In sync10 grc_suite
Upcoming SlideShare
Loading in...5
×
 

In sync10 grc_suite

on

  • 1,219 views

Delivering Enterprise Value With Oracle Governance Risk and Compliance.

Delivering Enterprise Value With Oracle Governance Risk and Compliance.

Statistics

Views

Total Views
1,219
Views on SlideShare
1,219
Embed Views
0

Actions

Likes
0
Downloads
34
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Sonya Causer - Employee steals $20 million from Clive Peeters. The payroll manager of troubled whitegoods and electrical retailer Clive Peeters has admitted she used $20 million in company funds on a spending spree, buying more than 40 properties in the past 18 months. Theresa Lawson - was sentenced to a minimum of four years in jail last Friday for taking almost $2.7 million from her employer - money she claimed she gambled in poker machines in local clubs. She often gambled at St Marys Band Club - of which she was also a director - and more than 90 per cent of all the club's pokie payouts went to her. The club denies the claim. In evidence to the court, Lawson denied hiding or investing any money, saying she had spent about $2.5 million on gambling in three years. The Herald reported on Saturday that Lawson worked as a clerk in the payroll office at Woolworths Supermarkets. She had pleaded guilty to 19 counts of embezzlement and was sentenced to seven years' imprisonment, with a minimum term of four years. Phil Green – CEO of Babcock and Brown Mark McInnes – Resigned as CEO and now defending sexual harassement allegations. Mr McInnes repeated that he will “vigorously defend” the $37 million sexual harassment case launched by a former employee. Brand reputation could be impacted as well as non compliance of internal code of ethics highlighted.

In sync10 grc_suite In sync10 grc_suite Presentation Transcript

  • Delivering Enterprise Value with Oracle Governance, Risk and Compliance Svetlana Loncarevic & Brian Amato Oracle 16 th August 2010 The most comprehensive Oracle applications & technology content under one roof
  • Agenda
    • Business Challenges
    • Solution Overview
    • Customer ROI
    • Questions
  • A History Lesson Enron - $11Billion Coles Myer - $4.26M Societe Generale - €6.3B HIH - $5.3Billion collapse
  • And Even Today…
        • $20M
        • $2.7M
        • $37M
        • $3B
  • Numerous Risks Confront Business INFORMATION MANAGEMENT Document Retention / Records Mgt Electronic Data Management Information Security Information Privacy E-COMPLIANCE Electronic Info, E-mail and Postings Internet Security Internet Privacy ETHICS Conflicts of Interest Ethical Decision-Making Gifts & Gratuities Respectful Conduct INTELLECTUAL PROPERTY Copyright Trademark Patent INTERNATIONAL TRANSACTIONS Foreign Negotiation & Sales Export Controls Economic Embargoes Global Trade & Competition CORPORATE GOVERNANCE Board Structure & Processes Audit Committee Structure & Processes WORKPLACE HEALTH & SAFETY PRODUCT QUALITY & LIABILITY FRAUD & CORRUPTION Insider Transactions Money Laundering Foreign Negotiation and Sales Revenue and Expense Recognition INDUSTRY SECTORS Pharmaceutical Financial Services Automotive Utilities Oil & Gas and more... ENVIRONMENTAL Hazardous Material Handling Environmental Reporting Permit Management EMPLOYMENT Ant-Discrimination / Accommodation Anti-Harassment Benefits Compensation Contingent Workforce Employee Privacy Executive Compensation Global Mobility / Immigration Hiring / Retention
  • Companies will spend $29.8B on Governance Risk and Compliance activities in 2010, up 3.9%.
  • Burden Stems from Core Challenges Finance Business Assessment/ Audit Groups IT Security/Risk Management C1b C2b C3b C5b C6b C7b C9b C10b C11b R1 R2 R3 R1 R2 R3 R1 R2 R3 C1c C2c C3c C5c C6c C7c C9c C10c C11c C1a C2a C3a C5a C6a C7a C9a C10a C11a Challenge: Multiple Requirements, Fragmented Response Challenge: No Proactive Risk Management Challenge: Ad-hoc Approach with Manual Controls GRC Business Processes Risk React
  • Smart Strategies to Manage Risk & Compliance Solution: Consolidate multiple standards and regulations onto a single platform Solution: Manage risk in a disciplined & consistent fashion
    • Solution:
    • Manage & Automate controls across standard business processes
    R1 R2 R3 C1 C2 C3 C5 C6 C7 C9 C10 C11 Business Process Governance Risk & Compliance Regulation A Standard C Risk B
  • Through 2010, companies that select individual solutions for each regulatory challenge they face will spend 10 times more …than companies that take a proactive and more integrated approach.
  • Oracle Integrated Governance, Risk & Compliance Custom, Legacy, … Across Functional Boundaries Throughout the Processes In the Technology Budgeting O2C P2P Logistics Financial Close
  • Oracle Governance, Risk and Compliance Suite
    • Embedded Controls
    • Detective, Preventive, Contextual
    • Automated controls testing
    • Pre-built controls library
    • Centralized GRC Oversight
    • Common Repository for GRC
    • Audit and Assessment of Controls
    • Integrated remediation management
    • 360º Visibility
    • Single source of GRC Information
    • Pre-built dashboards
    • Respond to KRI and issues
    GRC Intelligence Executive Dashboards KRIs and KPIs Ad-Hoc Analysis GRC Manager Enterprise Risk Management Compliance Management Remediation Management GRC Controls SOD & Access Application Configuration Transaction Monitoring Custom or Legacy Applications Preventive Controls
  • Governance Risk & Compliance Intelligence
    • Risk-based scoping with integrated account balance and GRC information
    • Self-service analysis and reporting with interactive dashboards and automated alerts
    • 100+ pre-built KPIs for Risk, Certification, Controls, and Issues enable personalized reporting
    Timely Access to Information / Better Decisions Monitor All Open Issues Investigate Troubling KPIs Configure Risk & Control KPIs Review GRC Dashboards GRC REPORTING & ANALYSIS GRC Manager GRC Intelligence GRC Controls
  • Enterprise Governance Risk & Compliance Manager
    • Capture issues and manage remediation
    • Automate certifications, audits, and management assessments
    • Central repository for policy, risk and compliance documentation
    Manage Risk and Compliance Across the Enterprise Certify and Publish Remediate and Optimize Test Controls and Analyze Exceptions Assess Scope Based on Risk Document Risk and Control Matrix Risk and Compliance Process GRC Manager GRC Intelligence GRC Controls Standards & Mandates Controls Risks Risks
  • Application Access Controls Governor Enforce Proper Segregation of Duties in Applications
    • Accelerate deployment and time to value with pre-delivered controls library
    • Mitigate risk of privileged user access to enterprise applications with approval workflow and audit trails
    • Simplify segregation of duties enforcement with simulation and remediation
    GRC Manager SOD & Access Application Configuration Transaction Monitoring GRC Intelligence GRC Controls Compensating Policies Preventive Provisioning Remediation (Clean-up) Access Analysis Define Access Controls Detection Prevention GRC Manager SOD & Access Application Configuration Transaction Monitoring GRC Intelligence GRC Controls Preventive Controls
  • Configuration Controls Governor Ensure Integrity of Critical Application Setups
    • Tightly control change management to accelerate development and test time
    • Track complete audit trails for changes to key configurations
    • Achieve consistent application setup and operating standards across multiple instances
    GRC Manager SOD & Access Application Configuration Transaction Monitoring GRC Intelligence GRC Controls Manage Data Integrity Enforce Change Control Monitor Configuration Changes Document or Compare Configurations Define Configuration Controls Detection Prevention GRC Manager SOD & Access Application Configuration Transaction Monitoring GRC Intelligence GRC Controls Preventive Controls
  • Transaction Controls Governor Identify Inaccurate or Fraudulent Transactions
    • Continuously monitor accuracy of transactions and mitigate exposure to fraud
    • Test against thresholds
    • Search for anomalies
    • Perform transaction sampling
    GRC Manager SOD & Access Application Configuration Transaction Monitoring GRC Intelligence GRC Controls Detection Prevention Preventive Transaction Controls Review and Address Suspects Perform Transaction Analysis Define Transaction Controls Preventive Controls GRC Manager SOD & Access Application Configuration Transaction Monitoring GRC Intelligence GRC Controls Preventive Controls
  • Preventive Controls Governor Enforce granular controls conditionally
      • Implement field-, block- and/or form-level controls to hide, mask or validate information
      • Enforce business policy using contextual automated processes
      • Protect sensitive data
      • Mitigate risk of application changes with approval workflow and audit trails
      • Reduce audit costs, reduce maintenance costs, increase IT productivity
    GRC Manager SOD & Access Application Configuration Transaction Monitoring GRC Intelligence GRC Controls Prevention Enforce LOVs & Field Attributes Add Messages & Default Values Add Navigation & Extend Forms Secure & Audit Fields Add Approval Workflows Preventive Controls
  • Preventive Controls Governor Enforce Controls & Proactive Change Management
      • Enforce Controls to granular level to targeted users and events
      • Invoke approval workflow / notifications when key risk fields are modified and produce audit trails of key changes
      • Accelerate deployment and time to value with pre-delivered controls library
    Prevention Enforce Field Validation Proactive Change Management Prevent Read/Write Access Define Preventive Controls Review Audit Reports GRC Manager SOD & Access Application Configuration Transaction Monitoring GRC Intelligence GRC Controls Preventive Controls
  • The Oracle Difference Enterprise Governance, Risk & Compliance Platform Leader* 3 Role-Based Dashboards Provide Real Time Insight 2 1 One Platform Satisfies Multiple Regulations GRC Controls Integration Enforces Policy Controls *Source: 1 Gartner Magic Quadrant for Enterprise Governance Risk Compliance Platform, 2009 2 Gartner Magic Quadrant for Continuous Controls Monitoring, 2010 3 Gartner Magic Quadrant for Business Inteligence Platform, 2010 Financial Reporting Green Compliance Data Privacy R1 R2 R3 C1c C2c C3c C5c C6c C7c C9c C10c C11c Policy
  • Oracle Helps Reduce Compliance Costs and Control Risk Reduces controls testing by 65% Cuts Segregation of Duties audit from 2 months to 2 days Reduces audit preparation time by 25% Saves $1 million by avoiding customizations Access Controls pass rate improved by 27% Reporting time reduced from 4 days to minutes Testing costs reduced by 30% User role violations reduced by 90%
  • Tell us what you think…
    • http://feedback.insync10.com.au