O3. Accountability

Order by:Group by:
FILTER BY:
SAS Enterprise GRC

SAS Enterprise GRC strengthens governance and trust with systematic management of risk. It detects and helps prevent violations, allowing you to align strategy with risk appetite. The solution builds a reliable view of risk compliance, facilitates collaboration between GRC teams and reduces the cost of risk management through automation. Benefits Demonstrates an effective implementation of the GRC framework. Enhances the quality of decision making across the organization. Reduces the likelihood of unpleasant surprises for all stakeholders. Enhances the efficiency and effectiveness of GRC processes. Reduces risk-related losses. Reduces the risk of regulatory compliance violations. Provides more reliable assurance to stakeholders. How SAS® Is Different Creates a common and integrated repository of all critical GRC components (e.g., risks, controls, policies, audits, etc.). Facilitates collaboration between various GRC teams, which will be difficult when the GRC components are in multiple systems. Reduces cost of risk management and compliance by reducing duplication of data and processes. Links all critical GRC elements, enabling you to easily visualize and assess the impact of a business decision in one part of the organization over other parts of the organization.

  • IT.01 - Audit and Assurance Management
  • IT.03 - Brand and Reputation Management
  • IT.04 - Business Continuity Management
  • IT.05 - Compliance Management
  • IT.07 - Control Activity, Monitoring, and Assurance
  • IT.16 - Information/IT Risk & Security
  • IT.22 - Policy Mgmt, Communication & Training
  • IT.26 - Risk Management
  • IT.26 - Regulatory Intelligence and Monitoring
  • IT.27 - Strategy, Performance, and Business Intelligence
  • IT.28 - 3rd Party/Vendor Risk & Compliance
  • A1. Identification
  • D1. Detective Actions & Controls
  • I1. Info Management
  • M1. Context Monitoring
  • O1. Commitment
  • P1. Proactive Actions & Controls
  • R1. Responsive Actions & Controls
  • A2. Analysis
  • M2. Performance Monitoring
  • O2. Roles
  • P2. Codes Of Conduct
  • R2. Internal Investigation
  • A3. Planning
  • D3. Inquiry
  • I3. Technology
  • M3. Systemic Improvement
  • O3. Accountability
  • P3. Policies
  • C4. Objectives
  • M4. Assurance
  • R5. Remediation
  • P7. Risk Financing
Read more
Voluntary Non-Financial Disclosure and the Cost of Equity Capital (October 2010) resource White Papers OCEG Reviewed

Introduction: In the paper, Voluntary Non-Financial Disclosure and the Cost of Equity Capital: The Initiation of Corporate Social Responsibility Reporting, forthcoming in The Accounting Review, we examine a potential benefit associated with the initiation of voluntary disclosure of CSR activities—a reduction in the cost of equity capital.

Read more
Asian Corporate Governance Association (ACGA) - Singapore Codes and Rules resource Organizations & Associations OCEG Reviewed

Contents and links on this site:

  1. Laws
  2. Accounting Standards
  3. Regulations
  4. Listing Rules
  5. Official Codes and Guidelines
Read more
EU, European Commission Prospectus Directive (Rev. 2009) resource Agency Web Sites OCEG Reviewed

EC Press Release, 24 September 2009: The Prospectus Directive lays down the rules governing the prospectus that has to be made available to the public in case a public offer or admission to trading of transferable securities in a regulated market takes place in the EU.

Read more
Why is GRC important? blog
Submitted by nmarks on May, 17 2010

I have been blogging about what GRC is, advocating the definition developed by the Open Compliance and Ethics Group, OCEG (see this and subsequent posts). But, I haven’t really talked about why the concept of GRC has value.

Read more
Business Continuity Maturity Model® (BCMM®) resource OCEG Reviewed
The Business Continuity Maturity Model® (BCMM®) is a free open access tool created to assist businesses in building and maintaining a sustainable BC program. New standards for business continuity are continuously emerging, pressuring BC managers to find a business continuity program diagnostic tool that is objective, consistent and repeatable.
Read more
FFIEC, Business Continuity Planning (2008) resource Agency Guidances OCEG Reviewed
The overall goal of this booklet is to provide guidance to the financial services industry about the importance of business continuity planning, which establishes the basis for financial institutions to recover and resume business processes when operations have been disrupted unexpectedly.
Read more
Sustaining Operational Resiliency: A Process Improvement Approach to Security Management (2006) resource White Papers OCEG Reviewed
Carnegie Mellon University, Software Engineering Institute   Abstract: Organizations face an ever-changing risk environment. The risk that emanates from the day-to-day activities of the organization, operational risk, is the subject of increasing attention, particularly in the banking and finance industry, because of the potential to significantly dis-rupt an organization’s pursuit of its mission. Security, business continuity, and IT operations management are activities that traditionally support operational risk management.
Read more
SEC, Enforcement Manual (2008) resource Agency Guidances OCEG Reviewed
The Enforcement Manual (“Manual”) is an electronic document designed to be a reference for the staff in the U.S. Securities and Exchange Commission’s (“SEC”) Division of Enforcement (“Division” or “Enforcement”) in the investigation of potential violations of the federal securities laws. It contains various general policies and procedures and is intended to provide guidance only to the staff of the Division.
Read more
Syndicate content
Related terms
O1. Commitment
O2. Roles
O3. Accountability