April 2014 SAI GLOBAL. Delivering Effective Compliance Solutions & Architecture. Solution Viewpoint Governance, Risk Management & Compliance Insight
|
|
- Annabella Beasley
- 8 years ago
- Views:
Transcription
1 April 2014 SAI GLOBAL Delivering Effective Compliance Solutions & Architecture Solution Viewpoint Governance, Risk Management & Compliance Insight
2 Table of Contents Executive Summary Surmounting Pressures on Corporate Compliance The Winds of Change Blow on Compliance Battling the hydra of compliance:... 4 Compliance in The Midst of Transformation SAI Global: Delivering Effective Compliance Soutions & Architecture.. 4 The Value of SAI Global... 5 Capabilities of SAI Global... 6 SAI Global Delivers on Compliance Solutions & Architecture:... 7 Considerations for SAI Global... 9 GRC 20/20 s Final Perspective TALK TO US... We look forward to hearing from you and learning what you think about GRC 20/20 research. GRC 20/20 is eager to answer inquiries from organizations looking to improve GRC related processes and utilize technology to drive GRC efficiency, effectiveness, and agility.
3 SAI GLOBAL Delivering Effective Compliance Solutions & Architecture EXECUTIVE SUMMARY The trends and forces shaping compliance transformation require organizations to develop a strategy and architecture for managing compliance in a dynamic, distributed, and demanding environment. The challenge is that compliance and ethics have become moving targets. As a result, compliance is becoming the way we do business as opposed to obstacles to business. To enable effective, agile, and efficient compliance; organizations are developing a compliance information and technology architecture that is dynamic, proactive, and information-based. Compliance architecture transforms the elements constituting an ethics and compliance program to not only make them more effective, but also more efficient and agile. SAI Global is a GRC solution that GRC 20/20 has researched, evaluated, and reviewed with organizations that are using it in distributed and dynamic business environments. SAI Global delivers on compliance architecture through an integrated process, information/ content, and technology platform to enable compliance processes that are effective, efficient, and agile. They do this through a breadth of professional services, technology, and content resources that span the globe, and have demonstrated success in helping organizations across an array of industry verticals. SURMOUNTING PRESSURES ON CORPORATE COMPLIANCE THE WINDS OF CHANGE BLOW ON COMPLIANCE Compliance and ethics is not the same today as it was just a few years ago. The trends and forces shaping compliance transformation require organizations to develop a sustainable strategy and architecture for managing compliance in a dynamic, distributed, and demanding environment. In the past, compliance was distributed and disconnected. Even when organizations had a centralized compliance function to manage critical compliance issues, compliance really was fragmented and distributed across the organization with varying structures, accountability, and approach taxing the business, ultimately leading to inefficient and redundant approaches. Compliance functions relied on document-centric and manual processes that were not integrated, creating challenges in accountability, reconciliation, and reporting. Compliance offices spent more time consolidating the fragmented information than they did actually managing and improving compliance. The line of business was overwhelmed with inconsistent formats for policies and procedures, issue/incident reporting, and assessments that were appearing in their inbox on a weekly basis. With the globalization of business, compliance and ethics has become complex, across jurisdictions, geographies, and cultures as organizations struggle to maintain compliance. This is complicated by the distributed and dynamic nature of the modern organization which has a complex web of employees, suppliers, vendors, contractors, consultants, and other third parties, causing a mesh of compliance risk that is difficult to unravel and manage as the organization is constantly evolving. Business is dynamic: employees, relationships, regulations, risks, economies, litigation, regulation, and legislation are constantly changing. The challenge is that compliance and ethics have become moving targets. Organizations are seeing increased scrutiny and focus on compliance and ethics activities from several sources. Regulatory change in several industries has more than doubled in the past few years. Enforcement agencies have grown more sophisticated in assessing real versus fictional compliance efforts. They are peeling back the paper to look at how effective operational compliance programs truly are. With increased enforcement actions, organizations are seeing greater challenges to managing and monitoring their compliance and ethical risk. The Bottom Line: Compliance architecture transforms the elements constituting an ethics and compliance program to not only make them more effective, but also more efficient and agile GRC 20/20, LLC; Licensed to SAI Global for Redistribution Solution Spotlight 3
4 COMPLIANCE IN THE MIDST OF TRANSFORMATION Compliance is undergoing fundamental change. Surmounting pressure upon organizations require them to rethink compliance across the organization. Compliance is taking more responsibility for the integrity as well as corporate social responsibility of the organization and going beyond mere regulatory compliance. Compliance is moving away from being understood as the corporate cop, as it shifts to focus on the integrity of the organization. Compliance and ethics are becoming how we do business as opposed to obstacles to business. Compliance and ethics oversight is increasingly being centralized under a role of a Chief Ethics and Compliance Officer (CECO) with stronger executive and board relationships. Compliance operations and processes are becoming federated to overcome the inefficiencies of the decentralization of the past. This results in compliance leading to an integrated GRC (governance, risk management and compliance) strategy that often coordinates with other functions of risk and audit. To enable effective, agile, and efficient compliance; organizations are developing a compliance information and technology architecture that is dynamic, proactive and information-based. The goal is to develop a compliance system of record that: Aligns with stakeholder demands for transparency and accountability; Functions as a strategic role of monitoring integrity across business operations, transactions, and relationships; Provides a defensible system of accountability to regulators and others when questions arise; Utilizes the latest technologies to improve compliance effectiveness, efficiency, and agility; Allows compliance practitioners to better target resources, resolve issues, and keep current with changing business and regulations; and BATTLING THE HYDRA OF COMPLIANCE: Like the multi-headed Hydra in mythology, these redundant, manual, and document-centric approaches of the past are ineffective. As the Hydra grows more heads of regulation, ethical challenges and obligations, scattered compliance departments become overwhelmed and exhausted and start losing the battle. A reactive approach to compliance, with silos of compliance operations never coordinating and working together leads to greater risk to the organization. This piecemeal approach increases inefficiencies and the risk that serious matters will go unnoticed. Redundant and inefficient processes lead to overwhelming complexity that slows the business; all the while the business environment requires greater agility. Demonstrates the effectiveness of an organizations compliance program, bringing together key compliance information in a format that can be easily analyzed by the compliance office. Compliance architecture not only delivers demonstrable proof of a compliance program but also allows compliance to be proactive and forward-looking. This shift enables the ethics and compliance organization to have greater efficiency in processing and managing information, become more effective in ensuring corporate integrity, and more agile in addressing rapidly changing business, regulatory, legal, and reputational risks. The bottom line: Compliance requires process improvement, technology automation, collaboration, and sharing of information driven by an integrated information and technology architecture. Effective compliance delivers the ability to meet requirements, achieve human and financial efficiency, and meet the demands of a dynamic business environment. Compliance architecture transforms the elements constituting an ethics and compliance program to not only make them more effective, but also more efficient and agile. SAI GLOBAL: DELIVERING EFFECTIVE COMPLIANCE SOUTIONS & ARCHITECTURE Compliance architecture supports compliance processes and utilizes technology with integrated information to provide insight in context of compliance information, drive systemic improvement of compliance processes, and deliver actionable information for metrics and benchmarking. Compliance architecture enables compliance processes to achieve an integrated picture of information and situational awareness. GRC technology can enable a better performing, less costly, more flexible compliance function. SAI Global is a GRC solution that GRC 20/20 has researched, evaluated, and reviewed with organizations that are using it in globally distributed and dynamic business environments. SAI Global delivers on compliance as well as broader GRC architecture through an integrated process, information/ content, and technology platform to enable compliance processes that are effective, efficient, and agile. The array of offerings from SAI Global provides a full portfolio of compliance advisory services, content (e.g., training, regulatory), with a software platform in the Compliance 360 solution that delivers integrated compliance architecture. SAI Global s mission is to help organizations measure and understand corporate and compliance risk, apply best practices to reduce exposure and enable the organization to react quickly to changes in compliance risk and regulatory environments. With SAI Global the organization can inform and educate employees on policies, monitor changes to regulations, track adherence to obligations, document evidence of compliance, monitor enterprise risks, and 4 Solution Spotlight 2014 GRC 20/20, LLC; Licensed to SAI Global for Redistribution
5 manage governance processes such as incidents and audits. With strength across major industry verticals, SAI Global has experience delivering innovative consulting, content, and technology to meet the GRC demands of highly regulated and dynamic organizations. GRC 20/20 has interviewed and engaged several SAI Global customers and finds them to be very satisfied with the GRC solutions over the course of time, and generally optimistic about the direction of the company. While some GRC solution providers have stretched themselves thin by promising the world and not delivering on it, SAI Global has demonstrated focused growth with a commitment to customer success. THE VALUE OF SAI GLOBAL Successful governance, risk management, and compliance (GRC) delivers the ability to effectively mitigate risk, meet requirements, satisfy auditors, achieve human and financial efficiency, and meet the demands of a changing business environment that requires agility. GRC solutions should achieve better performing processes that utilize more reliable information. This enables a better performing, less costly, more flexible business environment. Clients engage SAI Global with the goals of understanding and managing risk, ensuring compliance with obligations, improving human and financial efficiencies, enhancing transparency, and managing GRC in the context of business change. GRC Efficiency GRC solutions provide efficiency and savings in human and financial capital resources. Technology solutions that support business and GRC processes reduce operational costs by automating processes, particularly those that take a lot of time consolidating and reconciling information in order to manage and mitigate risk and meet compliance requirements. GRC efficiency is achieved when there is a measurable reduction in human and financial capital resources needed to address GRC in the context of business operations. The organizations researched by GRC 20/20 identified the following efficiencies by engaging SAI Global: Reduction in FTEs (full-time equivalent) in compliance processes such as policy management and incident management allowing for reallocation of resources to other compliance tasks. Ease of configuration delivers cost savings, as the organization does not need internal or external programmers to customize the platform. The consistency in how SAI Global solutions integrate and work together reduces the amount of work needed by the organization. The ability to free-up resources that were spending significant time compiling information from documents, spreadsheets, and s allows more time to proactively manage and run the GRC program as opposed to being swamped with tactical tasks and documents. The ease of reporting and accountability through automation minimizes manual unrewarding compliance tasks of the past. GRC Effectiveness GRC solutions achieve effectiveness in risk, control, compliance, audit, and business process. This is delivered through greater assurance of the design and operational effectiveness of controls to mitigate risk, achieve performance, protect integrity of the organization, and meet regulatory requirements. GRC effectiveness is validated when business processes are operating within the controls and policies set by the organization and provide greater reliability of information to auditors and regulators. The organizations GRC 20/20 interviewed reported the following effectiveness through utilizing SAI Global solutions: SAI Global solutions are easy to use and therefore have greater use and adoption across the organization making GRC and compliance particularly more effective. The ability to easily build workflows, forms, and configurations makes the SAI Global solution effective for managing compliance in a changing environment. SAI Global has improved client GRC and compliance reporting capabilities resulting in more effective risk management. Their training solutions have shown creativity and enable engagement and understanding of diverse and distributed workforces to comprehend what is required of them to be compliant and meet corporate expectations of values and ethics. Having everything needed and integrated within one solution and one database architecture has greatly While some GRC solution providers have stretched themselves thin by promising the world and not delivering on it, SAI Global has demonstrated focused growth with a commitment to customer success GRC 20/20, LLC; Licensed to SAI Global for Redistribution Solution Spotlight 5
6 improved effectiveness of compliance reporting. SAI Global solutions have allowed the organization to shift overall responsibility and accountability for risk and compliance to the lines of business. The solution delivers better notifications and tracking of compliance reviews, reporting and storing information, and providing an effective and defensible evidence trail of interactions. The solution has enabled more effective risk management by allowing distributed risk owners to take greater responsibility. GRC Agility GRC solutions deliver business agility when organizations are able to rapidly respond to changes in the internal business environment (e.g. employees, business relationships, operational risks, mergers, and acquisitions) as well as the external environment (e.g. economic risk, new laws, and regulations). GRC agility is also achieved when organizations can identify and react quickly to control failures/weaknesses, non-compliance, and adverse events in a timely manner so that action can be taken. The organizations interviewed reported the following agilities in their compliance and broader GRC processes through working with SAI Global: Rapid deployment and configurability of the SAI Global solution enables the organization to address new compliance developments on time and reduce compliance risk exposure. The SAI Global solutions have enabled the organization to respond quicker with stronger decision-making. The creativity of SAI Global training solutions and services have allowed their clients to adapt and communicate changes to compliance requirements and business rapidly in an engaging manner. The consistency and ease of use of SAI Global solutions simplifies getting people on board and using the system. The solution has enabled them to move from a reactionary risk approach to an anticipatory risk approach SAI Global has enabled the organization to adapt risk appetite as the organization s internal business environment changes, risks change, regulations change, and customers change CAPABILITIES OF SAI GLOBAL SAI Global solutions help users take control and create a culture of risk management and compliance, allowing stakeholders and the board to be comfortable that they are operating within boundaries of regulations, obligations, and corporate values as the business moves forward on its strategy. GRC 20/20 has evaluated the range of SAI Global offerings and finds that it delivers a comprehensive offering across the pillars of: Technology. The SAI Global Compliance 360 platform offers a GRC platform that provides the core hub for compliance and broader GRC. The solution delivers a platform that has a variety of integrated modules to manage GRC. This is delivered as a Software as a Service (SaaS) solution that is scalable, configurable, and adaptable to client needs. SaaS enables the Compliance 360 platform to be simple to setup with minimal IT resources as well as accessible and easy to use for employees and business partners. Services. SAI Global has a team of consultants that represent a broad range of compliance expertise globally. The SAI Global Advisory and Client Services team spans across three continents and delivers risk assessments, benchmarking against best practices, cultural surveys, subject matter expertise, policy guidance and design, training needs assessments, and software implementation to address compliance and GRC requirements. Learning Content. SAI Global offers organizations extensive content to manage compliance and ethics learning and communication programs, with over 500 training courses and communication tools translated across several languages. These courses are customizable as well as integrated into the SAI Global elearning (e.g., Learning Management System) solution. SAI Global training content also includes social and gamification approaches through Storytoria.and Ethical Moments. Regulatory Content. The Compliance 360 platform has the ability to integrate laws, standards and regulations via SAI Global partners such as LexisNexis and Clear Market Practices. Using SAI Global workflow solutions organizations can assess and mitigate the risks associated with ongoing regulatory change management. The suite of SAI Global offerings of GRC technology, services, and content (including content integration with 3rd parties) sets SAI Global apart in the GRC space. This enables them to deliver across a range of compliance as well as broader GRC needs such as risk and audit management. The breadth of SAI Global offerings delivers the following capabilities to make compliance programs effective as well as efficient and agile: 6 Solution Spotlight 2014 GRC 20/20, LLC; Licensed to SAI Global for Redistribution
7 Unified Architecture. The Compliance 360 platform provides a unified technology and information architecture that acts as the central hub of GRC related processes and content. This includes content and workflow management to automate processes, reminders, alerts, and escalations. The solution contains a single technology code base and information architecture, making it scalable, flexible and adaptable, and is not a combobulation of different solutions. Through a single user interface all of the Compliance 360 modules share common functionality across workflow, content management, reporting, and project management engines. Defensibility. Core to the Compliance 360 platform is a Virtual Evidence Room that provides a defensible record of compliance and GRC interactions and activities. Here an organization can link policies, training, surveys, assessments, attestations, incidents, audits, contracts, projects and tasks to laws, regulations, standards, contracts, and other obligations to demonstrate compliance and ensure an audit ready state. This enables the organization to maintain a complete system of record about what, when, where, how, and why things were done in an organization. This provides defensible evidence that risk, compliance, and control activities are in place and operating. Adaptability. The Compliance 360 solution provides a configurable set of modules with consistent operations and functions. The unified architecture of Compliance 360 delivers flexibility to adapt to new requirements and a changing business. Risk Management. Compliance 360 enables an organization to identify, assess, prioritize, and manage risk in the organization. It facilitates the identification of risk and then automates the assessment of risks through workflow and surveys. Ongoing monitoring for risk is done through documenting evidence of operation of controls. Organizations can link risks to strategic objectives and manage risk treatment strategies such as avoidance, mitigation, acceptance, or transfer of risk. Policy Management. SAI Global provides a suite of services to help organizations review and design effective policies as well as a module within Compliance 360 to manage and communicate policies throughout the organization. Compliance 360 s policy management capabilities include the development, approval, communication, attestation, enforcement, exception management, metrics, reporting, and maintenance of policies enabling full lifecycle management of policies. This includes full workflow and content management capabilities including version control and audit trails. Policies can be accessed by employees and partners through an intuitive user-friendly portal aligned with the organization brand. Employees can easily find the current policy and read it with interactive tools to explain it to them. Policy resources and related forms are part of the Compliance 360 policy module and portal. Training & Communication Solutions. Going hand in hand with policy management is SAI Global s ethics and compliance learning solutions. SAI Global offers a suite of training courses and communication tools that can be configured to the organization s brand and specific needs. The advisory services of SAI Global can be engaged to develop custom training content and programs. Training courses are delivered with Learning Management System (LMS) capabilities to track course completion and certifications. SAI Global s predeveloped course content includes hundreds of titles covering a variety media experiences (including mobile), learning formats, lengths, and languages. SAI GLOBAL DELIVERS ON COMPLIANCE ARCHITECTURE: üüunified Architecture. üüdefensibility. üüadaptability. üürisk Management. üüpolicy Management. üütraining & Communication Solutions. üümonitoring and Assessment. üüinvestigations Management. üüdisclosures Management. üüregulatory Change Management. üümobility. üüthird Party Risk Management. üümetrics. üücontract Management. üüaudit Management. üüfinancial Control Compliance. üücompliance & GRC Program/Project Management GRC 20/20, LLC; Licensed to SAI Global for Redistribution Solution Spotlight 7
8 Monitoring and Assessment. The Compliance 360 platform delivers an architecture to conduct assessments across risk and compliance areas. The data from the Compliance 360 platform can be used by the organization in conjunction with SAI Global Services to provide benchmarking of compliance and GRC data, issues, trends, processes, and activities. The Compliance 360 Compliance Workspace enables the organization to proactively monitor obligations, send alerts, and manage assessments to identify and remediate issues and ensure compliance. Investigations Management. The Compliance 360 platform allows the organization to manage the complete lifecycle of investigations, issues, incidents, events, or cases from intake through resolution. The solution enables the collection of information, collaboration on cases, and automation through workflow and task management. Investigators can track the progress of investigations through resolution of potential issues and compile proof of remediation and preventative measures. It enables the organization to have a single system to record issues, incidents, and events. With an enterprise investigation and incident system the organization can integrate incident and loss data into risk models to improve risk management. Disclosures Management. The Compliance 360 platform enables the automation of gathering information combined with workflow and task management to manage disclosures and other compliance forms and approvals. This enables organizations to collect, store, and track disclosure information relating Conflicts of Interest; Gifts, Entertainment and Hospitality; as well as Charitable Contributions submitted by employees or other business associates, creating a centralized database of disclosures that is auditable and searchable. These disclosures are automatically routed to the proper individual(s) who can approve, deny or request more information. Regulatory Change management. The Compliance 360 platform offers a solution for managing regulatory change as well as organization and risk changes contextually. Through integration with third party data sources, organizations can bring in regulatory content as well as integrate with third party databases such as politically exposed persons. Alerts of changes can be sent to the proper subject matter expert for review and analysis with content throughout the Compliance 360 platform being tagged that is relevant to the change such as policies, controls, risks, incidents, and more. This brings complete situational awareness to the subject matter expert to determine if the change requires action by the organization.the platform supports the overall coordination of legal, regulatory, contractual and corporate policy obligations and responsibilities with associated tasks and records. When the business changes, such as through mergers and acquisitions, the organization can proactively assess and harmonize policies, controls and processes between the organizations, driving efficiency and effectiveness into business change. Mobility. SAI Global has embraced mobile technology on tablets and other devices. Issue reporting can be readily done through mobile devices. Tablets used to deliver policies, training, and other interactive content to employees particularly those without desktop workstation access. Mobile devices can be used to conduct investigations, audits and compliance assessments. Third Party Risk Management. The Compliance 360 platform enables the identification, monitoring, and remediation of third party risks. This includes ongoing due diligence with the ability to integrate with third party due diligence databases to verify business relationships. The solution spans the third party management lifecycle with capabilities across contract management, due diligence, assessments, policy and training communication, and third party audits. Metrics. Compliance 360 offers a customizable dashboard unique to each user that is personalized by including charts and graphs, alerts, reminders, reports, tasks, updates, news feeds, and other dashboard-style monitors and controls. With an information architecture integrated with external content, compliance can report on metrics and trends to track relevant information, developments, trends, and issues including key risk indicators. Contract Management. Compliance 360 enables proactive management of contracts including with vendors, service providers, customers, business partners and others. It facilitates and documents the collaboration of contracts and utilizes workflow for review and approval. Audit Management. Compliance 360 delivers an integrated audit management platform to manage the entire lifecycle of audits across audit planning, work programs, work paper management, and documentation of findings, reports, and follow-up. It also includes calendaring and resource scheduling capabilities. Financial Control Compliance. The Compliance 360 solution enables the management of internal controls for financial reporting to support SOX compliance and other financial reporting requirements. The solution enables the control assessment, compliance tracking, measurement, reporting, and monitoring. 8 Solution Spotlight 2014 GRC 20/20, LLC; Licensed to SAI Global for Redistribution
9 Compliance & GRC Program/Project Management. Compliance 360 delivers complete compliance and GRC program and project management capabilities spanning calendaring, notifications, task management, and the ability to plan specific compliance, training communication, and other initiatives as projects and report on them. CONSIDERATIONS FOR SAI GLOBAL Every solution has its strengths and weaknesses, and may not be the ideal fit for all organizations in all situations. While GRC 20/20 has identified many positive attributes of SAI Global and their extensive offering to enable effective compliance programs and other elements of GRC readers should not see this as a complete and unquestionable endorsement of SAI Global. SAI Global in the market and see them deliver integrated process, information/content, and technology to enable compliance processes that are effective, efficient, and agile. SAI Global has demonstrated focused growth with a commitment to customer success that ranks it among the most client-focused GRC solution providers. Their solution and services enable clients to get away from manual and document-centric approaches for compliance and provides an integrated approach to compliance activities and oversight. While GRC 20/20 has focused predominantly on SAI Global s ability to deliver on compliance, their solutions are also well fit to meet the needs of a range of other GRC roles and be an enterprise GRC platform for organizations across industries and geographies. SAI Global s breadth of GRC offerings is ideally suited for organizations managing diverse compliance risk challenges in dynamic, regulated, and distributed business environments. Its risk capabilities meet the needs of the majority of risk management programs, except for those requiring advanced analytics and modeling. Overall, clients have shown a high degree of satisfaction over the years with SAI Global and particularly Compliance 360. However, SAI Global has changed technology strategy over the past few years that caused uncertainty in a few relationships. GRC 20/20 feels that their acquisition of Compliance 360 in 2012 solidified their technology strategy and gave them the platform to build upon and execute their vision for compliance and broader GRC. Clients have reported that there were some bugs that were quickly addressed as SAI Global made significant changes to integrate Compliance 360 with their other offerings and expand the platform to be an end-to-end solution for effective compliance management. Clients report achieving value in engaging SAI Global through reduced time in gathering and reporting on GRC, reduction in fees paid to external resources such as auditors and regulators, clear accountability of GRC tasks, and a strong stance to demonstrate that the organization has sound practices in place for GRC. Particularly, the platform enables clients to get away from manual and documentcentric approaches to GRC, and provides an integrated information architecture that brings GRC activities together through clear accountability in workflow, task, and project and program management. GRC 20/20 S FINAL PERSPECTIVE... Compliance architecture enables compliance processes through technology and integrated information to provide insight, systemic improvement, and deliver actionable information. GRC 20/20 continues to research and follow 2014 GRC 20/20, LLC; Licensed to SAI Global for Redistribution Solution Spotlight 9
10 ABOUT THE AUTHOR Michael Rasmussen, J.D., GRCP, CCEP and OCEG Fellow Chief GRC GRC 20/20 Research, LLC Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) with specific expertise on the topics of enterprise GRC strategy, process, and technologies. He helps organizations improve GRC processes and choose technologies that are effective, efficient and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the Father of GRC being the first to define and model the GRC market in February ABOUT GRC 20/20 GRC 20/20 Research, LLC (GRC 20/20) provides clarity of insight into governance, risk management, and compliance (GRC) solutions and strategies through objective market research, benchmarking, training, and analysis. We provide independent and objective insight into leading GRC practices and processes, including market dynamics and intelligence; risk, regulatory and technology trends; competitive landscapes; market sizing; expenditure priorities; and mergers and acquisitions. GRC 20/20 advises the entire ecosystem of GRC solution buyers, professional service firms, and solution providers. We serve the needs of organizations that seek clarity, guidance and advice in dealing with a dizzying array of disruptive issues, processes, information and technologies while trying to maintain control of a distributed and dynamic business environment. Whether focused on a specific risk or regulatory issue, or even enterprise-wide GRC strategy, organizations seek clarity through GRC 20/20. This clarity is delivered through analysts with real-world expertise, independence, creativity, and objectivity that understand GRC challenges and how to solve them practically and not just theoretically. Our clients include Fortune 1000 companies, major professional service firms, and the breadth of GRC solution providers. GRC 20/20 Research, LLC 4948 Bayfield Drive Waterford, WI USA info@grc2020.com RESEARCH METHODOLOGY GRC 20/20 research reports are written by experienced analysts with hands-on experience selecting, developing, and implementing GRC management systems and processes globally for international organizations across industries. GRC 20/20 evaluates all GRC solution providers using consistent and objective criteria, regardless of whether or not they are a GRC 20/20 client. The findings and analysis in GRC 20/20 research reports reflect analyst experience, opinions, research into market trends, participants, expenditure patterns, and best practices. Research facts and representations are verified with actual client references to validate accuracy. GRC solution providers are given the opportunity to correct factual errors, but cannot influence GRC 20/20 opinion. GRC 20/20 uses a combination of sources to gather market intelligence. These include (but are not limited to): GRC Solutions Provider Evaluation Forms. A detailed set of questions covering functional and nonfunctional aspects of GRC solutions, as well as market factors. GRC Solution User Surveys. As part of its on-going research cycle, GRC 20/20 systematically surveys GRC solution users and buyers, eliciting feedback on solution providers, satisfaction levels, and preferences. Interviews with Subject Matter Experts. GRC 20/20 undertakes comprehensive interviews and briefing sessions with leading industry experts, academics, and consultants to provide insight into market trends, vendor solutions, and evaluation criteria. Customer Reference Checks. These are telephone and reference checks with named customers of solution providers to validate strengths and weaknesses, and to assess experience and satisfaction levels. Vendor Briefings. These are face-to-face and/or web-based briefings and product demonstrations by solution providers. During these sessions, GRC 20/20 asks probing questions to understand the strengths and weaknesses of each provider. Third Party Sources. GRC 20/20 uses other third party sources of information such as conferences, academic and regulatory studies, collaboration with leading consulting firms, knowledge providers, and industry associations such as the Open Compliance and Ethics Group ( GRC 20/20 Research, LLC. All rights reserved. No part of this publication may be reproduced, adapted, stored in a retrieval system or transmitted in any form by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior written permission of GRC 20/20. If you are authorized to access this publication, your use of it is subject to the Usage Guidelines established in client contract. The information contained in this publication is believed to be accurate and has been obtained from sources believed to be reliable. Please note that the findings, conclusions and recommendations that GRC 20/20 delivers in this research is based on information gathered in good faith, whose accuracy we cannot guarantee and is subject to change. It also consists of opinions of GRC 20/20 analysts and should not be construed as statements of fact. GRC 20/20 disclaims all warranties as to the accuracy, completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies in such information. Although GRC 20/20 may include a discussion of related legal issues, GRC 20/20 does 2014 not provide GRC legal 20/20, advice LLC; Licensed or services to SAI and Global its research for Redistribution should not be construed or used as such. Solution Spotlight 10
Convercent Predictive Analytics
September 2015 Convercent Predictive Analytics Innovation in User Experience for Issue Reporting & Management SOLUTIONPERSPECTIVE Governance, Risk Management & Compliance Insight 2015 GRC 20/20 Research,
More informationSolution Viewpoint Governance, Risk Management & Compliance Insight ERP MAESTRO. March 2014. Automated Security & Access Controls Through the Cloud
March 2014 ERP MAESTRO Automated Security & Access Controls Through the Cloud Solution Viewpoint Governance, Risk Management & Compliance Insight INNOVATOR 2014 Table of Contents Executive Summary....
More informationDOUBLECHECK VENDOR MANAGEMENT
August 2014 DOUBLECHECK VENDOR MANAGEMENT Managing Risk & Compliance Across 3rd Party Relationships SOLUTION VIEWPOINT Governance, Risk Management & Compliance Insight 2014 GRC 20/20 Research, LLC. All
More informationResolver GRC Cloud. Innovation in User Experience for Enterprise GRC SOLUTIONPERSPECTIVE. September 2015
September 2015 Resolver GRC Cloud Innovation in User Experience for Enterprise GRC SOLUTIONPERSPECTIVE Governance, Risk Management & Compliance Insight 2015 GRC 20/20 Research, LLC. All Rights Reserved.
More informationPolicy Management Build vs. Buy: Why Policy Management Software Makes Sense
Prepared By: Michael Rasmussen J.D., OCEG Fellow, GRCP Risk & Compliance Lecturer, Author, & Advisor Policy Management Build vs. Buy: Why Policy Management Software Makes Sense Why Policy Matters Policy
More informationChartis RiskTech Quadrant for Model Risk Management Systems 2014
Chartis RiskTech Quadrant for Model Risk Management Systems 2014 The RiskTech Quadrant is copyrighted June 2014 by Chartis Research Ltd. and is reused with permission. No part of the RiskTech Quadrant
More informationbuilding a business case for governance, risk and compliance
building a business case for governance, risk and compliance contents introduction...3 assurance: THe last major business function To be integrated...3 current state of grc: THe challenges... 4 building
More informationSimply Sophisticated. Information Security and Compliance
Simply Sophisticated Information Security and Compliance Simple Sophistication Welcome to Your New Strategic Advantage As technology evolves at an accelerating rate, risk-based information security concerns
More informationIBM Tivoli Netcool network management solutions for enterprise
IBM Netcool network management solutions for enterprise The big picture view that focuses on optimizing complex enterprise environments Highlights Enhance network functions in support of business goals
More informationInformation Security Managing The Risk
Information Technology Capability Maturity Model Information Security Managing The Risk Introduction Information Security continues to be business critical and is increasingly complex to manage for the
More informationAn Oracle White Paper November 2011. Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime
An Oracle White Paper November 2011 Financial Crime and Compliance Management: Convergence of Compliance Risk and Financial Crime Disclaimer The following is intended to outline our general product direction.
More informationOutperform Financial Objectives and Enable Regulatory Compliance
SAP Brief Analytics s from SAP SAP s for Enterprise Performance Management Objectives Outperform Financial Objectives and Enable Regulatory Compliance Drive better decisions and streamline the close-to-disclose
More informationGovernance, Risk, and Compliance (GRC) White Paper
Governance, Risk, and Compliance (GRC) White Paper Table of Contents: Purpose page 2 Introduction _ page 3 What is GRC _ page 3 GRC Concepts _ page 4 Integrated Approach and Methodology page 4 Diagram:
More information2016 GRC Technology Strategy
An OCEG Benchmark on the Use of GRC Technology within Organizations 2016 GRC Technology Strategy Findings of the 2016 OCEG GRC Technology Strategy Survey 1 About OCEG... OCEG is a global, nonprofit think
More informationCorporate Social Responsibility: Good Corporate Citizens Respect Copyright and the Property of Others
Corporate Social Responsibility: W H I T E P A P E R Good Corporate Citizens Respect Copyright and the Property of Others What is Corporate Social Responsibility (CSR)? CSR is the integration of business
More informationSACM and CMDB Strategy and Roadmap. David Lowe ActionableITSM.com March 20, 2012
SACM and CMDB Strategy and Roadmap David Lowe ActionableITSM.com March 20, 2012 Disclaimer The strategy and roadmap information presented here is generic by nature and based on a highly hypothetical use
More informationThe Modern Service Desk: How Advanced Integration, Process Automation, and ITIL Support Enable ITSM Solutions That Deliver Business Confidence
How Advanced Integration, Process Automation, and ITIL Support Enable ITSM Solutions That Deliver White Paper: BEST PRACTICES The Modern Service Desk: Contents Introduction............................................................................................
More informationMy Experience. Serve Users in a Way that Serves the Business.
Infrastructure Services the way we do it My Experience Serve Users in a Way that Serves the Business. A Smarter Strategy for Empowering Users IT has entered a new era, and CIOs need to perform a delicate
More informationTeradata Marketing Operations. Reduce Costs and Increase Marketing Efficiency
Teradata Marketing Operations Reduce Costs and Increase Marketing Efficiency Product Insight Brochure What Would You Do If You Knew? TM What would you do if you knew your marketing efforts could be freed
More informationChartis RiskTech Quadrant for Operational Risk Management Systems
Chartis RiskTech Quadrant for Operational Risk Management Systems The RiskTech Quadrant is copyrighted July 2012 by Chartis Research Ltd. and is reused with permission. No part of the RiskTech Quadrant
More informationSimplify the Complexity of Managing 3rd Party Anti-Bribery / FCPA Compliance
Simplify the Complexity of Managing 3rd Party Anti-Bribery / FCPA Compliance Arm Stakeholders with Critical Information to Assess 3rd Party Relationships and Comply with the Foreign Corrupt Practices Act
More informationRSA ARCHER OPERATIONAL RISK MANAGEMENT
RSA ARCHER OPERATIONAL RISK MANAGEMENT 87% of organizations surveyed have seen the volume and complexity of risks increase over the past five years. Another 20% of these organizations have seen the volume
More informationChartis RiskTech Quadrant for Solvency II Technology Solutions
Chartis RiskTech Quadrant for Solvency II Technology Solutions The RiskTech Quadrant is copyrighted July 2012 by Chartis Research Ltd. and is reused with permission. No part of the RiskTech Quadrant may
More informationModule 6 Essentials of Enterprise Architecture Tools
Process-Centric Service-Oriented Module 6 Essentials of Enterprise Architecture Tools Capability-Driven Understand the need and necessity for a EA Tool IASA Global - India Chapter Webinar by Vinu Jade
More informationWhen you have to be right
OVERVIEW BROCHURE When you have to be right WoltersKluwerFS.com The 2008 crisis forced organizations to reassess their internal governance procedures and approach to risk management. Financial organizations
More informationIncrease Business Intelligence Infrastructure Responsiveness and Reliability Using IT Automation
White Paper Increase Business Intelligence Infrastructure Responsiveness and Reliability Using IT Automation What You Will Learn That business intelligence (BI) is at a critical crossroads and attentive
More informationORACLE ENTERPRISE GOVERNANCE, RISK, AND COMPLIANCE MANAGER FUSION EDITION
ORACLE ENTERPRISE GOVERNANCE, RISK, AND COMPLIANCE MANAGER FUSION EDITION KEY FEATURES AND BENEFITS Manage multiple GRC initiatives on a single consolidated platform Support unique areas of operation with
More informationAligning Quality Management Processes to Compliance Goals
Aligning Quality Management Processes to Compliance Goals MetricStream.com Smart Consulting Group Joint Webinar February 23 rd 2012 Nigel J. Smart, Ph.D. Smart Consulting Group 20 E. Market Street West
More informationMinimize Access Risk and Prevent Fraud With SAP Access Control
SAP Solution in Detail SAP Solutions for Governance, Risk, and Compliance SAP Access Control Minimize Access Risk and Prevent Fraud With SAP Access Control Table of Contents 3 Quick Facts 4 The Access
More informationEnhance visibility into and control over software projects IBM Rational change and release management software
Enhance visibility into and control over software projects IBM Rational change and release management software Accelerating the software delivery lifecycle Faster delivery of high-quality software Software
More informationWhite Paper Case Study: How Collaboration Platforms Support the ITIL Best Practices Standard
White Paper Case Study: How Collaboration Platforms Support the ITIL Best Practices Standard Abstract: This white paper outlines the ITIL industry best practices methodology and discusses the methods in
More informationAddressing IT governance, risk and compliance (GRC) to meet regulatory requirements and reduce operational risk in financial services organizations
White Paper September 2009 Addressing IT governance, risk and compliance (GRC) to meet regulatory requirements and reduce operational risk in financial services organizations Page 2 Contents 2 Executive
More informationHow To Standardize Itil V3.3.5
Business white paper Standardize your ITSM An HP approach based on best practices Table of contents 3 Introduction 3 Benefits and challenges 5 The HP approach to standardizing ITSM 6 Establish an IT operations
More informationChartis RiskTech Quadrant for Anti-Money Laundering Solutions 2013
Chartis RiskTech Quadrant for Anti-Money Laundering Solutions 2013 The RiskTech Quadrant is copyrighted July 2012 by Chartis Research Ltd. and is reused with permission. No part of the RiskTech Quadrant
More informationRSA ARCHER AUDIT MANAGEMENT
RSA ARCHER AUDIT MANAGEMENT Solution Overview INRODUCTION AT A GLANCE Align audit plans with your organization s risk profile and business objectives Manage audit planning, prioritization, staffing, procedures
More informationCisco Unified Communications and Collaboration technology is changing the way we go about the business of the University.
Data Sheet Cisco Optimization s Optimize Your Solution using Cisco Expertise and Leading Practices Optimizing Your Business Architecture Today, enabling business innovation and agility is about being able
More informationWhite Paper: The Seven Elements of an Effective Compliance and Ethics Program
White Paper: The Seven Elements of an Effective Compliance and Ethics Program Executive Summary Recently, the United States Sentencing Commission voted to modify the Federal Sentencing Guidelines, including
More informationWelcome to Modulo Risk Manager Next Generation. Solutions for GRC
Welcome to Modulo Risk Manager Next Generation Solutions for GRC THE COMPLETE SOLUTION FOR GRC MANAGEMENT GRC MANAGEMENT AUTOMATION EASILY IDENTIFY AND ADDRESS RISK AND COMPLIANCE GAPS INTEGRATED GRC SOLUTIONS
More informationImproving Financial Advisor Productivity through Automation
Wealth Managment the way we see it Improving Financial Advisor Productivity through Automation How wealth management firms are embracing change by developing next generation advisor platforms Contents
More informationAccenture Federal Services. Federal Solutions for Asset Lifecycle Management
Accenture Federal Services Federal Solutions for Asset Lifecycle Management Assessing Internal Controls 32 Material Weaknesses: identified in FY12 with deficiencies noted in the management of nearly 75%
More informationAccounts Payable Invoice Processing. White Paper
www.allstarss.com ACCELERATING Business Processes Accounts Payable Invoice Processing Table of Contents Table of Contents TABLE OF CONTENTS... I THE BUSINESS CHALLENGE... 2 Invoice Processing Costs...
More informationVulnerability Management
Vulnerability Management Buyer s Guide Buyer s Guide 01 Introduction 02 Key Components 03 Other Considerations About Rapid7 01 INTRODUCTION Exploiting weaknesses in browsers, operating systems and other
More informationTransform Invoice Management with a Hybrid of Cloud and On-Premise Software
SAP Brief SAP Business Suite SAP Invoice Management Objectives Transform Invoice Management with a Hybrid of Cloud and On-Premise Software Achieve a higher level of performance Achieve a higher level of
More informationCA Service Desk Manager
PRODUCT BRIEF: CA SERVICE DESK MANAGER CA Service Desk Manager CA SERVICE DESK MANAGER IS A VERSATILE, COMPREHENSIVE IT SUPPORT SOLUTION THAT HELPS YOU BUILD SUPERIOR INCIDENT AND PROBLEM MANAGEMENT PROCESSES
More information!!!!! White Paper. Understanding The Role of Data Governance To Support A Self-Service Environment. Sponsored by
White Paper Understanding The Role of Data Governance To Support A Self-Service Environment Sponsored by Sponsored by MicroStrategy Incorporated Founded in 1989, MicroStrategy (Nasdaq: MSTR) is a leading
More informationTapping the benefits of business analytics and optimization
IBM Sales and Distribution Chemicals and Petroleum White Paper Tapping the benefits of business analytics and optimization A rich source of intelligence for the chemicals and petroleum industries 2 Tapping
More informationCA Service Desk On-Demand
PRODUCT BRIEF: CA SERVICE DESK ON DEMAND -Demand Demand is a versatile, ready-to-use IT support solution delivered On Demand to help you build a superior Request, Incident, Change and Problem solving system.
More informationContract management's effect on in house counsel
IBM Software Industry Solutions Industry/Product Identifier Contract management's effect on in house counsel Impacting contract visibility, analysis and compliance Emptoris Contract Management Solutions
More informationLeveraging a Maturity Model to Achieve Proactive Compliance
Leveraging a Maturity Model to Achieve Proactive Compliance White Paper: Proactive Compliance Leveraging a Maturity Model to Achieve Proactive Compliance Contents Introduction............................................................................................
More informationOPTIMUS SBR. Optimizing Results with Business Intelligence Governance CHOICE TOOLS. PRECISION AIM. BOLD ATTITUDE.
OPTIMUS SBR CHOICE TOOLS. PRECISION AIM. BOLD ATTITUDE. Optimizing Results with Business Intelligence Governance This paper investigates the importance of establishing a robust Business Intelligence (BI)
More informationTalent Management Leadership in Professional Services Firms
Talent Management Leadership in Professional Services Firms Published by KENNEDY KENNEDY Consulting Research Consulting Research & Advisory & Advisory Sponsored by Table of Contents Introduction.... 3
More informationHow To Improve Your Business
IT Risk Management Life Cycle and enabling it with GRC Technology 21 March 2013 Overview IT Risk management lifecycle What does technology enablement mean? Industry perspective Business drivers Trends
More informationWhite Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA
White Paper Achieving GLBA Compliance through Security Information Management White Paper / GLBA Contents Executive Summary... 1 Introduction: Brief Overview of GLBA... 1 The GLBA Challenge: Securing Financial
More informationProcurement Capability Standards
IPAA PROFESSIONAL CAPABILITIES PROJECT Procurement Capability Standards Definition Professional Role Procurement is the process of acquiring goods and/or services. It can include: identifying a procurement
More informationProducts Currency Supply Chain Management
Products Currency Supply Chain Management Today s Enterprises Need Intelligent and Integrated Solutions to Optimize Currency Levels, Reduce Expenses and Improve Control Products The financial services
More informationThe Phoenix Corporate Legal Suite. Efficient Document, Email, and Matter Management for Law Departments and In-house Counsel
The Phoenix Corporate Legal Suite Efficient Document, Email, and Matter Management for Law Departments and In-house Counsel The Phoenix Corporate Legal Suite empowers your teams with: Document and Email
More informationFive Secrets to Contact Center E-learning and Coaching Success
Five Secrets to Contact Center E-learning and Coaching Success A Guide to Best Practices An Ovum White Paper sponsored by Publication Date: August 2010 INTRODUCTION Training tools are valuable to contact
More informationHow To Write A Risk Tech Quadrant Report
Chartis RiskTech Quadrant for Basel 3 Technology Solutions 2013 The RiskTech Quadrant is copyrighted July 2012 by Chartis Research Ltd. and is reused with permission. No part of the RiskTech Quadrant may
More informationEnhancing Business Performance Through Innovative Technology Solutions
Enhancing Business Performance Through Innovative Technology Solutions Contact Center = Customer Experience FIELD SERVICE Customer Service BACK OFFICE CONTACT CENTER BRANCH OFFICE Help Desk HR Finance
More informationComplete Financial Crime and Compliance Management
Complete Financial Crime and Management With Oracle Financial Services Financial Crime and Management applications, financial institutions can manage compliance risk and investigate appropriate information
More informationIT audit updates. Current hot topics and key considerations. IT risk assessment leading practices
IT audit updates Current hot topics and key considerations Contents IT risk assessment leading practices IT risks to consider in your audit plan IT SOX considerations and risks COSO 2013 and IT considerations
More informationTable of contents. Standardizing IT Service Management. Best practices based on HP experience in ITSM consolidation. White paper
Standardizing IT Service Management Best practices based on HP experience in ITSM consolidation White paper Table of contents Go!... 2 Benefits and challenges... 2 The HP approach to standardizing ITSM...
More informationProduct Lifecycle Management in the Medical Device Industry. An Oracle White Paper Updated January 2008
Product Lifecycle Management in the Medical Device Industry An Oracle White Paper Updated January 2008 Product Lifecycle Management in the Medical Device Industry PLM technology ensures FDA compliance
More informationResource Management. Compliments of. Published by
Why Four Professional Essential Steps Services for Building Organizations a Need GRC Improved Strategy Financial and Resource Management Compliments of Published by C U S T O M M E D I A S O L U T I O
More informationBEST PRACTICES IN AP AUTOMATION
MINUTE READ TIME WHITE PAPER ACCOUNTS PAYABLE BEST PRACTICES IN AP AUTOMATION Consolidating Workflow Outside ERP Systems www.esker.com BEST PRACTICES IN AP AUTOMATION Consolidating Workflow Outside ERP
More informationPaperless Office Solution Framework for Banking & Financial Services A Business Process Automation (BPA) Approach
Paperless Office Solution Framework for Banking & Financial Services A Business Process Automation (BPA) Approach A White Paper Santosh Khanolkar Platform Strategy Advisor, Microsoft Corporation India
More informationINFORMATION MANAGED. Project Management You Can Build On. Primavera Solutions for Engineering and Construction
INFORMATION MANAGED Project Management You Can Build On Primavera Solutions for Engineering and Construction Improve Project Performance, Profitability, and Your Bottom Line Demanding owners, ineffective
More informationA Hyperion System Overview. Hyperion System 9
A Hyperion System Overview Hyperion System 9 Your organization relies on multiple transactional systems including ERP, CRM, and general ledger systems to run your business. In today s business climate
More informationSoftware Licenses Managing the Asset and Related Risks
AUDITOR GENERAL S REPORT ACTION REQUIRED Software Licenses Managing the Asset and Related Risks Date: February 4, 2015 To: From: Wards: Audit Committee Auditor General All Reference Number: SUMMARY The
More informationGlobal Payroll? A Few Planning Considerations. Human Resources Globalization
Global Payroll? A Few Planning Considerations Human Resources Globalization Global Payroll? A Few Considerations Today s businesses operate in an increasingly global environment. As a result, globalizing
More informationSoftware Development for Medical Devices
Overcoming the Challenges of Compliance, Quality and Cost An MKS White Paper Introduction Software is fast becoming the differentiator for manufacturers of medical devices. The rewards available from software
More informationmysap ERP FINANCIALS SOLUTION OVERVIEW
mysap ERP FINANCIALS SOLUTION OVERVIEW EFFECTIVE FINANCIAL MANAGEMENT ... IS KEY TO BUSINESS SUCCESS mysap ERP FINANCIALS YOUR BUSINESS, YOUR FUTURE, YOUR SUCCESS mysap ERP is the world s most complete
More informationThought Leadership White Paper
Thought Leadership White Paper Introduction Contracts form the foundation of all businesses and every business relationship. They define every aspect of a business s activities procurement, sales, marketing,
More informationFive steps to improving the customer service experience
Five steps to improving the customer service experience Metrics, tips, and tools for utilizing customer feedback An Ovum White Paper Sponsored by Publication Date: January 2012 INTRODUCTION As the use
More informationHP Service Manager software
HP Service Manager software The HP next generation IT Service Management solution is the industry leading consolidated IT service desk. Brochure HP Service Manager: Setting the standard for IT Service
More informationAssurX Makes Quality & Compliance a Given Not Just a Goal
AssurX Makes Quality & Compliance a Given Not Just a Goal TRACK. MANAGE. AUTOMATE. IMPROVE. AssurX s powerfully flexible software unites and coordinates information, activities and documentation in one
More informationGUIDANCE NOTE FOR DEPOSIT-TAKERS. Operational Risk Management. March 2012
GUIDANCE NOTE FOR DEPOSIT-TAKERS Operational Risk Management March 2012 Version 1.0 Contents Page No 1 Introduction 2 2 Overview 3 Operational risk - fundamental principles and governance 3 Fundamental
More informationOBLIGATION MANAGEMENT
OBLIGATION MANAGEMENT TRACK & TRACE: CONTRACTUAL OBLIGATIONS Better Visibility. Better Outcomes RAMESH SOMASUNDARAM DIRECTOR, IT VENDOR MANAGEMENT SERVICES MARCH 2012 E N E R G I C A Governance Matter
More informationElevate Your Customer Engagement Strategy with Cloud Services
SAP Brief SAP Services Cloud Services for Customer Relations Objectives Elevate Your Customer Engagement Strategy with Cloud Services Win over today s empowered customers Win over today s empowered customers
More informationThe Evolution of Manufacturing Software Platforms: Past, Present, and Future
The Evolution of Manufacturing Software Platforms: Past, Present, and With reliance on the global supplier network, pressures on operating margins, and the increasing complexity of products and processes
More informationThree Fundamental Techniques To Maximize the Value of Your Enterprise Data
Three Fundamental Techniques To Maximize the Value of Your Enterprise Data Prepared for Talend by: David Loshin Knowledge Integrity, Inc. October, 2010 2010 Knowledge Integrity, Inc. 1 Introduction Organizations
More informationCompliance. Group Standard
Group Standard Compliance Serco is committed to good governance practices and the management of risks supported by a robust business compliance process SMS-GS-G2 Compliance July 2014 v1.0 Serco Public
More informationEnsure Effective Controls and Ongoing Compliance
SAP Solution in Detail SAP Solutions for Governance, Risk, and Compliance SAP Process Control Ensure Effective Controls and Ongoing Compliance Table of Contents 3 Quick Facts 4 Focus Resources on High-Impact
More informationHow To Use The Sap Process Control Application
SAP Solution in Detail SAP Solutions for Governance, Risk, and Compliance SAP Process Control Ensure Effective Controls and Ongoing Compliance Table of Contents 3 Quick Facts 4 Focus Your Resources on
More informationORACLE PROJECT MANAGEMENT
ORACLE PROJECT MANAGEMENT KEY FEATURES Oracle Project Management provides project managers the WORK MANAGEMENT Define the workplan and associated resources; publish and maintain versions View your schedule,
More informationHelping Enterprises Succeed: Responsible Corporate Strategy and Intelligent Business Insights
I D C E X E C U T I V E I N S I G H T S Helping Enterprises Succeed: Responsible Corporate Strategy and Intelligent Business Insights May 2009 By Albert Pang, Research Director, Enterprise Applications
More informationWhite Paper. An Overview of the Kalido Data Governance Director Operationalizing Data Governance Programs Through Data Policy Management
White Paper An Overview of the Kalido Data Governance Director Operationalizing Data Governance Programs Through Data Policy Management Managing Data as an Enterprise Asset By setting up a structure of
More informationFunctional and technical specifications. Background
Functional and technical specifications Background In terms of the Public Audit Act, 2004 (Act No. 25 of 2004) (PAA), the deputy auditor-general (DAG) is responsible for maintaining an effective, efficient
More informationKNOW YOUR THIRD PARTY
Thomson Reuters KNOW YOUR THIRD PARTY EXECUTIVE SUMMARY The drive to improve profitability and streamline operations motivates many organizations to collaborate with other businesses, increase outsourcing
More informationAccelus Audit Manager THOMSON REUTERS ACCELUS
THOMSON REUTERS ACCELUS Accelus Audit Manager THOMSON REUTERS ACCELUS Our solutions dynamically connect business transactions, strategy, and operations to the ever-changing regulatory environment, providing
More informationEnterprise Release Management
Enterprise Release Management Plutora helps organizations manage complex IT Feature Pipeline, IT Releases and IT Test Environments in a simple and transparent manner. Enterprise Releases Transparency and
More informationUse Your Contact Center to Build a Better Customer Experience
SAP Brief SAP Customer Relationship Management SAP Contact Center Objectives Use Your Contact Center to Build a Better Customer Experience Engage your customers across all points of contact Engage your
More informationSupply Chain Management Build Connections
Build Connections Enabling a business in manufacturing Building High-Value Connections with Partners and Suppliers Build Connections Is your supply chain responsive, adaptive, agile, and efficient? How
More informationPlanning, Building, and Commissioning Assets
Solution in Detail Oil and Gas Executive Summary Contact Us Planning, Building, and Commissioning Assets 2013 2014 SAP SE or an SAP affiliate company. Effective Management of Asset Development Managed
More informationwww.pwc.com Third Party Risk Management 12 April 2012
www.pwc.com Third Party Risk Management 12 April 2012 Agenda 1. Introductions 2. Drivers of Increased Focus on Third Parties 3. Governance 4. Third Party Risks and Scope 5. Third Party Risk Profiling 6.
More informationACCELUS COMPLIANCE MANAGER FOR FINANCIAL SERVICES
THOMSON REUTERS ACCELUS ACCELUS COMPLIANCE MANAGER FOR FINANCIAL SERVICES PROACTIVE. CONNECTED. INFORMED. THOMSON REUTERS ACCELUS Compliance management Solutions Introduction The advent of new and pending
More informationPMS 288 Blue or CMYK = C100-M85-Y0-C43 PMS 1255 Ochre / Yellow or CMYK = C0-M35-Y85-C30. Tax Compliance Services
PMS 288 Blue or CMYK = C100-M85-Y0-C43 PMS 1255 Ochre / Yellow or CMYK = C0-M35-Y85-C30 Tax Compliance Services TAX COMPLIANCE SERVICES Strategic Insight and Knowledge RYAN S UNCOMPROMISING ATTENTION TO
More informationWHITE PAPER. iet ITSM Enables Enhanced Service Management
iet ITSM Enables Enhanced Service Management iet ITSM Enables Enhanced Service Management Need for IT Service Management The focus within the vast majority of large and medium-size companies has shifted
More informationApplication Test Management and Quality Assurance
SAP Brief Extensions SAP Quality Center by HP Objectives Application Test Management and Quality Assurance Deliver new software with confidence Deliver new software with confidence Testing is critical
More information