Supply Chain Resource Cooperative (SCRC) resource Research / Studies OCEG Reviewed
The SCRC is an industry-university partnership dedicated to the development of future supply chain professionals. The site includes articles, white papers and tutorials.
Poole College of Management, NC State University
SAS Enterprise GRC
SAS Enterprise GRC strengthens governance and trust with systematic management of risk. It detects and helps prevent violations, allowing you to align strategy with risk appetite. The solution builds a reliable view of risk compliance, facilitates collaboration between GRC teams and reduces the cost of risk management through automation. Some Distinctive Features Include: Creates a common and integrated repository of all critical GRC components (e.g., risks, controls, policies, audits, etc.). Facilitates collaboration between various GRC teams, which will be difficult when the GRC components are in multiple systems. Reduces cost of risk management and compliance by reducing duplication of data and processes. Links all critical GRC elements, enabling you to easily visualize and assess the impact of a business decision in one part of the organization over other parts of the organization.
- IT.01 - Audit and Assurance Management
- IT.03 - Brand and Reputation Management
- IT.05 - Compliance Management
- IT.07 - Control Activity, Monitoring, and Assurance
- IT.12 - Finance/Treasury Risk Management
- IT.13 - Fraud and Corruption Detection, Prevention & Mgmt
- IT.16 - Information/IT Risk & Security
- IT.19 - Issue and Investigations Management
- IT.22 - Policy Mgmt, Communication & Training
- IT.24 - Quality Management and Monitoring
- IT.26 - Risk Management
- IT.26 - Regulatory Intelligence and Monitoring
- IT.27 - Strategy, Performance, and Business Intelligence
- A1. Identification
- D1. Detective Actions & Controls
- I1. Info Management
- M1. Context Monitoring
- P1. Proactive Actions & Controls
- R1. Responsive Actions & Controls
- A2. Analysis
- D2. Notification
- M2. Performance Monitoring
- R2. Internal Investigation
- A3. Planning
- D3. Inquiry
- I3. Technology
- P3. Policies
- R4. Crisis Response
- P7. Risk Financing
SAI Global GRC Software
SAI Global’s GRC Platform provides a flexible software solution to manage and profile risks, compliance obligations, incidents and cases, policies, and learning across the organization. Specific applications include configurations for environmental, health and safety use and for bribery and corruption risk management. A full utilization of SAI Global's software enables integration with SAI Global's Learning & Communication Platform and a single view across highly decentralized global operations. This inevitably results in better use of human capital, reduced costs, increased transparency and improved business results. A partial list of solution components, deployable as standalone elements or integrated, include risk assessment and profiling; obligations management; case and incident management; policy management; registries to manage gifts, hospitality, entertainment, facilitation payments and conflicts of interests; audit management; integration with hotline; and a fully configurable GRC Dashboard that integrates with learning and communication.
- IT.02 - Board and Entity Management
- IT.05 - Compliance Management
- IT.11 - Environmental, Health, and Safety
- IT.14 - Global Trade Compliance/International Dealings
- IT.15 - Hotline/Helpline
- IT.19 - Issue and Investigations Management
- IT.22 - Policy Mgmt, Communication & Training
- IT.23 - Privacy Management
- IT.26 - Risk Management
- IT.26 - Regulatory Intelligence and Monitoring
- IT.28 - 3rd Party/Vendor Risk & Compliance
- (C) Context
- M1. Context Monitoring
- P1. Proactive Actions & Controls
- R1. Responsive Actions & Controls
- D2. Notification
- M2. Performance Monitoring
- P2. Codes Of Conduct
- R2. Internal Investigation
- D3. Inquiry
- P3. Policies
- R3. 3rd Party Inquiry & Investigation
- M4. Assurance
- P4. Education
- (O) Organize
- (A) Assess
- (I) Interact
easy2comply Risk Management software
easy2comply Risk Management software solution enables efficient operational/ enterprise risk management in order to improve business processes and performance and simplify regulatory compliance. easy2comply allows you to identify, measure, control and manage operational/ enterprise risk by documenting your processes, risks and controls, accumulating and quantifying loss events, and providing management insight via reports, dashboards, heat-maps, what-if simulations and remediation plans. The software provides a full set of functionality, best practices, built-in work flow and a decision support system for ORM optimization. easy2comply’s unique architecture enables building a common framework and repository for multiple GRC processes, while allowing each individual project to be managed separately according to its own time frame, functionality, methodology and work flow. easy2comply’s singular software architecture provides the technological basis for enabling GRC convergence and a truly integrated GRC framework.
- IT.12 - Finance/Treasury Risk Management
- IT.26 - Risk Management
Umbrellas for Clouds: Applying Outsourcing Risk Mitigation Strategies to SaaS Transactions resource Articles OCEG Reviewed
Executive Summary: From a legal compliance and risk management perspective, outsourcing – the act of engaging a third party for a period of time to provide services that had previously been performed internally – shares many similarities with software as a service (SaaS) transactions – procuring access to software as a service hosted by a third party instead of through more traditional licensin
Which is Better: Outsourcing or Shared Services? (Deloitte, 2010) resource Articles OCEG Reviewed
Introduction: People have been arguing for years about the relative merits of outsourcing versus shared services. Yet the debate today is more relevant than ever. In some cases, organizations are unhappy with their previous decisions and are looking for a new approach.
Third Party / Outsourcing group
Welcome to the Third Party / Outsourcing group. This group provides resources and discussion around issues related to management, risk and compliance for third party and outsourcing issues. We welcome participation in this group by any premium or enterprise OCEG member.
A Field Research Study of Researchers’ Perspectives on Supply Chain Risk Management (2010) resource White Papers OCEG Reviewed
Abstract: Supply chain risk management (SCRM) is a nascent area emerging from a growing appreciation for supply chain risk by practitioners and by researchers. These researchers have approached this area from different domains and are therefore expected to have diversity in their perception of the scope and of the appropriateness of different research tools.
Supply Chain Dynamics in Asia (2010) resource White Papers OCEG Reviewed
Abstract: Supply chain management in Asia is a relatively new topic but is a key challenge for all Asia-based manufacturers and traders trying to integrate into the “global market.” The purpose of this paper is to describe key supply chain issues faced in Asia.
