Consider Solutions

Thanks to the respected industry analysts Gartner Group and recent reports including “Magic Quadrant for Continuous Controls Monitoring” by French Caldwell, Paul E. Proctor, dated March 23, 2010, a generally accepted definition of CCM is emerging.

It covers the key elements of controls monitoring required to get 360 degree visibility on real control and risk exposures. The four pillars of CCM as defined by Gartner are as follows:

1. User Access Controls Monitoring & Remediation (CCM-SoD)
2. Application & Process Configuration Controls Monitoring (CCM- AC)
3. Master Data / Static Data Controls Monitoring (CCM-MD)
4. Business Transaction Monitoring (CCM-T)

To effectively address the business controls issues with confidence, these four pillars need to be planned and executed with each pillar informing evidence derived from its peers. When evaluating or implementing GRC and CCM technologies, ensure that your advisors and service providers have a plan to address the full landscape, even if one pillar is accelerated as a first phase.

The full report can be downloaded from here.