To help implement centralized governance, risk, and compliance (GRC) management solution for a Toronto-based public trust company.
CENTRALIZED UNIFIED COMPLIANCE FRAMEWORK (UCF) REPOSITORY of the rules and requirements: regulations, audit guidelines, contractual obligations, CobIT standards, and internal management policies.
UNIFORM RISK MANAGEMENT provides consistency of risk assessment, scoring and control across organization.
ONGOING RISK MONITORING allows to identify and address critical changes in organization’s risk posture.
INTERNAL AUDIT AUTOMATION helps harmonize and reuse across organization audit processes, test templates, flows, and audit project activities, as well as address deficiencies and assign finding
VENDOR RISK MANAGEMENT provides with an instrument to collect, validate, and score self-assessment feedback from vendors. Third-party risk is managed as a part of organization’s overall risk management program.
CMDB AND BUSINESS SERVICE MAPS INTEGRATION close to real time updates of the configuration database and business services map are invaluable for ongoing risk assessment and activities related to risk management.
BUSINESS CONTINUITY PLANNING AND DISASTER RECOVERY sitting on the edge of IT Service Management and GRC, it improves both BCP program coverage, simplifies communication, and automates testing activities.