Innovation in Automated/Continuous Control Management
Executive SummaryTo address internal control failures and risk, organizations are establishing an automated internal control strategy with process and technology to build and maintain control automation that balances business agility, control, and security to mitigate risk, reduce loss/exposure, and satisfy auditors and regulators while enabling users to perform their jobs. When evaluating solutions for internal control automation the organization needs solutions that are intuitive, easy to use, and should look for a solution that covers the range of business systems used in their environment. ServiceNow is a solution provider in enterprise applications for governance, risk management, and compliance (GRC). The company’s flexible, scalable, and integrated suite of cloud applications is used by organizations to automate GRC processes, reduce enterprise risk, and demonstrate regulatory compliance to achieve audit-ready status. The ServiceNow Indicator-Based Continuous Control Management functionality delivers efficiency, effectiveness, and agility to strengthen risk management, security, and compliance for organizations across industries and around the world. Organizations can implement control indicators that can test data on schedule with minimal human intervention. In this context, GRC 20/20 has recognized ServiceNow Indicator-Based Continuous Control management with a 2017 GRC Innovation Award for Automated/ Continuous Control Management.
Table of Contents
- Agility Required in Control Automation
- ServiceNow Indicator Based Continuous Control Management
- Innovation in Automated Control Management
- What Indicator-Based Continuous Control Management Does
- Benefits Organizations Receive with Indicator-Based Continuous Control Management
- Considerations in Context of Indicator-Based Continuous Control Management
- About GRC 20/20 Research, LLC
- Research Methodology
AuthorMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.
©GRC 20/20 Research, LLC. All Rights Reserved. No part of this publication may be reproduced, adapted, stored in a retrieval system or transmitted in any form by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of GRC 20/20 Research, LLC. If you are authorized to access this publication, your use of it is subject to the Usage Guidelines established in client contract. The information contained in this publication is believed to be accurate and has been obtained from sources believed to be reliable but cannot be guaranteed and is subject to change. GRC 20/20 accepts no liability whatever for actions taken based on information that may subsequently prove to be incorrect or errors in analysis. This research contains opinions of GRC 20/20 analysts and should not be construed as statements of fact. GRC 20/20 disclaims all warranties as to the accuracy, completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies in such information. Although GRC 20/20 may include a discussion of related legal issues, GRC 20/20 does not provide legal advice or services and its research should not be construed or used as such.