Issues with Configurable Controls

  • by Jamie Levitt, Manager, PwC
  • June 19, 2012
Learn a few basic points about configurable controls, specifically about detective and preventive controls. 
Configurable controls have a low cost to implement and operate because once they are implemented, they prevent 100 percent of problematic transactions by disallowing these transactions to process. The issue with configurable controls, however, is that they are absolute, whereas most business processes are not. Most business processes cannot process transactions in exactly the same way 100 percent of the time as there are always exceptions to the norm (e.g., financial close, small business units, and newly acquired businesses).

Jamie Levitt

Jamie Levitt, CPA, CISA, is a manager for PwC in the US. Jamie has more than nine years' experience in SAP. Jamie has helped develop a significant amount of PwC’s thought leadership and tools, including SAP ITGCs/Basis for PwC globally. She has extensive experience with risk and controls optimization programs from both an external audit and advisory capacity, training of the PwC global firm, and client training. Her current core focus is continuous monitoring methodologies specializing in the process solutions of continuous controls monitoring and continuous transaction analysis. Jamie has spoken at GRC in 2011, 2012, and now in 2013. Previously Jamie worked for Turnkey Consulting in the US. She led Turnkey's US operations. Prior to her role at Turnkey, she worked for PricewaterhouseCoopers in the UK and US as a manager.

See more by this author


Comments

7/11/2015 2:04:19 AM
Pankaj Thakker

Hi Jamie,

This is really good article.

This is really simple but effective thoughts to implement the controls.

I would request you to share what all controls (detective and preventive) that you have implemented or experience, so I can share with my clients.

Regards,
Pankaj.

Please log in to post a comment.

To learn more about subscription access to premium content, click here.