Smart IT compliance: Continuous testing and monitoring of IT controls

May 2017


Diligent, continuous monitoring and testing form the backbone of an effective IT compliance and controls program that supports IT strategy, while identifying and proactively remediating weaknesses in controls and processes. The intelligence such a program produces can be fed back into management’s risk and controls assessment process to provide deeper insight into the level of management preparedness – that is smart IT compliance. Such insight helps unlock the potential of a sustainable IT compliance program because successful compliance activities are not always ones that produce a positive result but ones that identify weaknesses in process design and operations. This feedback loop helps evolve the compliance program, as it gets smarter with time. 


The case for smart IT compliance

A point in time approach is no longer enough to address on-going IT compliance. There are simply too many evolving regulatory expectations and risks to manage and monitor without a centralized, risk-based approach. The key to effective IT compliance is to not only establish an effective, on-going monitoring program but a model that evolves and learns from the results of compliance monitoring, changing complexities of the business landscape and gets more agile as the program matures. Enter ‘smart IT compliance’.

How we can help

PwC’s Internal audit, compliance and risk management solutions practice helps you anticipate the risks that can threaten your strategic growth.

Contact us

Princy Jain
Controls Testing & Monitoring Solutions Leader
Tel: +1 (408) 817 3870

Seth Rosensweig
Internal Audit Analytics Leader, PwC US
Tel: +1 (646) 471 6762

Dhiraj Malhotra
Internal Audit, Compliance & Risk Management Solutions Partner
Tel: +1 (415) 498 8461

Follow us