MEGA’S SOLUTIONS FOR GOVERNANCE, RISK, AND COMPLIANCE

Give your board a real-time, 360⁰ vision of the Corporate Governance framework

Rc

Ic

Ia Rm

REGULATORY COMPLIANCE

INTERNAL CONTROL

INTERNAL AUDIT RISK

MANAGEMENT

BENEFITS

• Reduce response time through automated assessment campaigns, alerts, reminders, and workflows

• Deliver actionable reports and analyses for process optimization and governance• Increases awareness and clearly define responsibilities on risks, controls, and regulations for all

employees• Streamlines processes to allow GRC teams to focus on high value-added tasks• Ensure traceability and reliability of all data• Provide support for all levels - from management to business users• Flexible data access rules can be configured to define and organize the information that is shared

INTEGRATED GRC APPROACHToday, companies must operate in a complex and changing environment with pressure from customers, competitors and regulators. New and changing regulations lead to new risks and controls that must be managed to ensure compliance and reach business objectives - while maintaining profitability and a high level of performance. GRC departments, including compliance, risk management, internal control and audit, must deal with this challenge, but as the company grows, so does the amount of regulations and risks they have to deal with.

These departments report to the board, which is ultimately responsible for the Corporate Governance framework and risk oversight of the organization. Each GRC department must report its findings for the board to make decisions about the strategic direction of the company. When taking a fragmented, silo-based approach to Corporate Governance, the results often lead to a disjointed vision, as well as decisions being made without a clear picture.

To enforce efficient Corporate Governance, not only do GRC departments need support to deal with the com-plexity of their tasks, but they also need a common framework to provide the board with useful information for decision making.

ENTERPRISE RISK MANAGEMENT

OPERATIONAL RISK MANAGEMENT

COMMON REPOSITORYSHARED ENTERPRISE DESCRIPTION AND GRC VIEWPOINTS

REGULATORYCOMPLIANCE

INTERNALCONTROL

INTERNALAUDIT

ALERTS WORKFLOWS DASHBOARDS REPORTS ASSESSMENTS RISK ENGINE CONFIDENTIALITY

4

RISK MANAGEMENTHOPEX Risk Management helps streamline the risk management process by providing a 360° view - from risk identification to reporting - which results in actionable data and metrics to support business growth and profitability.

BENEFITS

• Easily assess high priority risks through key risk indicator (KRI) tracking

• Faster response times through automated assessment campaigns, questionnaires, alerts, reminders, and workflows

• Protect against future losses and negative business impacts through scenario analysis

• Deliver actionable reports and analyses for process optimization and governance

• Calculate capital allocations

FEATURES

• Identification Phase- Identify risks using bottom-up and top-down approaches- Set up and manage a risk library including KRIs and KPIs

• Incident Management and Risk Quantification Phase- Collect incident data, including losses and recoveries- Calculate capital allocations

• Risk Assessment Phase- Assess risks with RCSA questionnaires- Consolidate risks and forecast future risk exposure

• Risk Treatment Phase- Monitor risks with reports for both analysis and communication- Follow-up on action plans with alerts and reminders

Risk Reporting Dashboard

5

BENEFITS

• Set up a regulatory governance system

• Establish operational efficiency by automating assessment and testing campaigns using questionnaires, alerts, and reminders

• Create clear awareness of applicable regulations for each business process to improve accountability

• Reduce response time through alerts and workflows

• Provide accurate and appropriate information for all levels and facilitate production of reporting for internal stakeholders and external regulators

COMPLIANCEHOPEX Compliance helps identify, implement, and monitor regulations, and the risks and controls linked to them, to ensure compliance and protect the company against potential breaches.

Compliance Risk Aggregation

FEATURES

• Analysis Phase- Gather all regulatory requirements- Map requirements to your processes, business lines

and departments

• Implementation Phase- Communicate regulatory requirements to stakeholders- Assess compliance risks through questionnaires- Test compliance controls

• Monitoring Phase

- Understand regulatory change and impact- Monitor the impact of new business requirements- Use action plans to deal with detected compliance breaches

6

INTERNAL CONTROLHOPEX Internal Control turns your internal control system into an asset to ensure compliance and reduce risks.

BENEFITS

• Ensure traceability and reliability of all internal control data

• Establish a repository of controls to improve awareness and responsibility among business users

• Automate assessment and testing campaigns through questionnaires, alerts, and reminders

• Reduce response time through alerts and workflows

• Deliver reports for process optimization and governance

FEATURES

• Inventory Phase- Identify and describe all your controls in a consolidated repository- Associate controls with the corresponding business process,

business units, and risks, through a graphical interface

• Internal Control Execution Phase - Monitor control execution with questionnaires and checklists

• Evaluation Phase- Asses controls through campaigns using customizable

questionnaires- Test controls based on automatic workflows

• Remediation Phase- Identify and analyze deficiencies- Implement and track action plans

Detailed Control Report

7

BENEFITS

• Integrates auditing and risk management

• Accompanies and streamlines all auditing steps using predefined processes

• Follows a process-oriented perspective with numerous templates and workflows

• Delivers reports and analysis for process optimization and governance

• Meets the standards of IIA, PCAOBS, and ISO 19011

INTERNAL AUDITHOPEX Internal Audit makes it faster, easier, and less expensive to implement internal audit programs. The solution is designed to save time in the internal audit process, while ensuring that audit data is traceable and consistent.

Audit Plan Scheduling

FEATURES

• Preparation Phase- Build audit plans based on templates and past assessments- Schedule missions with Gantt charts- Allocate staff based on availability and skills

• Execution Phase- Generate work programs using templates and checklists- Perform on and offline audits- Write-up recommendations- Generate audit reports

• Recommendation and Follow-up Phase - Track recommendation progress with automatic alerts

and reminders- Follow-up on recommendations

ABOUT MEGA MEGA International is a global software and consulting company that helps corporations and governments manage enterprise complexity by giving them an interactive view of their operations. We provide business leaders with the visibility and information they need to improve decision making. With our enterprise governance solution, organizations can optimize and transform their key processes – while making sure that those processes are aligned with their strategy and objectives. Today more than 2,700 companies in 40 different countries use MEGA solutions.

Learn more at: www.mega.com

Worldwide Headquarters

MEGA International9 avenue René Coty75014 ParisFrancePhone: +33 (0)1 42 75 40 00

© MEGA - July 2014

Americas Headquarters

MEGA International 175 Paramount Drive, Suite 302Raynham MA 02767United States of AmericaPhone: +1 781 784 7684

Asia-Pacific Headquarters

MEGA International583 Orchard Road#08-04 ForumSingapore 238884Phone: +65 6733 4470