Learn from the experience of others and share your experience! blog
Have you ever asked your peers or professional colleagues what risk management or compliance tools they use? We value the ground well tread because we know that learning comes from making mistakes. How would you like to know what 1000's of your peers are saying about GRC ven
SAS Enterprise GRC
SAS Enterprise GRC strengthens governance and trust with systematic management of risk. It detects and helps prevent violations, allowing you to align strategy with risk appetite. The solution builds a reliable view of risk compliance, facilitates collaboration between GRC teams and reduces the cost of risk management through automation. Some Distinctive Features Include: Creates a common and integrated repository of all critical GRC components (e.g., risks, controls, policies, audits, etc.). Facilitates collaboration between various GRC teams, which will be difficult when the GRC components are in multiple systems. Reduces cost of risk management and compliance by reducing duplication of data and processes. Links all critical GRC elements, enabling you to easily visualize and assess the impact of a business decision in one part of the organization over other parts of the organization.
- IT.01 - Audit and Assurance Management
- IT.03 - Brand and Reputation Management
- IT.05 - Compliance Management
- IT.07 - Control Activity, Monitoring, and Assurance
- IT.12 - Finance/Treasury Risk Management
- IT.13 - Fraud and Corruption Detection, Prevention & Mgmt
- IT.16 - Information/IT Risk & Security
- IT.19 - Issue and Investigations Management
- IT.22 - Policy Mgmt, Communication & Training
- IT.24 - Quality Management and Monitoring
- IT.26 - Risk Management
- IT.26 - Regulatory Intelligence and Monitoring
- IT.27 - Strategy, Performance, and Business Intelligence
- A1. Identification
- D1. Detective Actions & Controls
- I1. Info Management
- M1. Context Monitoring
- P1. Proactive Actions & Controls
- R1. Responsive Actions & Controls
- A2. Analysis
- D2. Notification
- M2. Performance Monitoring
- R2. Internal Investigation
- A3. Planning
- D3. Inquiry
- I3. Technology
- P3. Policies
- R4. Crisis Response
- P7. Risk Financing
SAS Enterprise GRC
SAS Enterprise GRC strengthens governance and trust with systematic management of risk. It detects and helps prevent violations, allowing you to align strategy with risk appetite. The solution builds a reliable view of risk compliance, facilitates collaboration between GRC teams and reduces the cost of risk management through automation. Benefits Demonstrates an effective implementation of the GRC framework. Enhances the quality of decision making across the organization. Reduces the likelihood of unpleasant surprises for all stakeholders. Enhances the efficiency and effectiveness of GRC processes. Reduces risk-related losses. Reduces the risk of regulatory compliance violations. Provides more reliable assurance to stakeholders. How SAS® Is Different Creates a common and integrated repository of all critical GRC components (e.g., risks, controls, policies, audits, etc.). Facilitates collaboration between various GRC teams, which will be difficult when the GRC components are in multiple systems. Reduces cost of risk management and compliance by reducing duplication of data and processes. Links all critical GRC elements, enabling you to easily visualize and assess the impact of a business decision in one part of the organization over other parts of the organization.
- IT.01 - Audit and Assurance Management
- IT.03 - Brand and Reputation Management
- IT.04 - Business Continuity Management
- IT.05 - Compliance Management
- IT.07 - Control Activity, Monitoring, and Assurance
- IT.16 - Information/IT Risk & Security
- IT.22 - Policy Mgmt, Communication & Training
- IT.26 - Risk Management
- IT.26 - Regulatory Intelligence and Monitoring
- IT.27 - Strategy, Performance, and Business Intelligence
- IT.28 - 3rd Party/Vendor Risk & Compliance
- A1. Identification
- D1. Detective Actions & Controls
- I1. Info Management
- M1. Context Monitoring
- O1. Commitment
- P1. Proactive Actions & Controls
- R1. Responsive Actions & Controls
- A2. Analysis
- M2. Performance Monitoring
- O2. Roles
- P2. Codes Of Conduct
- R2. Internal Investigation
- A3. Planning
- D3. Inquiry
- I3. Technology
- M3. Systemic Improvement
- O3. Accountability
- P3. Policies
- C4. Objectives
- M4. Assurance
- R5. Remediation
- P7. Risk Financing
Organizational Transformation: A Framework for Assessing and Improving Enterprise Architecture Management (Version 2.0) (GAO, 2010) resource Standards and Guidelines OCEG Reviewed
Summary: Effective use of an enterprise architecture (EA) is a hallmark of successful organizations and an essential means to achieving a desired end: having operations and technology environments that maximize institutional mission performance and outcomes.
Managing Risk in the Extended Enterprise: Best Practices for Working with Suppliers, Partners and Contractors resource White Papers Member contribution
Even with internal measures in place, companies can remain exposed to substantial risk beyond the enterprise. That's because companies can be substantially harmed by the actions of their suppliers, subcontractors, service providers, and other business partners.
DIRECTV GRC ACHIEVEMENT AWARD 2010 PRESENTATION resource Presentation Slides OCEG Reviewed
A presentation about the project for which DIRECTV won a 2010 OCEG GRC ACHIEVEMENT AWARD.
Why is GRC important? blog
I have been blogging about what GRC is, advocating the definition developed by the Open Compliance and Ethics Group, OCEG (see this and subsequent posts). But, I haven’t really talked about why the concept of GRC has value.
OCEG One Minute Poll: IT for GRC Planning resource OMP - One Minute Poll OCEG Reviewed
A quick research survey of the OCEG worldwide membership. April 2009
GRC-XML Alpha Release resource Standards and Guidelines Member contributionOCEG Reviewed
GRC-XML Risk and Control Taxonomy Alpha Release
