CHAPTER NINE

Addressing Compliance and Risk Management Challenges through Automation

ORGANIZATIONS INVESTED MILLIONS OF DOLLARS on initial compliance and subsequently spent as much as 80% of those same dollars in year two refining documentation, testing, and remediating control weaknesses. Now that they have moved past year three and beyond, companies are exploring automation as a means for making the ongoing compliance process more efficient and less costly.

As a result of several factors, not the least of which is a lack of integrated testing as well as a significant amount of manual compliance testing and reporting, external audit costs increased-in many cases, significantly. In addition, the anticipated reduction of subsequent-year audit fees has not been realized. Lack of automation also has contributed to the high cost of compliance. In many organizations, a high number of manual controls still remain, and a substantial amount of manual testing continues to occur.

Compliance monitoring, testing, and reporting automation can play a key role in achieving process improvement and efficiency. When implemented effectively, technology enables an efficient, repeatable, and reliable process that can significantly lower the cost of compliance and offer increased visibility into the business. It also can strengthen the control environment, increase data integrity, improve process efficiency, and minimize risk by providing better visibility into control issues, allowing organizations ...

Get Enterprise Risk Management Best Practices: From Assessment to Ongoing Compliance now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.