The following is an excerpt from Michael Cangemi’s July 2012 article “From Continuous Auditing to Continuous Monitoring – You Should be the Champion” published in the ISACA Journal. You can read the complete article by clicking here.

It is often said: It is better to understand than to be understood. When a career, which started in IT audit, runs through positions including chief audit executive (CAE), chief information officer (CIO), chief financial officer (CFO), chief executive officer (CEO), public company director, audit committee chair, as well as a 20-year stretch as the editor- in-chief of the ISACA Journal, what would you expect next? I doubt many of you would have expected a concentration on, of all things, continuous monitoring (CM). When Pfizer was facing the loss of its patent protection on Lipitor, would you expect them to turn to CM? I’ll explain this one later. The central themes to my long career include business development, finance/accounting and information technology. I started out on Wall Street at 16, and the first computer arrived at the firm while I was in college studying accounting. My big break came when a search was made for a CFO who could advance the use of technology to grow the business. The one skill set that propelled my career was the use of technology: first in audit, then in finance, and then in management. Technology, combined with a passion to advance the organization’s development and performance, was the ticket to success. Technology’s expansion kept the wind at my back. Now that I can choose whatever I want to focus on, I like to spend my time with technology companies. Within technology I have a chance to promote what I have always regarded as key: CM. When I was first exposed to automated auditing in the 1970s, it fueled a desire to see a paradigm shift away from traditional backward-looking audit methods to real time. As an early adopter of computer technology for governance, risk and compliance (GRC), I predicted the explosive growth of continuous automated auditing. In fact, I predicted it at least a half dozen times! Well, even a broken clock is correct two times a day! My vision of the future was to come, but much more slowly than I expected. But, come it has! These days, there is an ever-expanding, Orwellian interest in monitoring in general. Think of cameras looking for terrorists, credit card fraud monitoring, traffic-signal violations monitoring, medical-condition monitoring; however, in financial areas, we have tended to focus on continuous assurance/auditing and continuous controls monitoring. This is the era of big data, which are large pools of data that can be captured, communicated and analyzed. With advancing high-speed computer processing, CM systems are being deployed using automated advanced analytics to sift through the large volumes of structured data, such as financial transactions, that comprise a large part of an organization’s big data. Available software employing intelligent, proprietary and, in some cases, patented techniques highlights and, electronically of course, passes on to humans actionable information for follow up. Think about how IBM’s Watson computer sifts through reams of data to estimate and weigh correct answers, allowing it, a computer, to compete against Jeopardy’s human champions. Last year, I coauthored a research paper titled “The Benefits of Continuous Monitoring.” Under the direction of Financial Executives Research Foundation (FERF), and its Committee on Finance and Technology, the authors interviewed major companies to determine the level of understanding in organizations regarding CM and the state of plans for implementation. The study confirmed what this former IT audit specialist always knew: While CM has some of its roots in continuous assurance monitoring, it is expanding at a rapid pace in many organizations.

Click here to read the full article.