Newsletter | Volume 1

Issue I
Issue II
Issue III
Issue IV
Issue V
Issue VI
Issue VII
Issue VIII
Issue IX
Issue X
Issue XI
Issue XII
Issue XIII
Issue XIV
Issue XV
Issue XVI
Issue XVII
Issue XIX
Issue XX
Issue XXI
Issue XXII
Issue XXIV
Issue XXV
Issue XXVI
Issue XXIX
Issue XXX
Issue XXXI
Issue XXXV

click here to

Subscribe to our newsletter

To Unsubscribe click here

Continuous Monitoring and Auditing of GRC processes are vital

“If you think compliance is expensive, try noncompliance.”
- Former U.S. Deputy Attorney General Paul McNulty

Continuous Monitoring and Auditing of GRC processes are vital.

Once you have identified your key risks and your risk response, it is necessary to monitor them. For the sake of clarity, it can be relevant to differentiate between various types of risks.

Risk of non-performance:
Long lead times of Order to Cash process potentially causes cash issues. Safety incidents cause absence reporting to increase

Risk of non-compliance:
Internal non-compliance. Sending incorrect invoices causes extra costs and damage to reputation. The use of paper is minimal and only environmentally friendly paper is used

External non-compliance:
Lacking sign-off of contracts potentially causes incomplete revenue statements. Spillage of oil causes non-compliance with applicable laws.

We are facing mounting regulatory compliance issues driven by mandates, legislation, financial audits and litigation. In any operation companies continue to retain and store critical business records on paper despite the risks that it poses.
  • A robust document management application requires robust user authentication with IDs and passwords to retrieve, view or share documents.
  • To protect your business from compliance violations and penalties, it's essential to have the ability to track and report and have an audit trail.
  • A complete document management system that provides user or document tracking and reporting.
  • Having an IT platform to place this monitoring and auditing capacity is the first step to ensure compliance.
  • A centralized document management system helps streamline any potential needs that may stem from audits or litigation (e-discovery) and limits the possibility of missing documents.

One of the important speeches on IT is:
Retooling IT Systems for Better Risk Analysis
  • How to do a better job of assuring compliance
  • Spotting risks before they metastasize into something that threatens the enterprise
  • How you can revamp your IT systems to confront that new world
  • How organizations can leverage technology and data analytics across borders to drive compliance and risk monitoring
  • How to respond properly if an IT compliance failure occurs while managing the related data privacy and security risks frequently created through these efforts

Jan Nygaard Nielsen Ph.D. Managing Principal, Netcompany Please read the whitepaper on: The Role of Continuous Monitoring and Auditing in GRC