The views and opinions expressed in this article are those of the thought leader as an individual, and are not attributed to CeFPro or any particular organization.
By Samikendra Ghosh, Global Lead – Third Party Risk (Retail, Wealth & Private Banking), HSBC
Why is continuous monitoring a valuable tool to monitor risks?
The objective of continuous monitoring & assurance (CMA) as a tool is to understand any emerging themes or trends to the expected behaviors / outcome of the controls. This approach allows better insights to understand – what are the outliers, understand root cause, identify any systemic theme driving those root cause and help formulate remediation steps required to bring them back to the expected control outcome.
CMA can be done using a wide variety of ways such as using a set of defined measures often called Key Control Indicators to Key risk events against a set threshold being reported periodically or reviewing alerts generated from any surveillance based tools for targeted risk monitoring such as cybersecurity events.
Key is to evaluate the functionality and continued relevance for the CMAs as a tool and keep them updated for effective results. Also use of CMA also allows one the opportunity to also keep the monitoring dynamic with agile ways to manage changes.
CMA also can influence opportunities to streamline upstream and downstream processes used in the organization throughput the lifecycle of Third Party Management. It services the role of road testing the overall operational and design effectiveness of controls developed in the process.