Business today is changing minute-by-minute and second-by-second. Processes and technology and their configurations are changing. Employees and their access into systems is changing as new employees are hired, others change roles and have inherited rights issues, others leave the organization. Transactions and vendors are changing. The pace of change in business today requires new approaches to control automation.
The past involved random sampling, an approach that is dated and out of step for the dynamic nature of business today. Random sampling and monitoring of controls only cover a small fraction of the configuration, master data, segregation of duties/access rights, and transaction controls in the environment. Manual processes for control monitoring focused on random sampling leaves the organization in a false sense of control where the reality is there can be significant control issues that expose the organization to malicious and inadvertent issues and events.
Random sampling of controls results in . . .
[This is continued as a guest blog by Michael Rasmussen of GRC 20/20 on the Greenlight Technologies blog]
Don’t miss the upcoming Webinar How to Achieve an Integrated & Continuous Approach to Managing Controls on March 4th. Click here for more information and to register.