Newsletter | Volume 1

Issue I
Issue II
Issue III
Issue IV
Issue V
Issue VI
Issue VII
Issue VIII
Issue IX
Issue X
Issue XI
Issue XII
Issue XIII
Issue XIV
Issue XV
Issue XVI
Issue XVII
Issue XVIII
Issue XIX
Issue XX
Issue XXI
Issue XXII
Issue XXIII
Issue XXIV
Issue XXV
Issue XXVI
Issue XXVII
Issue XXVIII
Issue XXIX
Issue XXX
Issue XXXI
Issue XXXII
Issue XXXIII
Issue XXXIV

click here to

Subscribe to our newsletter



To Unsubscribe click here

The need of Governance and IT-Governance; a human hand behind all automated controls as there are no such thing as fully automated IT-controls!



It is more important than ever to have a good IT-Governance structure and under control, as we are more exposed today in a much more complex IT-environment than in the past. The risk map needs to be redrawn continually and in different dimensions. Some of the risk areas that have emerged such as on the compliance agenda within the General Data Protection Legislation, an increased velocity regarding the Cloud services with the inherent risks for cyber-attacks and hacking. The inevitable digitalisation gives opportunities as well as business risks. All these risks and combined risks examples are issues that must be on the board of directors' agenda - compliance, internal control, IT-infrastructure and business risk linked to IT.

To be a myth buster; There are no fully automated controls! History shows that there is always a human hand behind all checks and balances; direct or indirect. For example, fraudsters love to bypass the control environment and inappropriate segregation of duties is one of the components that give a foundation for increased risks of internal violations or mistakes. Complex IT-systems of today, often integrated with business partners and its' different level of IT-maturity, such as within B2B, supply chain, outsourced activities to service providers and they need to be incorporated into the IT governance structure and to be under control. It is actual named internal control, not internal faith!

Contribution by Copenhagen Compliance Associate Henrik Frössling, based on an extensive assignment on internal controls at The Volvo Group.