ProcessGene GRC Software Suite

1,411 views
1,378 views

Published on

ProcessGene develops forward-thinking GRC software solutions, designed to serve multi-subsidiary organizations. The company has been acknowledged as a market leader and innovator by the most important analyst firms. Businesses and governments worldwide use ProcessGene solutions to manage and control risks, assure compliance to policies and regulations, manage corporate governance programs, and perform internal audits.
ProcessGene’s Multi-Org technology enables synchronized management of several business process models (e.g per subsidiary), all linked to a centrally controlled, global business process baseline.
ProcessGene also offers a full range of Multi-Org Business Process Management (BPM) solutions. For more information, visit www.processgene.com.
http://www.processgene.com//index.php?pageIndex=grc-solutions

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,411
On SlideShare
0
From Embeds
0
Number of Embeds
95
Actions
Shares
0
Downloads
19
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

ProcessGene GRC Software Suite

  1. 1. Business Process Realization The ProcessGene™ GRC Suite Business Process Realization Solutions for Multi-Subsidiary Enterprises Process-Driven Risk Management, Governance and Compliance SolutionDesign Processes • Supervise Realization • Control Changes • Enforce Compliance Copyright © 2007
  2. 2. About ProcessGene Ltd. • ProcessGene™ develops GRC solutions for global enterprises • Serving tier 1, global, multi-subsidiary customers from various industrial branches • Over 40 global integrators deploy and use the GRC Suite, with over 1000 installationsCopyright © 2011 Business Process Realization Copyright 2 of 85 Slide © 2007
  3. 3. ProcessGene’s Offering An end to end GRC software suite, designed for multi-subsidiary enterprises • The first integrated BPM/GRC suite in SaaS • The only “Multi-Org” BPM/GRC solution- designed for multi-subsidiary enterprisesCopyright © 2011 Business Process Realization Copyright 4 of 85 Slide © 2007
  4. 4. ProcessGene GRC Solutions End-to-end GRC enablers Search and GRC Diagnostics Reports Module and Dashboards Risk Regulatory Management Compliance Multi-Org Collaboration Mechanism Mechanism Corporate Governance IT GRC Graphics Connectivity to Internal engine for ERP systems Audit End-to-end GRC enablers Diagrams Business Process Task and Workflow Management Engine Platform SaaS PlatformCopyright © 2011 Business Process Realization Copyright 5 of 85 Slide © 2007
  5. 5. Risk Management • Identify, evaluate and prioritize organizational risks • Relate risks to relevant business processes, systems and organizations • Mitigate and control the risks • Track and diagnose progress of the risk management program • Link KRIs to processes or risks • Record and categorize loss events • Manage opportunities vs. risks • Global and optimized risk vs. return management • Business processes that involve high risks are easily monitored and diagnosedCopyright © 2011 Business Process Realization Copyright 7 of 85 Slide © 2007
  6. 6. Benefits and Differentiation of the ProcessGene™ GRC Solution • Designed for multi-subsidiary, global organizations • Very fast implementation • Full automation • Direct connectivity to ERP systems • Leaders in cloud provisioning • Multiple frameworks: • Unlimited amount of free “view” usersCopyright © 2011 Business Process Realization Copyright 8 of 85 Slide © 2007
  7. 7. Regulatory Compliance • Support a wide array of compliance programs covering USA and EMEA regulations • Specialized functionality & repositories for specific compliance programs • Sample regulations: SOx, FDA, FERC, NERC, FAA, OMB A-123, EH&S, HACCP, ISO 22000, PCI, BSA, Patriot Act, GLBA, KYC, AML, Basel II, MaRisk, ISOx- Goshen, SAS70, eTOM, PCI-DSS, ISO 27002, NIST • End to end solution, covering the entire regulatory compliance cycle • A common framework to comply with the on-growing regulatory scope enables to reduce compliance costsCopyright © 2011 Business Process Realization Copyright 9 of 85 Slide © 2007
  8. 8. IT GRC • Measure and mitigate IT risks by implementing controls that ensure the security and integrity of data, systems, networks and IT facilities • Ensure compliance with a set of IT regulations governing data retention, privacy, confidential information, change management, vendor information and disaster recovery • Based on leading control frameworks such as Cobit, ISO 27002, NIST, ITIL • Automation effectively reduces the cost of enforcement, while providing improved and quantifiable compliance results • Direct connectivity to enterprise software systems automates and improves the effectiveness of IT compliance enforcement • Easy access to objective evidence for compliance enforcementCopyright © 2011 Business Process Realization Copyright10 of 85 Slide © 2007
  9. 9. Internal Controls • Document, test, sign-off and monitor the organizational controls • Automated workflows simplify follow up on testing, sign- off and deficiency remediation • Collected evidence is documented electronically, with full audit trail • Automation reduces costs and prevents errors that are caused by manual, non validated activities • A control is tested once and then re-used for several compliance purposes and goes through several types of auditsCopyright © 2011 Business Process Realization Copyright11 of 85 Slide © 2007
  10. 10. Corporate Governance • Manage a dynamic set of processes, policies and procedures related to reliability, integrity and compliance with laws and regulations • Deploy a workflow of automated approvals to ensure that governance is communicated and enforced • Verify, through surveys and enterprise wide acknowledgment processes, that governance is disseminated and enacted • Enable a clear and traceable accountability mechanism to ensure adoption of corporate governance principles • Comply with required legal regulationsCopyright © 2011 Business Process Realization Copyright12 of 85 Slide © 2007
  11. 11. ProcessGene™ GRC: Five Roles, Seven Responsibilities Role Responsibility GRC Manager Document Business Processes Risks, Controls, Test Plans Control Owners Execute Controls and document execution evidence Internal Testers Conduct tests over Controls. Manage deficiency Report test results remediation External Auditor Review efficiency of Controls Verify deficiency based on test results remediation Approvers Sign-Off Business ProcessesCopyright © 2011 Business Process Realization Copyright16 of 85 Slide © 2007
  12. 12. Login to the USA environmentCopyright © 2011 Business Process Realization Copyright17 of 85 Slide © 2007
  13. 13. Copyright © 2011 Business Process Realization Copyright18 of 85 Slide © 2007
  14. 14. Copyright © 2011 Business Process Realization Copyright19 of 85 Slide © 2007
  15. 15. Copyright © 2011 Business Process Realization Copyright20 of 85 Slide © 2007
  16. 16. Copyright © 2011 Business Process Realization Copyright21 of 85 Slide © 2007
  17. 17. Easily define and edit the process description and its propertiesCopyright © 2011 Business Process Realization Copyright22 of 85 Slide © 2007
  18. 18. Easily edit the process DiagramCopyright © 2011 Business Process Realization Copyright23 of 85 Slide © 2007
  19. 19. ERP Screens ERP transaction/ Description Automatic GRC test Execute the automatic test or “jump” directly to an exact location at the ERP systemCopyright © 2011 Business Process Realization Copyright24 of 85 Slide © 2007
  20. 20. Any SAP Screen The SAP transaction is Direct connectivity to automatically opened the ProcessGene applicationCopyright © 2011 Business Process Realization Copyright25 of 85 Slide © 2007
  21. 21. The Oracle screen is Direct connectivity to the automatically opened ProcessGene applicationCopyright © 2011 Business Process Realization Copyright26 of 85 Slide © 2007
  22. 22. Relate Risks and Controls to the Process Define the list of related Risks Jump to Controls managementCopyright © 2011 Business Process Realization Copyright27 of 85 Slide © 2007
  23. 23. A selected Risk’s properties The Risk’s description Raw and residual levels Related opportunitiesCopyright © 2011 Business Process Realization Copyright28 of 85 Slide © 2007
  24. 24. A selected Risk’s diagnosticsCopyright © 2011 Business Process Realization Copyright29 of 85 Slide © 2007
  25. 25. Historical cost eventsCopyright © 2011 Business Process Realization Copyright30 of 85 Slide © 2007
  26. 26. The Risk’s audit plan and audit execution data The Risk’s audit plan, audit schedule and audit results, including the documentation of historical results and the management of deficiency remediationCopyright © 2011 Business Process Realization Copyright31 of 85 Slide © 2007
  27. 27. Tasks related to the modeling and management of the RiskCopyright © 2011 Business Process Realization Copyright32 of 85 Slide © 2007
  28. 28. Documents related to the modeling and management of the RiskCopyright © 2011 Business Process Realization Copyright33 of 85 Slide © 2007
  29. 29. Relate Risks and Controls to the Process Define the list of related ControlsCopyright © 2011 Business Process Realization Copyright34 of 85 Slide © 2007
  30. 30. A selected Control’s properties Press to edit the selected Control’s properties Assign a Control owner Determine execution frequencyCopyright © 2011 Business Process Realization Copyright35 of 85 Slide © 2007
  31. 31. All fields are editable in the Control’s edit formCopyright © 2011 Business Process Realization Copyright36 of 85 Slide © 2007
  32. 32. Copyright © 2011 Business Process Realization Copyright37 of 85 Slide © 2007
  33. 33. Copyright © 2011 Business Process Realization Copyright38 of 85 Slide © 2007
  34. 34. The Control’s test plan and test execution data Define the Test and the criteria for the Test’s success/failure The Control’s test planCopyright © 2011 Business Process Realization Copyright39 of 85 Slide © 2007
  35. 35. Assigned tester(s) Scheduling data The Control’s test scheduleCopyright © 2011 Business Process Realization Copyright40 of 85 Slide © 2007
  36. 36. Edit the Control’s Test schedule Assign testers for the ControlCopyright © 2011 Business Process Realization Copyright41 of 85 Slide © 2007
  37. 37. Save Select a testerCopyright © 2011 Business Process Realization Copyright42 of 85 Slide © 2007
  38. 38. A tester was Assigned Define the test’s scheduleCopyright © 2011 Business Process Realization Copyright43 of 85 Slide © 2007
  39. 39. Scheduling dataCopyright © 2011 Business Process Realization Copyright44 of 85 Slide © 2007
  40. 40. A tester was assigned A schedule was definedCopyright © 2011 Business Process Realization Copyright45 of 85 Slide © 2007
  41. 41. ProcessGene™ GRC: Five Roles, Seven Responsibilities Role Responsibility GRC Manager Document Business Processes Risks, Controls, Test Plans Control Owners Execute Controls and document execution evidence Internal Testers Conduct tests over Controls. Manage deficiency Report test results remediation External Auditor Review efficiency of Controls Verify deficiency based on test results remediation Approvers Sign-Off Business ProcessesCopyright © 2011 Business Process Realization Copyright46 of 85 Slide © 2007
  42. 42. Copyright © 2011 Business Process Realization Copyright47 of 85 Slide © 2007
  43. 43. Copyright © 2011 Business Process Realization Copyright48 of 85 Slide © 2007
  44. 44. Copyright © 2011 Business Process Realization Copyright49 of 85 Slide © 2007
  45. 45. Copyright © 2011 Business Process Realization Copyright50 of 85 Slide © 2007
  46. 46. Copyright © 2011 Business Process Realization Copyright51 of 85 Slide © 2007
  47. 47. Copyright © 2011 Business Process Realization Copyright52 of 85 Slide © 2007
  48. 48. ProcessGene™ GRC: Five Roles, Seven Responsibilities Role Responsibility GRC Manager Document Business Processes Risks, Controls, Test Plans Control Owners Execute Controls and document execution evidence Internal Testers Conduct tests over Controls. Manage deficiency Report test results remediation External Auditor Review efficiency of Controls Verify deficiency based on test results remediation Approvers Sign-Off Business ProcessesCopyright © 2011 Business Process Realization Copyright53 of 85 Slide © 2007
  49. 49. An automatic email from the control’s testing reminder Email notifications are optionalCopyright © 2011 Business Process Realization Copyright54 of 85 Slide © 2007
  50. 50. Elizabeth Martin’s Personal task listOpen the Control’stest task to execute itCopyright © 2011 Business Process Realization Copyright55 of 85 Slide © 2007
  51. 51. Read the Control’s test plan and execute it accordinglyCopyright © 2011 Business Process Realization Copyright56 of 85 Slide © 2007
  52. 52. Report test results. All results are documented in the system and history is saved.Copyright © 2011 Business Process Realization Copyright57 of 85 Slide © 2007
  53. 53. The Control’s test results are documented in the systemCopyright © 2011 Business Process Realization Copyright58 of 85 Slide © 2007
  54. 54. The Control’s test result historyCopyright © 2011 Business Process Realization Copyright59 of 85 Slide © 2007
  55. 55. Defining, assigning and scheduling the required deficiency remediation tasksCopyright © 2011 Business Process Realization Copyright60 of 85 Slide © 2007
  56. 56. ProcessGene™ GRC: Five Roles, Seven Responsibilities Role Responsibility GRC Manager Document Business Processes Risks, Controls, Test Plans Control Owners Execute Controls and document execution evidence Internal Testers Conduct tests over Controls. Manage deficiency Report test results remediation External Auditor Review efficiency of Controls Verify deficiency based on test results remediation Approvers Sign-Off Business ProcessesCopyright © 2011 Business Process Realization Copyright62 of 85 Slide © 2007
  57. 57. View the status of Controls in the entire organizationCopyright © 2011 Business Process Realization Copyright63 of 85 Slide © 2007
  58. 58. A distribution of the Controls’ test resultsCopyright © 2011 Business Process Realization Copyright64 of 85 Slide © 2007
  59. 59. A distribution of the key Controls’ test results Direct access to grouped Controls (e.g to the ineffective group)Copyright © 2011 Business Process Realization Copyright65 of 85 Slide © 2007
  60. 60. A distribution of the Raw Risk weight in the organization The average Raw Risk level and Residual Risk level vs. the average Risk tolerance in the organizationCopyright © 2011 Business Process Realization Copyright66 of 85 Slide © 2007
  61. 61. The average controlled vs. residual risk levels in the organizationCopyright © 2011 Business Process Realization Copyright67 of 85 Slide © 2007
  62. 62. The average controlled vs. residual risk levels in the organization – distributed per categoryCopyright © 2011 Business Process Realization Copyright68 of 85 Slide © 2007
  63. 63. All tasks in the organization can be viewed, monitored and managed from this area Jump to the endCopyright © 2011 Business Process Realization Copyright69 of 85 Slide © 2007
  64. 64. Sign-off Processes Define Sign-off tasks per processCopyright © 2011 Business Process Realization Copyright70 of 85 Slide © 2007
  65. 65. View a Sign-off task detailsCopyright © 2011 Business Process Realization Copyright71 of 85 Slide © 2007
  66. 66. Edit a Sign-off task details Select the required signing statement Assign user(s)Copyright © 2011 Business Process Realization Copyright72 of 85 Slide © 2007
  67. 67. Save Select a testerCopyright © 2011 Business Process Realization Copyright73 of 85 Slide © 2007
  68. 68. Edit a Sign-off task details A user was Assigned Define the task’s scheduleCopyright © 2011 Business Process Realization Copyright74 of 85 Slide © 2007
  69. 69. Scheduling dataCopyright © 2011 Business Process Realization Copyright75 of 85 Slide © 2007
  70. 70. The Sign-off task is definedCopyright © 2011 Business Process Realization Copyright76 of 85 Slide © 2007
  71. 71. ProcessGene™ GRC: Five Roles, Seven Responsibilities Role Responsibility GRC Manager Document Business Processes Risks, Controls, Test Plans Control Owners Execute Controls and document execution evidence Internal Testers Conduct tests over Controls. Manage deficiency Report test results remediation External Auditor Review efficiency of Controls Verify deficiency based on test results remediation Approvers Sign-Off Business ProcessesCopyright © 2011 Business Process Realization Copyright78 of 85 Slide © 2007
  72. 72. An automatic email from the Process’s Sign-off reminderCopyright © 2011 Business Process Realization Copyright79 of 85 Slide © 2007
  73. 73. Michael Chang’s Personal tasks area Michael Chang’s Sign-off taskCopyright © 2011 Business Process Realization Copyright80 of 85 Slide © 2007
  74. 74. Sign-off task details Approval declaration Required action: Approve nowCopyright © 2011 Business Process Realization Copyright81 of 85 Slide © 2007
  75. 75. Confirm the Sign-off declarationCopyright © 2011 Business Process Realization Copyright82 of 85 Slide © 2007
  76. 76. The Sign-off declaration is documented in the systemCopyright © 2011 Business Process Realization Copyright83 of 85 Slide © 2007
  77. 77. All historical Sign-offs for this processCopyright © 2011 Business Process Realization Copyright84 of 85 Slide © 2007
  78. 78. A gauge indicating the current organizational Sign-off statusCopyright © 2011 Business Process Realization Copyright85 of 85 Slide © 2007
  79. 79. Thank You! ProcessGene Ltd. For additional information: www.processgene.comCopyright © 2011 Business Process Realization Copyright87 of 85 Slide © 2007

×