Governance, Risk & Compliance Management Solution

1,100 views
920 views

Published on

0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,100
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
87
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Governance, Risk & Compliance Management Solution

  1. 1. Governance, Risk & Compliance Management Solution<br />Empowering Businesses<br />
  2. 2. Empowering Businesses<br />Escalating Frauds<br />World Demands Increased Regulatory Scrutiny<br />Why Regulatory Scrutiny?<br />2<br />
  3. 3. Empowering Businesses<br />Governance<br /><ul><li> Goals
  4. 4. Policies & standards
  5. 5. Policy Life Cycle Management</li></ul>Risk<br /><ul><li> Risk Assessment
  6. 6. Risk Scores
  7. 7. Risk Monitoring & Analysis
  8. 8. Risk Mitigation </li></ul>Culture<br />Compliance<br /><ul><li> Self Assessments
  9. 9. Technical Controls
  10. 10. Business Process controls
  11. 11. Integrated Compliance Scores </li></ul>Culture<br /><ul><li>Educate & Promote trust, integrity & accountability within organization </li></ul>Governance – Risk – Compliance<br />3<br />
  12. 12. <ul><li>GRC seen in isolation from the primary business processes & decision making
  13. 13. Difficult to make Infrastructure & Processes conducive for effective risk management moves
  14. 14. Lack of importance & attention to GRC in the restructuring of the processes & performance improvement </li></ul>What are the Organizational Challenges?<br />Empowering Businesses<br />4<br />
  15. 15. Empowering Businesses<br />Facts<br />Consequences<br /><ul><li>Managed in Silos
  16. 16. Lacks Proactive Approach
  17. 17. Inconsistent Approach
  18. 18. Disintegrated from decision making & core processes
  19. 19. Humans as Middleware
  20. 20. Insufficient IT Assets to support GRC requirements
  21. 21. Lack of Information Quality
  22. 22. Intensified Risk
  23. 23. Increased Complexity
  24. 24. Less Reliability resulting in lower confidence
  25. 25. Higher Cost</li></ul>Current State of GRC<br />5<br />
  26. 26. Empowering Businesses<br />Enterprise-Wide Responsibility<br />CFO/VP of Finance<br />CIO <br />Chief Compliance Officer (CCO) <br />Chief Risk Officer (CRO)<br />CEO<br /><ul><li>Efficient & Consistent Processes
  27. 27. Fees Reduction via reduced compliance violations
  28. 28. Better Planning of Compliance Management Resources
  29. 29. Identifying and implementing optimal detective & preventive controls
  30. 30. Reduction – total GRC Cost
  31. 31. Timely Notifications – issues & violations
  32. 32. Accessible Information – Financial Results, Compliance & Audit
  33. 33. Balancing the range of enterprise risks
  34. 34. Evaluation of Business Requirements
  35. 35. Evaluation of Technical Risk Capabilities
  36. 36. Reduction of Risk Exposure Cost
  37. 37. Reduction of Mitigation or Acceptance Cost
  38. 38. Ensuring Secure & Auditable information
  39. 39. GRC information Management Automation
  40. 40. Work towards single internal GRC Solution
  41. 41. Implementation of IT platform for GRC</li></ul>GRC Management Challenges<br />6<br />
  42. 42. Empowering Businesses<br />EU Directives<br />HIPAA<br />GLBA<br />…<br />SOX<br />JSOX<br />FDA<br />Basel II<br />Various Compliances<br />Engineering<br />Purchasing<br />Sales<br />Marketing<br />Manufacturing<br />Finance<br />Services<br />Customers<br />U.S.<br />Germany<br />Japan<br />U.K.<br />France<br />China<br />Canada<br />India<br />IT Governance<br />Records Retention<br />Financial Reporting Compliance<br />Market Risk Management<br />Legal Discovery<br />Audit Management<br />Data Privacy<br />Strategic Alignment<br />Credit Risk Management<br />Work Force Governance<br />Operational Risk Management<br />Service Level Compliance<br />Supply Chain Traceability<br />Across Functions<br />Across Countries<br />Devices, Apps, Servers & Data Sources<br />Global GRC Map<br />7<br />
  43. 43. Empowering Businesses<br />GRC – From manual, silo’d processes to fully integrated approach<br />Optimized GRC<br /><ul><li> GRC programs managed holistically
  44. 44. Business & IT alignment
  45. 45. All IT Management processes supported
  46. 46. GRC analysis from IT monitoring & management apps & systems
  47. 47. Reliance Control Tests for Risk Analysis
  48. 48. Acceptable Levels of Risk Management</li></ul>Rationalized GRC<br />Basic GRC<br /><ul><li> Compliance Programs
  49. 49. Common Survey & Evidence Collection Processes
  50. 50. Risk Management in Silos
  51. 51. High Cost of GRC Programs
  52. 52. Manual Processes
  53. 53. Weak Governance
  54. 54. Minimal Adoption of IT</li></ul>GRC Maturity Model<br />8<br />
  55. 55. Empowering Businesses<br />Capital Management/Basel II/Solvency II/BI<br />Dashboards<br />Economic Capital<br />RAPM<br />HR<br />Risk Management<br />Market<br />ALM<br />Operational<br />Credit<br />Learning Management<br /> Internal Controls & SOX<br />Actions<br />Loss<br />RCSA<br />Process Mapping<br />Documentation<br />KRI / KCI<br />Monitoring & Compliance<br />KYC/CDD<br />AML<br />MiFID<br />Fraud<br />Financial Control & Reporting<br />Core Financials<br />Budgeting & Planning<br />BI<br />Enterprise Content Management<br />Records Management<br />Legal Discovery<br />Change Management<br />COBIT:Security, Identity & Data Management<br />Audit<br />Encryption<br />Segregation of Duties<br />Identity Mgmt<br />Data Warehousing<br />Master Data<br />Workflow Management<br />Integrated Risk & Compliance Framework<br />9<br />
  56. 56. YES<br />Off-The-Shelf Solutions & Rishabh Capabilities<br />Empowering Businesses<br />10<br />
  57. 57. Our Service Lines<br />Empowering Businesses<br />Implementation Services<br /><ul><li>Complete Life-Cycle
  58. 58. Re-implementation Services
  59. 59. Implementation of new additional functionality in core Systems
  60. 60. Implementation of new solutions
  61. 61. Localization Implementation
  62. 62. Implementation of Industry Specific Solutions
  63. 63. Roll-out services</li></ul>Upgrade / Migration<br /><ul><li>Technical Upgrade
  64. 64. Upgrade of existing solution with new functionality implementation
  65. 65. Migration Services
  66. 66. Upgrade of New Dimension Solutions</li></ul>ISV services<br /><ul><li>Industry Specific Solution Development
  67. 67. Component Development for specific functionality
  68. 68. Localization Development
  69. 69. Solution Development on other technologies and integration with other Packages
  70. 70. Portal Development</li></ul>Hosting Services<br /><ul><li>Hosting of solution Installations with complete application maintenance</li></ul>Application Management Services<br /><ul><li>Complete Application Maintenance Services
  71. 71. Basis Management Services
  72. 72. Programming Support
  73. 73. Application Functional Support</li></ul>Audit Services<br /><ul><li>Technical System Audit & Recommendations
  74. 74. Process Audit & Recommendations</li></ul>Integration Services<br /><ul><li>Integration of multiple GRC systems
  75. 75. Integration of GRC and non-GRC systems</li></ul>Professional Services<br /><ul><li>Providing GRC Professionals</li></ul>Governance, Risk & Compliance<br /><ul><li>Implementation of Sarbane-Oxley Act, Basel II, FDA compliance etc.</li></ul>Training Services<br /><ul><li>Corporate Training</li></ul>11<br />
  76. 76. Dashboards – Enterprise Visibility to GRC Information<br />Empowering Businesses<br />12<br />
  77. 77. Rishabh AML Architecture<br />Empowering Businesses<br />13<br />
  78. 78. Empowering Businesses<br />On-site Delivery<br />Off-shore Delivery <br />Client<br />Rishabh<br />Development Center in India<br />Project Management Tools<br />Off-shore Delivery Head<br /> Project <br />Head<br />Stake Holders<br />GRC Solution Manager, Enterprise Project Management<br />Knowledge Management<br />Project Manager<br />Project<br />Manager<br />QA<br />Manager<br />Product Manager<br />Distributed Delivery Framework<br />Team <br />Leader<br />Status Reporting<br />QA<br />Team<br />Team <br />Leader<br />Client Team<br />Weekly Status Report<br /> Daily Review Session<br />Monthly Status Report<br />Milestone Delivery Report<br />Exception Report<br />Delivery Team<br />Delivery <br />Team<br />Activities Conducted<br />Activities Conducted<br />Communication Tools<br /><ul><li>Testing
  79. 79. Training
  80. 80. Go-Live Planning
  81. 81. Data Migration
  82. 82. Change Request Management
  83. 83. Project Planning
  84. 84. Infrastructure
  85. 85. Blue-Print
  86. 86. Configuration
  87. 87. Integration / Interfaces
  88. 88. Integration
  89. 89. Designing / Development
  90. 90. Testing
  91. 91. Training Collateral Preparation
  92. 92. Change Request Management
  93. 93. Support – L2 / L3 calls</li></ul>NetMeeting<br /> Video Conferencing<br />VoIP Calls<br /> Periodic Visits<br />E-Mail<br />Messengers<br /> Global Delivery Framework<br />Global Delivery Model<br />14<br />
  94. 94. Empowering Businesses<br />Client<br />Meets on a quarterly-basis<br />to review program effectiveness <br />w.r.t. Company’s goals & objectives<br />Rishabh Soft<br />Exec<br />Sponsor<br />Engagement<br />Manager<br />Exec <br />Sponsor<br />Program <br />Manager<br />Meets on a quarterly-basis<br />for budget & contract reviews<br />Meets on a monthly-basis<br />for overall program <br />progress review<br />Joint Management Council<br />Program Manager <br />Business Stakeholders<br />Engagement Manager<br />Program Manager<br />Meets on a weekly –<br />basis for program <br />status review<br />Program Steering Committee<br />Program Manager <br />PMO Representative<br />Program Manager<br />Project Managers<br />Program Management Office<br />Program Manager<br />Project Managers<br />Program Manager <br />Key Project Staff<br />Operation Committee<br />Governance Structure<br />15<br />
  95. 95. <ul><li>Organizations must focus towards an integrated approach to manage GRC
  96. 96. Internal Audits provide high quality information & helps management with regulatory compliance
  97. 97. Owning to GRC’s broad & pervasive impact & implications, it will continue to be a significant driver for investments in upcoming years </li></ul>Closing Thoughts<br />Empowering Businesses<br />16<br />
  98. 98. Thank <br /> You<br />Business Queries<br />306/311, 3rd Floor, Gajanan Complex, Old Padra Road, <br />Vadodara 390 020, Gujarat, INDIA <br />Tel: +91-265-2326267, 2326268, 2313056 | Fax: +91-265-2334644<br />US Ph: +1-201-484-7302 | UK Ph: +44-0207 993 8162<br />Web: www.rishabhsoft.com| Email: mktg@rishabhsoft.com<br />

×