Continuous Auditing / Continuous Monitoring (CA/CM) 

Management and internal audit departments continue to actively seek new ways to gain access to valuable and timely information to manage risk and improve performance. Such efforts increasingly include Continuous Auditing and Continuous Monitoring (CA/CM) of organizational systems, processes, transactions, and controls.

KPMG's CA/CM Services are delivered by multidisciplinary teams to help clients assess, design, implement, and evaluate continuous auditing and continuous monitoring systems and processes focusing on control effectiveness, fraud and misconduct prevention and detection, policy and regulatory compliance, and performance improvement. KPMG professionals can assist with all phases of the CA/CM implementation process, including among others: Developing a CA/CM strategic plan; building an effective CA/CM business case; identifying key stakeholders and assisting with defining success criteria and related measurements; and performing risk assessment and data analytics to identify valuable CA/CM areas.


KPMG’s CA/CM Services bring greater efficiency, enhanced controls, earlier information, and reduced complexity.


  • A globally consistent, multidisciplinary team approach, integrated with Governance, Risk, and Compliance
  • Depth and breadth of R&C and Advisory functional skills to drive content development including an array of advisory, accounting, finance, tax, and technology professionals with deep industry knowledge
  • Objective and pragmatic advice to evolve a customized program
  • Ability to leverage alliances with key tool vendors for teaming


Potential Benefits

Continuous Auditing


  • A platform to continuously assess risk for audit planning and scoping purposes
  • Increased coverage and frequency of audits
  • Automated components of the audit program, audit tests, or review procedures
  • Known control gaps and deficiencies can be continuously audited
  • Ability to proceed with root cause analysis for errors, policy violations, fraud, and misconduct in a timely manner


Continuous Monitoring

  • More time for value-adding analysis instead of error correction
  • Reduced manual SOX testing
  • Control gaps and deficiencies monitored for circumvention and/or exploitation
  • Regular and frequent insight to avoid potential regulatory noncompliance
  • ERP system or business process limitations and deficiencies addressed
  • A mechanism to automate manual controls and processes

Share this

Share this


            James R. Littley

James Littley
Lead Partner

Submit an RFP

Questions to Consider

Continuous Auditing

  • Does your current audit risk assessment process continuously identify trends, patterns, and emerging issues for audit consideration and dynamic audit planning?
  • Does your current internal audit process lead to more efficient and effective auditing and assist in focusing auditing efforts on higher risk areas?
  • Is internal audit interested in leveraging technology and data analytics more effectively as part of the audit risk assessment, audit planning and audit execution processes?

Continuous Monitoring

  • Is your organization receiving timely and comprehensive feedback on the effectiveness of the control environment and your employees’ compliance with your organization’s policies?
  • Is your organization evaluating ways to improve risk management, operational performance, and/or profitability (e.g., cost optimization, revenue enhancement activities, etc.)?
  • Do your organization’s current monitoring activities increase the detection and prevention of fraud, misconduct, and regulatory noncompliance and reduce the number of incidents?