Control Maturity Assessment


Control Maturity Assessment 
Compliancy Brochures 
Compliancy Whitepapers 

Related Links

<Return to Home Page>

FCPA Cloud Service special limited time offer

The Compliancy difference

Cloud Services

On Site Configuration offerings

Critical attributes for an automation solution


White papers

Register for updates about Compliancy

Contact us ....



It is important to understand where you are on Control Maturity so you can determine what actions to take to create value for your business from your GRC (Governance, Risk Management, Compliance) solution. 


For example, like many companies, you may have started with manual processes in order to comply with the regulations by the deadline.  Now you are looking at ways to automate your controls to reduce your costs and increase your efficiency. 


You also want to be able to leverage your existing investments and customize your solution to best fit your company's and industry's unique requirements.  


However, just as Internal Controls are a process, so is the development, optimization and transformation of Internal Controls into business value. 


Basic automation is only the first important step to reducing costs.  The next step is to optimize your automation and then integrating your internal controls into your business processes.  This is the only way you can realize value from your investment. 


The following chart provides a summary of the Control Maturity Continuum and the key items you need to consider as you evaluate your compliance technology investments.



Control Maturity Continuum Check Lists


In order to assist you in your assessment, Compliancy has put together a set of check lists for the Automate, Optimize and Transform steps.  Please contact Compliancy with any questions. 


Check Lists: 

Automate (Basic)

These are the basic automation capabilities.  This is not an all-encompassing list but the key elements you should assess. 

  • Control procedures are automated to reduce manual costs
  • Control certification/assertions are automated for reporting status
  • Control testing is automated for assertion testing
  • Control audits are automated for status and reporting
  • Every control decision, approval, test point and other control certifications are automatically recorded for full complete tracking and better audit-ability.
  • All Control activities at all levels can be certified and viewable.
  • Controls for detection of issues post transaction are automated
  • Authority and responsibility of duties is identified and integrated into automated procedures
  • Signature image certification can be included in control for certification.
  • Secure document storage and distribution
  • Controls are documented and maintained via workflow for routing, version control and accountability
  • Documents used by controls are maintained via workflow for routing, version control and accountability
  • Documents have secure storage and distribution with an audit trail
  • Consolidated view of controls is provided showing relations for easier management
  • Relational consolidated view of control data to more efficiently maintain control procedures
  • Predefined and customizable workflow templates for Control processes.
  • Easy point and click scheduling for monitoring, testing, certifications, audits, and reporting.
  • One button on-demand triggering for monitoring, testing, certifications, audits, and reporting procedures.
  • Forms driven control procedure development and change management to enable less technical users to initiate/change control processes at a lower cost 



Optimized automation moves you from working on issues and control results “after the fact” to preventive management, i.e., being provided information in real-time through continuous monitoring about the status of controls and transactions to identify issues prior to problem.   


This reduces costs even further by reducing the cost of testing and issue management as well as avoid reporting issues and improving risk management overall for the company. 

  • Continuous real-time monitoring of controls can be specifically created for greater responsiveness and flexibility.

  • Transactional controls for integration of external application controls providing complete business process control loop coverage.

  • One-button real-time financial report generation for most up-to-date information.

  • Real-time Dashboard management oversight to increase responsiveness and provide early warning indicators.

  • Easy to read graphical view of process workflow status about each incident of a workflow process including control status, steps completed, when completed, steps active and length of time. 

  • Easy to read statistical summary of process workflow to measure and assess process including average time to complete a process or task, cost of implementing a process, and cost of each step. 

  • Audit data can be compared against data from other systems for validation.

  • Can specify who gets what information for a process so that only relevant information is routed to individuals to reduce confusion and more effectively enable actions.

  • Automated preventive controls can be defined to identify issues pre and/or during transaction to “prevent problems” therefore reducing risk and costs.

  • Issues management can be completely automated and integrated with processes, people, and certified resolutions to reduce cost and time of manual issue management.

  • Issues management is integrated with reporting for faster and more complete disclosure.

  • Automation and events can be business rules driven for better integration with business process and more effective automation of risk management.

  •  Integrated authorization security for responsibility identification, certification, and change management.

  • Forms driven control procedure development and change management to enable less technical users to initiate/change control processes at a lower cost.



The ability to create value from your compliancy solution is directly related to how well you can integrate your compliance controls into your business processes.   As part of the entire business process, management can view the compliancy controls as part of the entire business decision making process.  The net is better streamlining, more effective business decisions and quite literally a competitive edge in the market. 

  • Automate and manage entire control life-cycled from definition, documentation, control procedure implementation, testing and assertion, audits, issue management, reporting and control change/retirement.

  • Can be extended to include current or new business processes as an integrated management system for greater efficiency, greater control and easier change management.

  • Control and monitoring can be extended and scaled across the enterprise to integrate other applications, business units and geographies.

  • Complete integration possible across all processes, documents, applications and people unlike component or single point solutions.

  • Business process automation modeling tools available for customized business process development. 

  • Visualization of workflows with real-time updating of status.

  • Provides coverage of every level including automated control procedures at the entity for corporate audit control and testing, process for process level automation, and transaction level for integration with external applications.

  • Can be integrated with existing business workflow processes and other auditing applications, existing document management systems, and across other applications with control processes for a single view of the entire process.

  • Allows for collaborative process modeling with granular security controls.

  • Flexible task assignment that allows business roles to be assigned to a variety of tasks.


For more information contact us at or call +1-919-806-4343.


Copyright (©) 2006-2013 Compliancy Software, Inc. All rights reserved.