Close

Are you in compliance?

Don't miss out! Sign up today for our weekly newsletters and stay abreast of important GRC-related information and news.

×

Status message

Start your free, no obligation 5-day trial to continue exploring with full access.

The continuous improvement cycle in compliance

Tom Fox | March 27, 2018

There are two basic tools in the continuous improvement cycle for any best practices compliance program. They are monitoring and auditing, but they can be misunderstood due to some basic differences.

Monitoring is a commitment to reviewing and detecting compliance variances in real time and then reacting quickly to remediate them. A primary goal of monitoring is to identify and address gaps in your program on a regular and consistent basis across a wide spectrum of data and information.

Auditing is a more limited review that targets a specific business component, region, or market sector during a specific timeframe to uncover and/or evaluate certain risks, particularly as seen in financial records. You should not assume that because your company conducts audits, however, that it is effectively monitoring. A robust program should include separate functions for auditing and monitoring.

Although unique in their respective protocols, the two functions are related...

Buy this article for $49, or subscribe to Compliance Week for a month at $149 and get unlimited article access for 30 days.