Internal Control from ComplianceNow is designed to make the process of internal controls focused, documented, responsive and effective.
Focused because we see that companies might have the ambition to execute controls in their organizations but lack the framework to carry them out and stay on track. The ability to Document is crucial since the IT control process is a continuous and repeatable process with layers of documentation requirements, from initial control description through to the control, approval and possible later external audit of the control.
Responsive is an important element since a lack of responsiveness is probably the most common reason for not getting the control process running or concluding it. Therefore, the framework must facilitate a responsive process through the timely delegation of controls to the right people, issuing reminders when tasks are not completed automatically moving the controls along for final approval. Internal Controls is not a priority task for most people in an organization, if any; which is why this process must be as Effective as possible, thus easing the workload of the involved personnel.
What is Internal Control from ComplianceNow?
Internal Control is a SAP-integrated framework supporting the documentation and execution of your company’s controls. Controls related to your SAP processes as well as controls relevant to other applications or even non-IT controls could be included in the scope. Internal Control comes with a predefined control library covering standard controls supporting Finance, Procure to Pay, Order to Cash, HR & Payroll, Basis & Security and more. The controls can be configured with a Control Executer, frequency and Approver. The pre-defined controls can easily be maintained, or you can extend the control library by defining your own controls.
Is Internal Control a challenge?
The challenges related to Internal Controls are centred around getting the job done. So why isn’t the job getting done? Today the general focus on IT Compliance is increasing rapidly and even though internal controls are not a new thing to most organisations, their scope is increasing and external auditors are calling for a process to support the requirements.
We might not all see the challenges of internal controls equally but for most companies this is either new territory or it is an area that is getting more and more attention. The topics listed below provide an overview:
- Focus on protecting business criticalities is increasing as a consequence of more legal regulation and extended internal and external audit requirements, not to mention GDPR.
- No central framework is used to document and execute controls. Controls are well hidden in Excel sheets by local control owners around the organisation.
- Executing controls is time-consuming as it is carried out continuously throughout the year, often with multiple follow-ups to the delegates who are getting the controls done.
- What is the overall control picture, what has been done, and what is outstanding? Supporting the auditor is time consuming and in general an unsatisfying process.
Why should I focus on On Internal Controls?
Defining your control framework will give your organization confidence that relevant actions have been put in place to control the company’s assets. The actual execution of the controls will provide certainty that the controls defined are not compromised (or that they are). Finally, having a structured and documented control process will allow smoother audit processes.
Follow us on LinkedIn and get instant access to our latest articles and posts on SAP and compliance.