R4. Crisis Response

Order by:Group by:
FILTER BY:
SAS Enterprise GRC

SAS Enterprise GRC strengthens governance and trust with systematic management of risk. It detects and helps prevent violations, allowing you to align strategy with risk appetite. The solution builds a reliable view of risk compliance, facilitates collaboration between GRC teams and reduces the cost of risk management through automation. Some Distinctive Features Include: Creates a common and integrated repository of all critical GRC components (e.g., risks, controls, policies, audits, etc.). Facilitates collaboration between various GRC teams, which will be difficult when the GRC components are in multiple systems. Reduces cost of risk management and compliance by reducing duplication of data and processes. Links all critical GRC elements, enabling you to easily visualize and assess the impact of a business decision in one part of the organization over other parts of the organization.

  • IT.01 - Audit and Assurance Management
  • IT.03 - Brand and Reputation Management
  • IT.05 - Compliance Management
  • IT.07 - Control Activity, Monitoring, and Assurance
  • IT.12 - Finance/Treasury Risk Management
  • IT.13 - Fraud and Corruption Detection, Prevention & Mgmt
  • IT.16 - Information/IT Risk & Security
  • IT.19 - Issue and Investigations Management
  • IT.22 - Policy Mgmt, Communication & Training
  • IT.24 - Quality Management and Monitoring
  • IT.26 - Risk Management
  • IT.26 - Regulatory Intelligence and Monitoring
  • IT.27 - Strategy, Performance, and Business Intelligence
  • A1. Identification
  • D1. Detective Actions & Controls
  • I1. Info Management
  • M1. Context Monitoring
  • P1. Proactive Actions & Controls
  • R1. Responsive Actions & Controls
  • A2. Analysis
  • D2. Notification
  • M2. Performance Monitoring
  • R2. Internal Investigation
  • A3. Planning
  • D3. Inquiry
  • I3. Technology
  • P3. Policies
  • R4. Crisis Response
  • P7. Risk Financing
Read more
NFPA, Standard on Disaster/Emergency Management and Business Continuity Programs (2010 Edition) resource Standards and Guidelines OCEG Reviewed
Submitted by ocegstaff on Feb, 26 2011

This edition of NFPA 1600, Standard on Disaster/Emergency Management and Business Continuity

Read more
Why is GRC important? blog
Submitted by nmarks on May, 17 2010

I have been blogging about what GRC is, advocating the definition developed by the Open Compliance and Ethics Group, OCEG (see this and subsequent posts). But, I haven’t really talked about why the concept of GRC has value.

Read more
Business Continuity Maturity Model® (BCMM®) resource OCEG Reviewed
The Business Continuity Maturity Model® (BCMM®) is a free open access tool created to assist businesses in building and maintaining a sustainable BC program. New standards for business continuity are continuously emerging, pressuring BC managers to find a business continuity program diagnostic tool that is objective, consistent and repeatable.
Read more
FFIEC, Business Continuity Planning (2008) resource Agency Guidances OCEG Reviewed
The overall goal of this booklet is to provide guidance to the financial services industry about the importance of business continuity planning, which establishes the basis for financial institutions to recover and resume business processes when operations have been disrupted unexpectedly.
Read more
NIST, Computer Security Incident Handling Guide (2008) resource Agency Guidances OCEG Reviewed
Computer security incident response has become an important component of information technology (IT) programs. Security-related threats have become not only more numerous and diverse but also more damaging and disruptive. New types of security-related incidents emerge frequently.
Read more
Auditor Answers: Performing Post Mortems on Problem Events (2008) resource Articles OCEG Reviewed
Submitted by OCEG Staff on Aug, 21 2008
The best-laid plans of mice and men go under the microscope when unexpected events put business continuity management to the test. Our expert auditor offers inside advice on what comprises a successful incident post mortem: when it should happen, who should participate, and what it should produce in the end. By Dan Swanson, at IT Compliance Institute
Read more
SBA, Expect the unexpected: Prepare your business for disaster (2007) resource Agency Guidances OCEG Reviewed
This guide will help you prepare for a disaster and put your business in a position to survive a disruption. Though each situation is unique, any business can be better prepared if it plans carefully, puts emergency procedures in place, and practices for emergencies of all kinds.   Prepared by the SBA and Nationwide Insurance.
Read more
Practical Disaster Recovery Planning: A Step-by-Step Guide resource White Papers OCEG Reviewed
Good disaster recovery planning is about identifying those processes and resources that are truly critical, developing realistic recovery objectives for them, and then developing a plan that can achieve those objectives as simply and cost-effectively as possible.
Read more
Disaster recovery, backup, and restore: Big challenges for small businesses (2008) resource Articles OCEG Reviewed
All businesses need to create a disaster recovery plan that encompasses the entire range of business risk in order to maintain their operations during a disaster or even through an outage lasting days. And companies with disaster recovery plans already in place need to test their plans as changes occur in their internal technology and human environments.
Read more
Syndicate content
Related terms
R4. Crisis Response
R5. Remediation
R2. Internal Investigation
R3. 3rd Party Inquiry & Investigation
R1. Responsive Actions & Controls
R6. Reward