Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Case study: Solving the headaches of Policy Change Management

71 views

Published on

Most organizations struggle to keep their policies up-to-date to ensure compliance with ever-changing regulatory requirements.

In this 30-minute webinar, you’ll learn how Iceberg helped a large U.S. health care organization implement a policy portal to centralize the management of over 1,600 policies. Using RSA Archer, we:

Improved access to published policies for employees
Simplified the approval process workflow
Automated the periodic review process

This scalable approach reduces the time and effort for policy change management, and provides greater visibility and confidence for stakeholders, senior management, and external regulators.

For more information visit: http://icebergnetworks.com/policy/

Published in: Business
  • Be the first to comment

  • Be the first to like this

Case study: Solving the headaches of Policy Change Management

  1. 1. CASE STUDY Solving the headaches of Policy Change Management
  2. 2. Delivering Risk Intelligence Keeping up with changing regulations Training & communicating with staff Version control & change tracking Easy access for all staff Number of policies / scalability
  3. 3. Delivering Risk Intelligence About Iceberg ü  Focused on Governance, Risk Management & Compliance (GRC) ü  Staff includes 30+ full-time GRC consultants & certified developers ü  Customers include top financials, insurance, health care, manufacturers, retail, gov’t in North America. Paul Everest VP PROFESSIONAL & MANAGED SERVICES Warren Rainey GRC SOLUTION DEVELOPER
  4. 4. Delivering Risk Intelligence A full lifecycle of GRC services Management Workshops Visioning & Alignment CMO/FMO Developing an Effective KRI Program Professional Services Implementation/Integration Full Solution Lifecycle Management Iceberg APS Post-Production Support Mentoring & Skills Development Post-Production Sandboxes Risk Intelligence Academy Helping the Industry with the Journey: Case Studies Best Practices Webinars GRC Innovation Advanced Reporting / Dashboards Productivity Toolkits & Enhancements
  5. 5. Delivering Risk Intelligence •  Large healthcare facility •  ~2,000 policies •  Manual review / approval process •  Lengthy and time-consuming •  Resource-heavy •  Error-prone •  Difficulty coordinating input of many stakeholders
  6. 6. Delivering Risk Intelligence SOLUTION OVERVIEW •  RSA Archer Policy Program Management •  Migrated all policies to a common portal •  Configured workflow to automate and simplify reviews & approval •  Building block of integrated risk management
  7. 7. Delivering Risk Intelligence 7 “Single pane of glass” for the review and approval process Notifications used to advise participants to join process Full logging of activities for audit purposes RSA ARCHER Updating corporate policies requires multiple people or groups and large volumes of emails and meetings to complete ISSUE #1
  8. 8. Delivering Risk Intelligence 8 Two approaches: 1) Limit control of revisions to the Policy Owner. Policy Owner inputs changes directly in the Archer 2) Attach a Word document to Policy record that tracks changes to the policy record RSA ARCHER Controlling versions of policies undergoing updates is a big challenge ISSUE #2
  9. 9. Delivering Risk Intelligence 9 Dashboards act as a portal to organize and sort published policies Can be integrated/linked with corporate intranet RSA ARCHER Sharepoint or network folders are not the friendliest places for access by general users ISSUE #3
  10. 10. Delivering Risk Intelligence Demo 10
  11. 11. Delivering Risk Intelligence DEPLOYING ARCHER’S POLICY CHANGE MANAGEMENT ü  Fixed-price solution to Archer 6.3 clients under $25k (not including licensing) ü  90 days to PROD ü  No external data feeds. One-time upload of existing policies ü  Addition of fields and changes to fields included ü  3 new Roles added to Archer ü  9 notifications with client-defined content ü  3 custom, embedded instructional videos 11
  12. 12. Delivering Risk Intelligence Thank you! Webinar replay: icebergnetworks.com Questions: info@icebergnetworks.com

×