Author: sujatha

Digital Transformation re-defines CCM

In complex system landscapes (especially those that have leading ERP solutions that are capable of handling huge data) defining an approach for Continuous Control Monitoring can be overwhelming. The nuances of the very many configuration, master data and transaction controls in the system, when coupled with authorization mechanisms can influence the effectiveness of the controls.…

Read the full article

Information Security

What is the best practice approach that can help create a solid framework for establishing Information Security policies, procedures and practices? One needs to recognize the various aspects of information security as enunciated in COBIT and other world-wide standards and understand the impact of data privacy laws on information security. Information security is the practice…

Read the full article

Know the difference ………..

Many people have asked me whether internal controls monitoring is sufficient to unearth suspicious transactions, abuse of processes or frauds. Do you really need another fraud investigation exercise? Both exercises have different objectives and perspectives and answers different needs (e.g. do we need to prevent or detect, examine historical or current data, use predictive or…

Read the full article

Risks caused by frauds

I have wondered many a times what makes this topic interesting at once but dealt with in hush-hush tones when there is an anonymous whistle blown. Why do organizations and those in the higher echelons postpone / neglect or trivialize the need to look at this risk a little closer (even before an incident happens)?…

Read the full article