D1. Detective Actions & Controls

Order by:Group by:
FILTER BY:
WYSIATI - Jumping to Conclusions with Limited Evidence blog
Submitted by gcagrc4 on Mar, 26 2012

Over confidence in our ability to assess risks has led to more mistakes than we care to admit.  WYSIATI - "What You See Is All There Is"  describes a set of biases that prevents us from becoming better risk managers.  Why is this the case?  Because we jump to conclusions based on weak evidence and confuse correlation with causation. 

Read more
OCEG One Minute Poll: How Do You Screen Vendor Compliance? September, 2011 resource OMP - One Minute Poll OCEG Reviewed
Submitted by cswitzer on Jan, 22 2012
Thumbnail

A short OCEG research poll addressing vendor compliance.

Read more
SAS Enterprise GRC

SAS Enterprise GRC strengthens governance and trust with systematic management of risk. It detects and helps prevent violations, allowing you to align strategy with risk appetite. The solution builds a reliable view of risk compliance, facilitates collaboration between GRC teams and reduces the cost of risk management through automation. Some Distinctive Features Include: Creates a common and integrated repository of all critical GRC components (e.g., risks, controls, policies, audits, etc.). Facilitates collaboration between various GRC teams, which will be difficult when the GRC components are in multiple systems. Reduces cost of risk management and compliance by reducing duplication of data and processes. Links all critical GRC elements, enabling you to easily visualize and assess the impact of a business decision in one part of the organization over other parts of the organization.

  • IT.01 - Audit and Assurance Management
  • IT.03 - Brand and Reputation Management
  • IT.05 - Compliance Management
  • IT.07 - Control Activity, Monitoring, and Assurance
  • IT.12 - Finance/Treasury Risk Management
  • IT.13 - Fraud and Corruption Detection, Prevention & Mgmt
  • IT.16 - Information/IT Risk & Security
  • IT.19 - Issue and Investigations Management
  • IT.22 - Policy Mgmt, Communication & Training
  • IT.24 - Quality Management and Monitoring
  • IT.26 - Risk Management
  • IT.26 - Regulatory Intelligence and Monitoring
  • IT.27 - Strategy, Performance, and Business Intelligence
  • A1. Identification
  • D1. Detective Actions & Controls
  • I1. Info Management
  • M1. Context Monitoring
  • P1. Proactive Actions & Controls
  • R1. Responsive Actions & Controls
  • A2. Analysis
  • D2. Notification
  • M2. Performance Monitoring
  • R2. Internal Investigation
  • A3. Planning
  • D3. Inquiry
  • I3. Technology
  • P3. Policies
  • R4. Crisis Response
  • P7. Risk Financing
Read more
SAS Enterprise GRC

SAS Enterprise GRC strengthens governance and trust with systematic management of risk. It detects and helps prevent violations, allowing you to align strategy with risk appetite. The solution builds a reliable view of risk compliance, facilitates collaboration between GRC teams and reduces the cost of risk management through automation. Benefits Demonstrates an effective implementation of the GRC framework. Enhances the quality of decision making across the organization. Reduces the likelihood of unpleasant surprises for all stakeholders. Enhances the efficiency and effectiveness of GRC processes. Reduces risk-related losses. Reduces the risk of regulatory compliance violations. Provides more reliable assurance to stakeholders.

  • IT.01 - Audit and Assurance Management
  • IT.03 - Brand and Reputation Management
  • IT.05 - Compliance Management
  • IT.07 - Control Activity, Monitoring, and Assurance
  • IT.16 - Information/IT Risk & Security
  • IT.27 - Strategy, Performance, and Business Intelligence
  • D1. Detective Actions & Controls
  • P1. Proactive Actions & Controls
  • R1. Responsive Actions & Controls
  • R2. Internal Investigation
  • D3. Inquiry
  • P3. Policies
  • R5. Remediation
  • P7. Risk Financing
  • (A) Assess
  • (M) Measure
  • (I) Interact
Read more
SAS Enterprise GRC

SAS Enterprise GRC strengthens governance and trust with systematic management of risk. It detects and helps prevent violations, allowing you to align strategy with risk appetite. The solution builds a reliable view of risk compliance, facilitates collaboration between GRC teams and reduces the cost of risk management through automation. Benefits Demonstrates an effective implementation of the GRC framework. Enhances the quality of decision making across the organization. Reduces the likelihood of unpleasant surprises for all stakeholders. Enhances the efficiency and effectiveness of GRC processes. Reduces risk-related losses. Reduces the risk of regulatory compliance violations. Provides more reliable assurance to stakeholders. How SAS® Is Different Creates a common and integrated repository of all critical GRC components (e.g., risks, controls, policies, audits, etc.). Facilitates collaboration between various GRC teams, which will be difficult when the GRC components are in multiple systems. Reduces cost of risk management and compliance by reducing duplication of data and processes. Links all critical GRC elements, enabling you to easily visualize and assess the impact of a business decision in one part of the organization over other parts of the organization.

  • IT.01 - Audit and Assurance Management
  • IT.03 - Brand and Reputation Management
  • IT.04 - Business Continuity Management
  • IT.05 - Compliance Management
  • IT.07 - Control Activity, Monitoring, and Assurance
  • IT.16 - Information/IT Risk & Security
  • IT.22 - Policy Mgmt, Communication & Training
  • IT.26 - Risk Management
  • IT.26 - Regulatory Intelligence and Monitoring
  • IT.27 - Strategy, Performance, and Business Intelligence
  • IT.28 - 3rd Party/Vendor Risk & Compliance
  • A1. Identification
  • D1. Detective Actions & Controls
  • I1. Info Management
  • M1. Context Monitoring
  • O1. Commitment
  • P1. Proactive Actions & Controls
  • R1. Responsive Actions & Controls
  • A2. Analysis
  • M2. Performance Monitoring
  • O2. Roles
  • P2. Codes Of Conduct
  • R2. Internal Investigation
  • A3. Planning
  • D3. Inquiry
  • I3. Technology
  • M3. Systemic Improvement
  • O3. Accountability
  • P3. Policies
  • C4. Objectives
  • M4. Assurance
  • R5. Remediation
  • P7. Risk Financing
Read more
USSC, Amendments to the Sentencing Guidelines - Reader Friendly Version of Amendments (Aprill 28, 2011) resource Standards and Guidelines OCEG Reviewed

This compilation contains unofficial text of amendments submitted to Congress on April 28, 2011, effective November 1, 2011.

Read more
Why is GRC important? blog
Submitted by nmarks on May, 17 2010

I have been blogging about what GRC is, advocating the definition developed by the Open Compliance and Ethics Group, OCEG (see this and subsequent posts). But, I haven’t really talked about why the concept of GRC has value.

Read more
Staying Out of Trouble: The Role of a Global Anti-Corruption Program resource Articles OCEG Reviewed
Submitted by OCEG Staff on Mar, 11 2008
Thumbnail
BY WILLIAM HENDERSON
Read more
Who Blows the Whistle on Corporate Fraud? (2007, Rev. 2011) resource Research / Studies Member contributionOCEG Reviewed

Abstract: To identify the most effective mechanisms for detecting corporate fraud this paper studies in depth all reported fraud cases in large U.S. companies between 1996 and 2004. The findings were that fraud detection does not rely on obvious actors (investors, SEC, and auditors), but takes a village of several non-traditional players (employees, media, and industry regulators).

Read more
Syndicate content
Related terms
D2. Notification
D3. Inquiry
D1. Detective Actions & Controls