Learn from the experience of others and share your experience! blog
Have you ever asked your peers or professional colleagues what risk management or compliance tools they use? We value the ground well tread because we know that learning comes from making mistakes. How would you like to know what 1000's of your peers are saying about GRC ven
Operational Risk Management – Key Shifts Required to Rise to the Challenge blog
By Brian Barnier, OCEG Fellow
SAS Enterprise GRC
SAS Enterprise GRC strengthens governance and trust with systematic management of risk. It detects and helps prevent violations, allowing you to align strategy with risk appetite. The solution builds a reliable view of risk compliance, facilitates collaboration between GRC teams and reduces the cost of risk management through automation. Benefits Demonstrates an effective implementation of the GRC framework. Enhances the quality of decision making across the organization. Reduces the likelihood of unpleasant surprises for all stakeholders. Enhances the efficiency and effectiveness of GRC processes. Reduces risk-related losses. Reduces the risk of regulatory compliance violations. Provides more reliable assurance to stakeholders.
- IT.01 - Audit and Assurance Management
- IT.03 - Brand and Reputation Management
- IT.05 - Compliance Management
- IT.07 - Control Activity, Monitoring, and Assurance
- IT.16 - Information/IT Risk & Security
- IT.27 - Strategy, Performance, and Business Intelligence
- D1. Detective Actions & Controls
- P1. Proactive Actions & Controls
- R1. Responsive Actions & Controls
- R2. Internal Investigation
- D3. Inquiry
- P3. Policies
- R5. Remediation
- P7. Risk Financing
- (A) Assess
- (M) Measure
- (I) Interact
Protiviti Governance Portal
The Protiviti Governance Portal is a comprehensive software platform that integrates content and commonly accepted frameworks with world-class consulting expertise that provides organizations with the visibility and insight needed to manage and mitigate critical risk and compliance issues today and in the future.
- IT.01 - Audit and Assurance Management
- IT.05 - Compliance Management
- IT.07 - Control Activity, Monitoring, and Assurance
- IT.16 - Information/IT Risk & Security
- IT.22 - Policy Mgmt, Communication & Training
- IT.26 - Risk Management
- IT.26 - Regulatory Intelligence and Monitoring
- IT.28 - 3rd Party/Vendor Risk & Compliance
- A2. Analysis
- M4. Assurance
- R5. Remediation
- (A) Assess
- (M) Measure
Regulatory Intelligence by Michael Rasmussen: an Axentis Thought Leadership White Paper resource White Papers Member contributionOCEG Reviewed
"The old paradigm of regulatory change management is clearly a recipe for disaster given the volume, pace of change
A Frame of Reference for Research of Integrated Governance, Risk, and Compliance (GRC) resource Research / Studies Member contribution
This research paper was presented at the 11th IFIP TC 6/TC 11 International Conference for Communications and Multimedia Security in Linz, Vienna. It provides a scientifically derived short-definition of GRC and a frame of reference for research of integrated GRC.
Continuous Risk and Control Assurance: The Next Evolution of Internal Audit resource White Papers Member contribution
Why is GRC important? blog
I have been blogging about what GRC is, advocating the definition developed by the Open Compliance and Ethics Group, OCEG (see this and subsequent posts). But, I haven’t really talked about why the concept of GRC has value.
GRC in Chile - New Challenges blog
MIRAGroup Chile is in charge of development EGRC Concepts in multiples industries in this country. Our first purposes is help companies to understand this new way to manage Risk, Governance and Compliance as an integrated process.
