Enterprise Governance, Risk and Compliance
Business Operations
1
© Copyright 2012 Axis Technology, LLC
Enterprise Governance, Risk & Compliance
2
The world is changing dramatically. New and rapidly shifting regulatory environments affect the strategy, structure, and operations of organizations, both within the enterprise and in its dealings with customers, partners and other third parties.
eGRC is a rapidly evolving business capability that uses processes and tools to combine:
• Compliance programs that measure control effectiveness,
• Risk management programs that categorize and prioritize risks, and
• Governance programs that identify, monitor and manage remediation of those risks.
© Copyright 2012 Axis Technology, LLC
eGRC Risk
3
The typical organizations reaction to these shifting regulatory demands has produced multiple new risks and disruptions
Impacts
• Unclear organizational direction
• Fragmented control framework
• Unrecognized / unmitigated risks
• Organization performance interrupted
• Lost opportunities
© Copyright 2012 Axis Technology, LLC
eGRC Framework
4
eGRC is an enterprise initiative that reaches from strategy through architecture to the operations of the organization. Whether an organization starts top-down with Corporate Leadership or starts the initiative at a more targeted Architecture or Operations level, these modules form a framework for an Enterprise GRC program.
eGRC Strategy Maturity Assessment
Risk Appetite/Profile IT Strategy
CORPORATE LEADERSHIP
eGRC Realization
Maturity Execution
Risk Appetite Mgmt
IT Implementation
OPERATIONS
eGRC Architecture
Maturity Roadmap Risk Integration IT Architecture
ARCHITECTURE
Corporate Leadership Ensure the eGRC strategy is well defined, communicated effectively and permeates the culture.
Architecture Ensure there is a robust and integrated control framework.
OperationsImplement processes, organizations and technology that are aligned with the strategy and architecture.
(Beyond)eGRC Interface
3rd Party Maturity Model
3rd Party Risk Mgmt
3rd Party Interfaces
THIRD PARTYThird PartyImplement protocols and technology – aligned with the enterprise strategy and architecture – to interface effectively with strategic third party vendors, partners, channels, etc.
© Copyright 2012 Axis Technology, LLC
eGRC Expertise
5
Axis takes a holistic approach to eGRC by providing expertise across the key business and technical disciplines (strategy, organization, culture, process, technology and communication) to achieve enterprise change
© Copyright 2012 Axis Technology, LLC
eGRC Outcome
6
A holistic, insightful, and actionable eGRC strategy can help your organization to launch and maximize its successful eGRC effort.
• Improved ability to proactively manage to current and emerging regulatory demands and market opportunities
• Integrated information that enables agility
• Transparency across the organization
• Risk management decisions throughout the enterprise aligned with strategic and organizational goals
• Efficient and effective management of enterprise risk
© Copyright 2012 Axis Technology, LLC
www.AxisTechnologyLLC.com
70 Federal StreetBoston, MA 02110
(857) 445-0110
7