The document discusses how several clients have used Protiviti's Governance Portal to improve their governance, risk, and compliance programs. It provides details on five client cases:
1) An insurer launched a combined assurance initiative with the Portal to consolidate risk, audit, and financial control activities into a single system. This increased visibility and reduced costs.
2) A media company used the Portal to consolidate its risk assessment and internal audit functions across 750 entities. Pilot programs helped optimize the Portal for its needs.
3) A coal company established its entire risk and internal audit framework on the Portal for increased efficiency.
4) A manufacturer used the Portal to streamline SOX compliance activities and field aud
Framework to monitor and evaluate e gp systems in india (v3.5)ramana01
This World Bank Working Paper titled "Assessment framework to monitor and evaluate e-government procurement systems in India" is prepared based on findings from assessment of 21 e-Government Procurement (e-GP) installations in India.
Assessment framework to monitor and evaluate e-government procurement systems in India (English)
ABSTRACT
This working paper elaborates on an assessment framework to monitor and evaluate e-government procurement systems in India. This is relevant due to the fact that many government agencies have sought to extend use of e-tendering system implemented in their organization to handle procurement in World Bank funded projects. The World Bank has developed a procedure to assess e-tendering systems for compliance to certain guidelines laid down by Multilateral Development Banks. The World Bank prefers to work with the Government of India in development of a robust mechanism for assessment of e-tendering systems instead of independently assessing e-tendering systems as has been done till date. The Government of India has already established a set-up under Standardization, Quality and Testing Certification (STQC) for assessment of e-procurement systems. From its assessment experience, the World Bank has found that the e-procurement applications deployed in many of the e-procurement installations assessed by the Bank were STQC certified, yet there were several issues with the e-procurement systems. A new concept model for assessment of e-procurement systems is proposed herein as an evolved version of the existing STQCs guideline to address the critical issues identified and the improvements suggested to the STQCs guideline. The assessment framework explained in this report could also be used as a vehicle to implement policy in other federated e-governance systems such as e-District and State Data Center (SDC). Therefore, the assessment framework concept explained herein has wider application in implementation of e-governance policy.
This document discusses control self-assessment, which involves a business unit assessing its operations and control procedures against a procedural document. It describes how the assessment is internally driven and may use checklists or workshops. The document provides templates for assessing compliance levels for control procedures and collecting supplementary justification information. It also outlines corrective action plans and justification processes for controls found to be partially or non-compliant. Compliance results can then be summarized by business unit, control procedure, or both, and projections for future compliance can be made.
Inonvate Finance_Membership and Regulatory Sandboxes_15DecInnFin
This presentation was used by Innovate Finance in a first response to how the FCA Sandbox Project might map onto Innovate Finance Programmes and Policy Work and how a Virtual and an Umbrella Sandbox might be delivered.
In this new Accenture presentation we explore the impacts of amendments to the Volcker Rule (the Dodd-Frank Wall Street Reform and Consumer Protection Act).
Enhancing Integrity for Business Development in the Middle East and North Afr...OECDglobal
Panel 3: Ms. Hilda AJEILAT President, Jordan Transparency Center (JTC), Jordan Transparency Center
Enhancing Integrity for Business Development in the Middle East and North Africa,
18 April 2016, Paris, France, Session 3
The document discusses key questions regarding integrated governance, risk management, and compliance (GRC). It begins by explaining that GRC means different things and considers the value of an integrated approach. An integrated GRC program can provide improved transparency, efficiency, and decision-making. However, there are also barriers like high costs and lack of a common framework. The document provides practical steps for organizations to achieve an integrated GRC approach, including building a business case, establishing a GRC committee, developing a unified risk framework, and establishing centralized oversight and reporting. The goal is to continuously improve GRC integration over time to optimize processes and better manage risks.
Overcoming Security Threats and Vulnerabilities in SharePointAntonioMaio2
How vulnerable are your SharePoint sites? Microsoft SharePoint provides features and capabilities enabling you to secure content, control authentication and authorize access to critical business information. Choosing the capabilities to make use of, configuring them and understanding their impact can be complex. During this Roundtable session you will learn about the key security features available and the best practices for using them. We will begin by talking about the business reasons that organizations need to consider when securing enterprise content, and we will then review specific capabilities available within Microsoft SharePoint, along with recommendations for using them. Throughout the session, you’ll hear examples of best practices used by large commercial enterprise, government and military to secure content within SharePoint.
Takeaways from Microsoft's May 4th, 2016 "Future of SharePoint" event held in San Francisco that announced the general availability of SharePoint 2016 and roadmap for Office 365 and OneDrive for Business. Presentation given by Christian Buckley@buckleyplanet), CMO and MVP with Beezy, and Liam Cleary (@helloitsliam), AssociateDirector, Principle Consultant and MVP with Protiviti.
Framework to monitor and evaluate e gp systems in india (v3.5)ramana01
This World Bank Working Paper titled "Assessment framework to monitor and evaluate e-government procurement systems in India" is prepared based on findings from assessment of 21 e-Government Procurement (e-GP) installations in India.
Assessment framework to monitor and evaluate e-government procurement systems in India (English)
ABSTRACT
This working paper elaborates on an assessment framework to monitor and evaluate e-government procurement systems in India. This is relevant due to the fact that many government agencies have sought to extend use of e-tendering system implemented in their organization to handle procurement in World Bank funded projects. The World Bank has developed a procedure to assess e-tendering systems for compliance to certain guidelines laid down by Multilateral Development Banks. The World Bank prefers to work with the Government of India in development of a robust mechanism for assessment of e-tendering systems instead of independently assessing e-tendering systems as has been done till date. The Government of India has already established a set-up under Standardization, Quality and Testing Certification (STQC) for assessment of e-procurement systems. From its assessment experience, the World Bank has found that the e-procurement applications deployed in many of the e-procurement installations assessed by the Bank were STQC certified, yet there were several issues with the e-procurement systems. A new concept model for assessment of e-procurement systems is proposed herein as an evolved version of the existing STQCs guideline to address the critical issues identified and the improvements suggested to the STQCs guideline. The assessment framework explained in this report could also be used as a vehicle to implement policy in other federated e-governance systems such as e-District and State Data Center (SDC). Therefore, the assessment framework concept explained herein has wider application in implementation of e-governance policy.
This document discusses control self-assessment, which involves a business unit assessing its operations and control procedures against a procedural document. It describes how the assessment is internally driven and may use checklists or workshops. The document provides templates for assessing compliance levels for control procedures and collecting supplementary justification information. It also outlines corrective action plans and justification processes for controls found to be partially or non-compliant. Compliance results can then be summarized by business unit, control procedure, or both, and projections for future compliance can be made.
Inonvate Finance_Membership and Regulatory Sandboxes_15DecInnFin
This presentation was used by Innovate Finance in a first response to how the FCA Sandbox Project might map onto Innovate Finance Programmes and Policy Work and how a Virtual and an Umbrella Sandbox might be delivered.
In this new Accenture presentation we explore the impacts of amendments to the Volcker Rule (the Dodd-Frank Wall Street Reform and Consumer Protection Act).
Enhancing Integrity for Business Development in the Middle East and North Afr...OECDglobal
Panel 3: Ms. Hilda AJEILAT President, Jordan Transparency Center (JTC), Jordan Transparency Center
Enhancing Integrity for Business Development in the Middle East and North Africa,
18 April 2016, Paris, France, Session 3
The document discusses key questions regarding integrated governance, risk management, and compliance (GRC). It begins by explaining that GRC means different things and considers the value of an integrated approach. An integrated GRC program can provide improved transparency, efficiency, and decision-making. However, there are also barriers like high costs and lack of a common framework. The document provides practical steps for organizations to achieve an integrated GRC approach, including building a business case, establishing a GRC committee, developing a unified risk framework, and establishing centralized oversight and reporting. The goal is to continuously improve GRC integration over time to optimize processes and better manage risks.
Overcoming Security Threats and Vulnerabilities in SharePointAntonioMaio2
How vulnerable are your SharePoint sites? Microsoft SharePoint provides features and capabilities enabling you to secure content, control authentication and authorize access to critical business information. Choosing the capabilities to make use of, configuring them and understanding their impact can be complex. During this Roundtable session you will learn about the key security features available and the best practices for using them. We will begin by talking about the business reasons that organizations need to consider when securing enterprise content, and we will then review specific capabilities available within Microsoft SharePoint, along with recommendations for using them. Throughout the session, you’ll hear examples of best practices used by large commercial enterprise, government and military to secure content within SharePoint.
Takeaways from Microsoft's May 4th, 2016 "Future of SharePoint" event held in San Francisco that announced the general availability of SharePoint 2016 and roadmap for Office 365 and OneDrive for Business. Presentation given by Christian Buckley@buckleyplanet), CMO and MVP with Beezy, and Liam Cleary (@helloitsliam), AssociateDirector, Principle Consultant and MVP with Protiviti.
The audit will review UNCCG's enterprise data warehouse platform over several phases:
1) A mobilization phase to develop audit plans and interview lists.
2) An execution phase to conduct interviews, review documents, and test controls.
3) A reporting phase to draft and finalize audit reports with findings and recommendations.
The audit will focus on data warehouse management, operations, and business integration, and assess risks relating to regulatory compliance, privacy, vendor access, and system availability. Regular communication with management will be maintained throughout the engagement.
The document discusses a plan to evaluate the usability and effectiveness of implementing a new computerized provider order entry (CPOE) system at a healthcare facility before deployment. The goals are to appraise the usability of the CPOE system and provide administrators with data on successful implementation. The evaluation plan will use a survey to assess clinician workflow and satisfaction before and after deployment. Literature on CPOE systems suggests user interface design, training, and support are key to acceptance and performance. The findings will help optimize the CPOE system and its impact on clinical workflow.
The Total Economic Impact of Using ThoughtWorks' Agile Development ApproachThoughtworks
The document analyzes the total economic impact of using ThoughtWorks' agile development approach based on interviews with four of ThoughtWorks' customers. It finds that the customers experienced benefits such as improved efficiency, reduced defects, and faster delivery of key business requirements. It constructs a financial model for a composite organization based on these customers, estimating a three-year ROI of 29% after adjusting for risks. The analysis indicates that agile development with ThoughtWorks can provide a significant return exceeding typical hurdle rates for IT investments.
The Total Economic Impact of Using ThoughtWorks' Agile Development ApproachThoughtworks
This document analyzes the total economic impact of using ThoughtWorks' agile development approach based on interviews with four client organizations. It finds that clients saw benefits such as improved efficiency and quality from ThoughtWorks' experienced staff, and earlier delivery of key business requirements through the agile methodology. The analysis estimates potential returns on investment of 23-66% over three years for clients. It provides a framework for organizations to evaluate the potential costs and benefits of engaging ThoughtWorks for agile software projects.
The document discusses Protiviti's Governance Portal for PCI DSS, which provides a platform for merchants to efficiently manage PCI DSS compliance. The platform includes preconfigured PCI testing procedures and templates, allowing merchants to quickly deploy the solution. It also has a hosted option that does not require installation at merchant sites, avoiding increased IT costs. The Governance Portal provides visibility and tools to execute, track, and sustain PCI compliance over time through features like risk assessment, documentation, testing, reporting, and action planning.
Chetan Siddaramu is an IT GRC consultant with 10 years of experience implementing governance, risk, and compliance solutions using RSA Archer. He has delivered complex projects for clients in various industries. Some of his responsibilities include designing and developing vendor risk, enterprise risk, policy and audit management solutions in Archer; implementing business continuity and disaster recovery solutions; and project management. He has experience working with large financial institutions like Citi Bank, AIG, and Verisk Analytics.
The document discusses Solvency II, a European Union directive that aims to update insurance regulation. It has three pillars: quantitative requirements, governance/risk management, and disclosure. Complying requires overhauling financial applications and technology. Thinksoft can help insurers understand requirements, adopt the right IT model, prepare for compliance, and provide expert guidance on Solvency II. Their approach involves identifying objectives, resolving issues holistically, and understanding insurance business and Solvency II in detail.
This Powerpoint presentation discusses value management in IT investments (Val IT) and its application to a case study of the police force. It introduces Val IT and its objectives to increase investment success and reduce costs. It outlines the seven principles, major processes, and concept of value in Val IT. The presentation then details a case study of the police force applying Val IT through establishing governance, tracking metrics and benefits, and continually evaluating investments against strategic goals. Overall, Val IT helped the police better align IT projects to priorities, account for benefits realization, and improve operations with reduced staff.
The document discusses the Governance Portal, a software solution that helps companies strengthen risk culture and compliance. It provides an integrated platform that enables risk and control self-assessment, regulatory alerts, and communication of risk frameworks. The portal helps clients quickly execute compliance efficiently, create sustainability, and add value. It is a market-leading governance, risk, and compliance platform used by hundreds of clients worldwide.
This document discusses how a leading global payment company automated its internal audit management process using MetricStream's solution. The company was facing challenges with a manual, inefficient audit process and lack of integrated risk management. MetricStream provided its Internal Audit Management solution integrated on its GRC platform, allowing centralized, risk-based auditing across the company's global operations. The solution consolidated the audit process, from risk assessment to reporting, and provides role-based access, improved visibility, and more efficient resource management for audits.
The document outlines the career objective and professional experience of an engineering professional with over 5 years of experience in manual software testing. It details the individual's testing projects, roles and responsibilities, which include test case development, execution, and reporting for clients in various industries. Certifications and academic qualifications are also included to support the experience and skills described.
The document provides a business plan for a Partner Management System startup. It includes an executive summary describing the problem of lengthy manual partner onboarding processes and the solution of an automated system. It covers the company overview, business description including the onboarding process and challenges. It analyzes the market size and growth drivers. It identifies the top challenges in India as automating processes, complying with regulations like GST, and customization. It describes personas for the Chief Procurement Officer and Procurement Officer.
Whitepaper-Minimising Customer Impact on Bank MergersSinjo Alex
Onebank is managing the merger of two banks to minimize customer impact. A five-phased strategy is proposed: 1) Develop the operational stack for the merged bank; 2) Migrate data to the new stack; 3) Integrate operational systems; 4) Conduct user acceptance testing; 5) Perform dress rehearsals with select customers. Key risks include increased customer attrition and inability to offer innovative products. Mitigation strategies include understanding customer needs, integrating the best pre-merger products, and training staff on the new systems. Stakeholder communication is also critical throughout the merger process.
Indian CST's GPMS Products Portfolio 2015Raja Seevan
This document provides an overview of products and services offered by Indian CST, including their Global Project Management System (GPMS). GPMS is a cloud-based project management tool that aims to increase efficiency, transparency, and accountability in government projects. It uses best practices and crowd-sourcing to analyze information and transform it into actionable intelligence. Key features include metrics tracking to monitor goals over time, gap analysis between current and desired states, and strategies to address challenges commonly seen in construction projects. The system aims to improve documentation, reduce risks, support decision making, and ensure quality.
Set-up a Centralized Data Warehouse System for leading Insurance Company with...ITC Infotech
Here's how ITC Infotech helped a customer by developing centralized data warehouse system that generated analytical reports for key business users in order to improve accuracy and effectiveness of price. Learn more
This webinar provided an overview of HITRUST certification and ControlCase's methodology for achieving certification. It began with introductions of the speakers and an overview of ControlCase. It then defined HITRUST and the HITRUST CSF framework, highlighting the 2023 updates. The webinar reviewed the different types of HITRUST assessments and the domains assessed. It concluded with ControlCase's six-phase methodology for achieving HITRUST certification and timelines for the different assessment types.
A capitalization of labor audit (CLA) reviews an organization's compliance with accounting standards for capitalizing internal software development costs. Conducting a CLA provides several benefits. It challenges auditors to understand the interplay between accounting and technology functions. It also provides insight into an organization's software development processes and how IT investments create value. When planning and performing a CLA, auditors should consider risks and controls related to time tracking systems, ensure the audit team has accounting and IT expertise, and communicate with relevant stakeholders. A successful CLA examines both compliance and the strategic value of software projects.
The Total Economic Impact of Equinix Interconnection SolutionsEquinix
This document summarizes a study commissioned by Equinix to analyze the total economic impact and potential return on investment from using Equinix interconnection solutions. It interviewed several Equinix customers and constructed a composite organization based on their experiences. The key findings were that the composite organization experienced a 300% return on investment over three years, with $17 million in net benefits from improved application performance, cost savings, and new revenue opportunities enabled by Equinix. The benefits outweighed the upfront and ongoing Equinix costs and internal implementation expenses.
Forrester: Total Economic Impact Study - InterconnectionEquinix
This document summarizes a study commissioned by Equinix to analyze the total economic impact and potential return on investment of using Equinix interconnection solutions. It interviewed several Equinix customers and constructed a composite organization based on their experiences. The key findings are that the composite organization experienced a 300% return on investment over three years, with $17 million in net present value from benefits like increased revenue, time savings, cost savings, and fewer outages compared to costs of Equinix fees, infrastructure investments, and implementation/management resources. The study methodology involved interviews and financial modeling using Equinix customer data to evaluate the potential benefits, costs, flexibility, and risks associated with an Equinix implementation.
More Related Content
Similar to Protiviti-Governance-Portal-Client-Insights
The audit will review UNCCG's enterprise data warehouse platform over several phases:
1) A mobilization phase to develop audit plans and interview lists.
2) An execution phase to conduct interviews, review documents, and test controls.
3) A reporting phase to draft and finalize audit reports with findings and recommendations.
The audit will focus on data warehouse management, operations, and business integration, and assess risks relating to regulatory compliance, privacy, vendor access, and system availability. Regular communication with management will be maintained throughout the engagement.
The document discusses a plan to evaluate the usability and effectiveness of implementing a new computerized provider order entry (CPOE) system at a healthcare facility before deployment. The goals are to appraise the usability of the CPOE system and provide administrators with data on successful implementation. The evaluation plan will use a survey to assess clinician workflow and satisfaction before and after deployment. Literature on CPOE systems suggests user interface design, training, and support are key to acceptance and performance. The findings will help optimize the CPOE system and its impact on clinical workflow.
The Total Economic Impact of Using ThoughtWorks' Agile Development ApproachThoughtworks
The document analyzes the total economic impact of using ThoughtWorks' agile development approach based on interviews with four of ThoughtWorks' customers. It finds that the customers experienced benefits such as improved efficiency, reduced defects, and faster delivery of key business requirements. It constructs a financial model for a composite organization based on these customers, estimating a three-year ROI of 29% after adjusting for risks. The analysis indicates that agile development with ThoughtWorks can provide a significant return exceeding typical hurdle rates for IT investments.
The Total Economic Impact of Using ThoughtWorks' Agile Development ApproachThoughtworks
This document analyzes the total economic impact of using ThoughtWorks' agile development approach based on interviews with four client organizations. It finds that clients saw benefits such as improved efficiency and quality from ThoughtWorks' experienced staff, and earlier delivery of key business requirements through the agile methodology. The analysis estimates potential returns on investment of 23-66% over three years for clients. It provides a framework for organizations to evaluate the potential costs and benefits of engaging ThoughtWorks for agile software projects.
The document discusses Protiviti's Governance Portal for PCI DSS, which provides a platform for merchants to efficiently manage PCI DSS compliance. The platform includes preconfigured PCI testing procedures and templates, allowing merchants to quickly deploy the solution. It also has a hosted option that does not require installation at merchant sites, avoiding increased IT costs. The Governance Portal provides visibility and tools to execute, track, and sustain PCI compliance over time through features like risk assessment, documentation, testing, reporting, and action planning.
Chetan Siddaramu is an IT GRC consultant with 10 years of experience implementing governance, risk, and compliance solutions using RSA Archer. He has delivered complex projects for clients in various industries. Some of his responsibilities include designing and developing vendor risk, enterprise risk, policy and audit management solutions in Archer; implementing business continuity and disaster recovery solutions; and project management. He has experience working with large financial institutions like Citi Bank, AIG, and Verisk Analytics.
The document discusses Solvency II, a European Union directive that aims to update insurance regulation. It has three pillars: quantitative requirements, governance/risk management, and disclosure. Complying requires overhauling financial applications and technology. Thinksoft can help insurers understand requirements, adopt the right IT model, prepare for compliance, and provide expert guidance on Solvency II. Their approach involves identifying objectives, resolving issues holistically, and understanding insurance business and Solvency II in detail.
This Powerpoint presentation discusses value management in IT investments (Val IT) and its application to a case study of the police force. It introduces Val IT and its objectives to increase investment success and reduce costs. It outlines the seven principles, major processes, and concept of value in Val IT. The presentation then details a case study of the police force applying Val IT through establishing governance, tracking metrics and benefits, and continually evaluating investments against strategic goals. Overall, Val IT helped the police better align IT projects to priorities, account for benefits realization, and improve operations with reduced staff.
The document discusses the Governance Portal, a software solution that helps companies strengthen risk culture and compliance. It provides an integrated platform that enables risk and control self-assessment, regulatory alerts, and communication of risk frameworks. The portal helps clients quickly execute compliance efficiently, create sustainability, and add value. It is a market-leading governance, risk, and compliance platform used by hundreds of clients worldwide.
This document discusses how a leading global payment company automated its internal audit management process using MetricStream's solution. The company was facing challenges with a manual, inefficient audit process and lack of integrated risk management. MetricStream provided its Internal Audit Management solution integrated on its GRC platform, allowing centralized, risk-based auditing across the company's global operations. The solution consolidated the audit process, from risk assessment to reporting, and provides role-based access, improved visibility, and more efficient resource management for audits.
The document outlines the career objective and professional experience of an engineering professional with over 5 years of experience in manual software testing. It details the individual's testing projects, roles and responsibilities, which include test case development, execution, and reporting for clients in various industries. Certifications and academic qualifications are also included to support the experience and skills described.
The document provides a business plan for a Partner Management System startup. It includes an executive summary describing the problem of lengthy manual partner onboarding processes and the solution of an automated system. It covers the company overview, business description including the onboarding process and challenges. It analyzes the market size and growth drivers. It identifies the top challenges in India as automating processes, complying with regulations like GST, and customization. It describes personas for the Chief Procurement Officer and Procurement Officer.
Whitepaper-Minimising Customer Impact on Bank MergersSinjo Alex
Onebank is managing the merger of two banks to minimize customer impact. A five-phased strategy is proposed: 1) Develop the operational stack for the merged bank; 2) Migrate data to the new stack; 3) Integrate operational systems; 4) Conduct user acceptance testing; 5) Perform dress rehearsals with select customers. Key risks include increased customer attrition and inability to offer innovative products. Mitigation strategies include understanding customer needs, integrating the best pre-merger products, and training staff on the new systems. Stakeholder communication is also critical throughout the merger process.
Indian CST's GPMS Products Portfolio 2015Raja Seevan
This document provides an overview of products and services offered by Indian CST, including their Global Project Management System (GPMS). GPMS is a cloud-based project management tool that aims to increase efficiency, transparency, and accountability in government projects. It uses best practices and crowd-sourcing to analyze information and transform it into actionable intelligence. Key features include metrics tracking to monitor goals over time, gap analysis between current and desired states, and strategies to address challenges commonly seen in construction projects. The system aims to improve documentation, reduce risks, support decision making, and ensure quality.
Set-up a Centralized Data Warehouse System for leading Insurance Company with...ITC Infotech
Here's how ITC Infotech helped a customer by developing centralized data warehouse system that generated analytical reports for key business users in order to improve accuracy and effectiveness of price. Learn more
This webinar provided an overview of HITRUST certification and ControlCase's methodology for achieving certification. It began with introductions of the speakers and an overview of ControlCase. It then defined HITRUST and the HITRUST CSF framework, highlighting the 2023 updates. The webinar reviewed the different types of HITRUST assessments and the domains assessed. It concluded with ControlCase's six-phase methodology for achieving HITRUST certification and timelines for the different assessment types.
A capitalization of labor audit (CLA) reviews an organization's compliance with accounting standards for capitalizing internal software development costs. Conducting a CLA provides several benefits. It challenges auditors to understand the interplay between accounting and technology functions. It also provides insight into an organization's software development processes and how IT investments create value. When planning and performing a CLA, auditors should consider risks and controls related to time tracking systems, ensure the audit team has accounting and IT expertise, and communicate with relevant stakeholders. A successful CLA examines both compliance and the strategic value of software projects.
The Total Economic Impact of Equinix Interconnection SolutionsEquinix
This document summarizes a study commissioned by Equinix to analyze the total economic impact and potential return on investment from using Equinix interconnection solutions. It interviewed several Equinix customers and constructed a composite organization based on their experiences. The key findings were that the composite organization experienced a 300% return on investment over three years, with $17 million in net benefits from improved application performance, cost savings, and new revenue opportunities enabled by Equinix. The benefits outweighed the upfront and ongoing Equinix costs and internal implementation expenses.
Forrester: Total Economic Impact Study - InterconnectionEquinix
This document summarizes a study commissioned by Equinix to analyze the total economic impact and potential return on investment of using Equinix interconnection solutions. It interviewed several Equinix customers and constructed a composite organization based on their experiences. The key findings are that the composite organization experienced a 300% return on investment over three years, with $17 million in net present value from benefits like increased revenue, time savings, cost savings, and fewer outages compared to costs of Equinix fees, infrastructure investments, and implementation/management resources. The study methodology involved interviews and financial modeling using Equinix customer data to evaluate the potential benefits, costs, flexibility, and risks associated with an Equinix implementation.
Similar to Protiviti-Governance-Portal-Client-Insights (20)
Forrester: Total Economic Impact Study - Interconnection
Protiviti-Governance-Portal-Client-Insights
1. IProtiviti’s Governance Portal – Client Insights
Image to
come
Protiviti’s Governance Portal
Client Insights on Gaining Value From GRC Technology
2.
3. Protiviti’s Governance Portal – Client Insights i
Table of Contents
Introduction............................................................................................................................................................ii
Insurer launches a combined assurance initiative with Protiviti’s Governance Portal .........................................1
Protiviti’s Governance Portal helps media giant consolidate risk and audit activities..........................................3
Protiviti Governance Portal forms the bedrock of Coal Services’ risk and internal audit framework ................5
JELD-WEN turns to Protiviti and Governance Portal for timely SOX compliance..........................................7
U.S. manufacturer streamlines field audit with Protiviti’s Governance Portal....................................................10
4. Protiviti’s Governance Portal – Client Insightsii
Governance, risk and compliance (GRC) technology has the ability to enhance GRC programs by enabling
processes, improving performance, reducing costs and driving efficiencies. However, selecting a single solution
that works for everyone in the organization isn’t always easy. Obtaining consensus regarding methodology,
approach and risk language among your various GRC groups and key stakeholders can be an involved and
complicated process.
Protiviti has worked successfully with hundreds of clients around the world to enhance their GRC programs
through our Governance Portal. We have found that working with synergistic groups to leverage a common
technology solution drives early value and long-term departmental efficiency.
We think our clients tell the story best. We believe their stories reflect a pragmatic approach to utilizing
technology to document multirelational risk and compliance information, facilitate enterprise collaboration
and produce consolidated GRC reporting.
We are pleased to share five client stories with you. Each story provides insight – from the client’s enterprisewide
challenge to the way it adapted the capabilities of the Governance Portal to enhance the efficiency and
effectiveness of its GRC initiatives. The stories highlight clients from a range of industries and a variety of
GRC use cases.
We hope you find these stories useful. If you would like to learn more about the Governance Portal or to set
up a demonstration, please visit www.protiviti.com/grc-software.
Acknowledgements
We would like to thank our Protiviti Governance Portal clients for taking time to share their stories.
Scott Wisniewski
Protiviti Managing Director
Risk Technologies
Introduction
5. 1Protiviti’s Governance Portal – Client Insights
Insurer launches a combined assurance initiative
with Protiviti’s Governance Portal
Client Challenge
A leading multinational insurance group headquartered in the UK and serving more than 17 million customers
in nearly 140 countries faced a technology turning point in 2009. The governance, risk and compliance (GRC)
systems used by the financial control group and the internal audit group were nearing end-of-life status, and the
risk group, which had no GRC platform, needed to satisfy emerging requirements for individual capital assess-
ment (ICA) and Solvency II.
Rather than implementing three separate systems for each group, management decided to launch a combined
assurance initiative designed to bring a single risk story back to its board of directors.
After developing detailed criteria and thoroughly investigating several market-leading providers and platforms,
the insurance company selected the Protiviti Governance Portal. Along with the Governance Portal’s broad fea-
ture set and extensive configurability, four key factors contributed to this decision:
• The Governance Portal’s single, integrated database supports combined assurance. If the risk group
entered a risk control with an audit or financial control dimension, the audit and financial control
groups would have direct visibility. Protiviti was the only vendor able to demonstrate this capability.
• The Governance Portal’s key features were easy to see and demonstrate. Management could see all of
the capabilities immediately, with no need for custom development.
• Protiviti offered a flexible licensing model that allowed the company to easily scale and deploy the
solution with its user base across 33 countries.
• Most important, Protiviti understood the client’s needs and spoke the same language. The benefit of
this connection became particularly clear during the configuration phase of the project, when Protiviti
consultants played a vital role in helping the different client teams work toward a common taxonomy.
Powerful Insights
As part of the implementation, Protiviti performed an inventory of the requirements of seven project teams,
developing a total of 40 specific functional areas (e.g., risk assessment, reporting, remediation, etc.) to be included
in the implementation. During planning and diagnostic discussions, Protiviti helped management identify a
series of common themes across the functional groups that would facilitate an integrated GRC approach while
still supporting team-specific requirements. Throughout the configuration phase, Protiviti provided continuous
feedback, direction and validation of the final design. The implementation was completed in 12 months.
6. 2 Protiviti’s Governance Portal – Client Insights
Proven Delivery
Currently, the financial control group uses the Governance Portal to manage the financial reporting pro-
cesses, including control models for remediation, testing and quality assurance. This group also uses the so-
lution to manage the CFO accounting assertions. The risk group has incorporated compliance management,
operational risk, information security, scenario assessments and the Solvency II Risk Register in the
Governance Portal. In the audit group, internal auditors use the Protiviti Governance Portal to manage the
audit process, including recording findings, assigning actions and creating management information reports.
The auditors leverage the Portal’s offline functionality to perform work in the field while disconnected from
the server.
The process of deploying and refining the system’s capabilities is ongoing, but the Protiviti Governance
Portal has already proven to be an excellent foundation for the company’s combined assurance initiative.
For example, when the financial controls group and the audit group are engaged in similar activities, the
Governance Portal flags those controls and identifies the two different opinions. This visibility allows exec-
utive management to decide whether to eliminate the duplicate effort or maintain the two separate activities
because there is value in the different opinions.
Although the company did not adopt the Protiviti Governance Portal with ROI in mind, the company has
realized significant savings in a number of areas:
• Previously, users in the financial control group each spent about a half-hour developing a control asser-
tion by interviewing a subject and then keying and consolidating the results into the old GRC system.
In the Governance Portal, this is a five-minute automated task, a savings of more than 300
man-hours every reporting period.
• In information security, the company previously used more than 35 policy assessment spreadsheets
that were sent around to various IT resources, reviewed and summarized. Today, self-assessments are
conducted in the Governance Portal, and a single report is easily generated.
• Having one GRC solution instead of three has reduced operational costs associated with maintaining
multiple database administrators, hardware platforms, organizational models and risk registers.
“ THE PROTIVITI GOVERNANCE PORTAL HAS ALREADY PROVEN TO BE AN EXCELLENT FOUNDATION FOR THE
COMPANY’S COMBINED ASSURANCE INITIATIVE.”
7. 3Protiviti’s Governance Portal – Client Insights
Protiviti’s Governance Portal helps media giant
consolidate risk and audit activities
Client Challenge
Our client is a global leader in media and entertainment, with approximately 34,000 employees and four
operating divisions worldwide. The company has 750 auditable entities across all divisions, and in its inter-
nal audit process tracks no less than 50 standard risk objectives, 16 standard processes and 1,100 information
technology (IT) systems. In performing these audits, the company relied on a variety of homegrown and
off-the-shelf systems and spreadsheets for risk assessment, audit documentation and work paper tracking. In
2013, management decided to replace this hodgepodge collection of auditing tools with a centralized audit
solution. After exploring several options, the company chose the Protiviti Governance Portal, based on its
configurability and true integration of risk assessment results into the audit plan and process.
Powerful Insights
Prior to rolling out the full solution in February 2014, Protiviti’s Governance Portal experts helped com-
pany management conduct two pilot programs: The first, a “conference room pilot,” was designed to run
through the entire process, from risk assessment to audit reporting, and involved the participation of every
level of financial and IT auditor in the company. The internal audit team then used the auditors’ feedback
to make configuration adjustments to the Governance Portal and to refine the training manual. Following
this initial pilot, a second pilot was launched, which included the chief auditor, two vice presidents and two
executive directors.
“The goal of the second pilot was to familiarize our executives with the Governance Portal, so they would
be advocates for the benefits that the solution would deliver,” said the company’s associate director of
internal audit. “Thanks to this approach, when we began training a larger audience, the executives who had
attended the pilot became strong advocates for the tool.”
Proven Delivery
With the help of the Governance Portal, the company consolidated all its risk assessment and audit data into
a single system, allowing risk assessment activities to support and drive audit activities. The Governance
Portal also enabled the client to enhance and simplify the auditors’ experience.
Configurability. The built-in configurability of the Governance Portal enabled the audit team to customize
the system to fit the company’s risk assessment and audit methodology instead of forcing auditors to adapt
their methodology to the system – which was an issue with other solutions evaluated.
8. 4 Protiviti’s Governance Portal – Client Insights
As part of configuring the solution, Protiviti helped the audit team develop and document a taxonomy of
standard risks and processes in the Governance Portal. Using this standardized list, users can evaluate and
document their activities against it simply by checking boxes. The taxonomy in the Governance Portal also
ensures that auditors see all of the risks that are applicable to a particular process and can decide which pro-
cesses are in scope for the audit, greatly simplifying decision-making.
Protiviti also helped automate a number of audit and risk activities, including data collection related to bud-
geting audits and advanced calculations related to the risk assessment process.
Searching and Reporting. Prior to using the Governance Portal, the company’s data typically resided in
spreadsheets and text documents, which did not support easy or quick summary reporting. The Governance
Portal supports almost instant retrieval of large amounts of live data. Protiviti helped the audit team create
a number of standard searches in the Governance Portal. Users also can define their own specific queries,
which can then be integrated with the Governance Portal’s built-in reporting capabilities.
The reporting feature in the Governance Portal supports a variety of output formats, including pivot tables,
charts and graphs, as well as conditional formatting. These powerful reporting capabilities allow auditors to
report on risk assessment and audit activities across the audit team using the most informative format. The
centralized data model enables the company to look across the business and analyze trends related to risks,
controls, audit tests and audit findings, providing much deeper insight into the business.
“The Protiviti Governance Portal gave us the flexibility to track our processes and risks the way we wanted
to,” said an internal audit executive. “It also has the robust reporting capabilities we need and it makes it
easy for our users to enter information no matter where they are located.”
With the initial phase of the Governance Portal deployment completed, audit executives are looking
forward to the next phase. The company is planning to use the Governance Portal to manage its anti-
corruption and Foreign Corrupt Practices Act (FCPA) programs, as well as implement action plan tracking
and an audit satisfaction survey. The company plans to eventually use the Governance Portal for all internal
financial, IT and process audits.
“ THE PROTIVITI GOVERNANCE PORTAL GAVE US THE FLEXIBILITY TO TRACK OUR PROCESSES AND RISKS THE
WAY WE WANTED TO. IT ALSO HAS THE ROBUST REPORTING CAPABILITIES WE NEED AND IT MAKES IT EASY
FOR OUR USERS TO ENTER INFORMATION NO MATTER WHERE THEY ARE LOCATED.”
9. 5Protiviti’s Governance Portal – Client Insights
Protiviti Governance Portal forms the
bedrock of Coal Services’ risk and internal
audit framework
Client Challenge
Australia-based Coal Services Pty Limited (www.coalservices.com.au) is an industry-owned organization provid-
ing critical services and expertise to the New South Wales coal mining industry. The company offers a suite of
health, safety, environmental and insurance solutions to support coal mine workers, employers and communities
and has a long-standing commitment to ensuring a safe workplace and a healthy workforce.
For years, the organization relied on Excel spreadsheets to maintain its risk register, records of risk actions and audit
findings. As a result, there was no automated way to follow up on assigned tasks and enforce accountability. The
lack of automation also made it difficult to create reports for the governing board’s risk management committee.
Aware of the shortcomings of this manual process, management decided to move to an enterprise risk man-
agement system. The company already relied on Protiviti as its co-sourced internal audit partner. In 2012,
Matthew Vickers, manager of risk, internal audit and business improvement, decided to evaluate the capa-
bilities of Protiviti’s Governance Portal for risk and internal audit management. Impressed with the Portal’s
demonstrated capabilities, as well as its high ratings by a recent Forrester Wave report on governance, risk
and compliance (GRC) platforms, Vickers selected the Governance Portal as the risk management system for
Coal Services. The system went live in February 2013.
Powerful Insights
Protiviti’s GRC experts set out to rebuild the entire risk management and assurance framework. We created a
user interface where each risk can be rated, a risk owner identified, and an action plan set up to mitigate the risk.
We set up automated alerts for key actions and deadlines to help keep risk owners accountable and on schedule.
We used a similar approach for the completion of internal audit recommendations.
To facilitate adoption and reduce time spent navigating the extensive Portal environment, our team worked
with business users to create landing pages customized to their specific needs and to build report templates
ready for use. Automation, usability and accessibility were touchstones of the implementation and made a dif-
ference in how quickly the Portal was accepted by the user base.
10. 6 Protiviti’s Governance Portal – Client Insights
Proven Delivery
Automation and Accountability
The automated risk management and mitigation alerts are invaluable to the company in maintaining ac-
countability among the audit team – something impossible in the old spreadsheet-based audit system. With
the Portal, once the risk has been successfully mitigated, it can be closed out. “The system eliminates any
questions related to whether a spreadsheet has been updated to reflect an updated status,” said Vickers. “We
can see who is closing out their audit findings quickly, and for those who require more time, we can see
whether or not they are making progress toward closing.”
A Simple User Interface
One of Vickers’ key goals was to make it as easy as possible for business users to navigate the Portal – and
Protiviti delivered. “Business users don’t need to see everything our team sees, and Protiviti did a great job
of customizing and simplifying the specific landing pages for business users,” said Vickers. “They see only
what they need to see, which has encouraged them to use the system.”
Improved Reporting
The ability to rate risks and automate follow-up has driven consistency in the audit approach and stream-
lined report writing. Coal Services uses the reports prebuilt by Protiviti to automate the reporting process.
Data now goes straight from system-generated searches to formatted PDF reports. “We now have a modern
risk management framework that is based on scoring risk, which makes our reports far more useful to the
management team,” said Vickers.
Cloud-Based Hosting
By relying on the cloud-based hosting option for the Governance Portal, Coal Services has eliminated the
need for hardware or software locally. “The cloud option eliminates IT complexity and drives down costs,”
said Vickers. “It also means our auditors and business users can complete work anytime from anywhere with
an Internet connection.”
With the Governance Portal as the foundation of the governance and risk framework at the company,
Vickers is planning to expand its use, starting with implementing a compliance module over the next year.
“Protiviti has been excellent to work with, and we regularly rely on their expertise in risk management
and internal audit,” said Vickers. “The relationship we have with Protiviti is extremely beneficial to
Coal Services.”
“ WE NOW HAVE A MODERN RISK MANAGEMENT FRAMEWORK THAT IS BASED ON SCORING RISK, WHICH MAKES
OUR REPORTS FAR MORE USEFUL TO THE MANAGEMENT TEAM.”
11. 7Protiviti’s Governance Portal – Client Insights
JELD-WEN turns to Protiviti and Governance
Portal for timely SOX compliance
Client Challenge
Headquartered in Klamath Falls, Oregon, JELD-WEN is one of the world’s leading manufacturers of win-
dows and doors. The company’s extensive product line is sold globally through multiple distribution channels,
including retail home centers, wholesale distributors and building products dealers. JELD-WEN has approxi-
mately 20,000 employees in 20 countries across the Asia-Pacific region, Europe and the Americas.
Since JELD-WEN’s founding more than 50 years ago, the company has expanded globally through a series of
acquisitions. A consequence of this was that management of the organization was decentralized, and most of
the acquired companies continued to rely on their existing accounting and manufacturing software and proce-
dures. In addition, JELD-WEN had neither an internal audit department nor a formal program of controls and
procedures to ensure the validity of the company’s financial records. In 2010, prior to the company’s acquisition
by the Canadian firm Onex, JELD-WEN voluntarily chose to seek Sarbanes-Oxley (SOX) compliance, believ-
ing that engaging in the best practices required for the SOX process would benefit the dispersed organization.
The project was the first true corporate initiative launched across all three regions.
Michael Higgins, global Sarbanes-Oxley manager at JELD-WEN, was brought in to lead the SOX
program, including the implementation project, and to form an implementation consulting team with
deep SOX expertise. Higgins, who had previously used the Protiviti Governance Portal to run a very
successful SOX program at his former employer, a global leader in advanced embedded solutions for
communications networking and commercial systems, brought Protiviti on board to assist JELD-WEN
with the compliance effort.
“I knew there were other products and vendors out there,” said Higgins, “but I knew the Governance Portal
worked well and had the capability to support and manage an ongoing program of the size that JELD-WEN
would require.”
Powerful Insights
Starting the project voluntarily in 2010 and Higgins’ decision to implement the Protiviti Governance Portal
proved fortuitous. When JELD-WEN was purchased by Onex only nine months after the start of the proj-
ect, the company suddenly had only one year to comply with key elements of the Canadian version of SOX.
“Fortunately, we were able to get started very quickly,” said Higgins. “The Protiviti implementation team
was able to build out our SOX portal and begin training my core consulting team within a month. Thanks
to the Governance Portal, despite the challenges associated with a global rollout with remote locations and
language differences, we successfully met the one-year deadline.”
12. 8 Protiviti’s Governance Portal – Client Insights
As a result of the implementation work performed by the Protiviti Governance Portal team, all JELD-
WEN entities, more than 110, have been incorporated into the Governance Portal. With the program
fully implemented across the organization, process control owners have a single site for reviewing control
processes, obtaining flowcharts and providing documentation to support testing. The Governance Portal
makes it easy for the JELD-WEN SOX team to analyze the relationships among objectives, risks, controls
and tests.
Proven Delivery
The deployment and powerful capabilities of Protiviti’s Governance Portal have enabled four key areas of
a sustainable SOX program at JELD-WEN: universal access, flexible change management, highly efficient
workflows and reporting.
Universal Access
Protiviti’s Governance Portal enables more than 1,000 JELD-WEN control owners, as well as the SOX
consultants and more than 20 testers from the company’s outside testing provider, KPMG, to log in securely
from anywhere – office, home, hotel room or airport lounge – at any time. This capability was essential
during development of the program, as JELD-WEN had as many as 26 consultants globally, all of whom
were able to access the Portal daily to upload flowcharts, create risk control matrices and perform tests – all
without requiring a desk in a JELD-WEN office or even a guest account on the JELD-WEN network.
Today, the flexibility to access the Governance Portal from anywhere enables everyone involved in the SOX
program to be more productive and the entire process to be more cost-efficient.
Flexible Change Management
JELD-WEN performs change management much more efficiently using the Governance Portal’s Assess-
ment Management Engine. Control owners fill in self-assessment surveys on a quarterly basis, making it
easy for the company to document the significant number of changes in processes, personnel and process
ownership that occur in that period. At the end of each quarter, the regional SOX coordinators use this
documentation to update flowcharts, process controls and the test plans for each control. “With 46 locations
spread out across North America, the ability to have the process owners enter their information locally and
the regional coordinators access it from their locations has drastically reduced the time and cost of change
management,” said Higgins.
Highly Efficient Workflows
The Governance Portal’s robust capabilities and functions allowed JELD-WEN to streamline the develop-
ment and ongoing operation of its SOX program as follows:
• The task functionality enables the JELD-WEN SOX implementation team to assign controls and
process flows to process control owners for their initial review and confirmation. With the SOX
program in place, the SOX team is also able to assign tasks to outside testers, as well as specify when a
test should start, when it should finish and who should perform quality assurance review. The status of
tasks can be monitored centrally in the Governance Portal.
“ THE PROTIVITI IMPLEMENTATION TEAM WAS ABLE TO BUILD OUT OUR SOX PORTAL AND BEGIN TRAINING
MY CORE CONSULTING TEAM WITHIN A MONTH. THANKS TO THE GOVERNANCE PORTAL, DESPITE
THE CHALLENGES ASSOCIATED WITH A GLOBAL ROLLOUT WITH REMOTE LOCATIONS AND LANGUAGE
DIFFERENCES, WE SUCCESSFULLY MET THE ONE-YEAR DEADLINE.”
13. 9Protiviti’s Governance Portal – Client Insights
• The action plan functionality enables the JELD-WEN SOX team to guide process control owners in
remediating controls that have failed a test. Action plans include a start date, due date, the person on
the SOX team responsible for reviewing the remediation and, if appropriate, a requirement that the
control owner upload supporting documentation when remediation has been completed. Action plans
can also be centrally monitored in the Governance Portal.
• The template library, which includes templates for risks, controls, objectives and test plans, made it far
easier for the JELD-WEN SOX implementation team to add each of its more than 150 locations by
simply entering the location into the system and importing the appropriate templates from the library.
This eliminated the need to create from scratch an entirely new organizational structure for each new
entity or acquisition. “The template library continues to help us add subsequent locations and acquisi-
tions,” said Higgins.
• The mass upload function enables the JELD-WEN SOX team to update all relevant records with a
single click. Using templates, JELD-WEN is able to easily update testers, dates, control information
and more. “JELD-WEN has nearly 3,000 controls in the Governance Portal,” said Higgins. “When a
field needs to be updated, it’s far faster to use the mass upload function rather than going one-by-one
through the controls.”
Reporting
The Governance Portal enables JELD-WEN’s SOX team and senior management to gain insight into the
SOX program through a variety of ad hoc searches, dashboards and reports. The SOX implementation team
developed reports to monitor the status of process documentation and testing daily. The team also devel-
oped a global test results report. JELD-WEN makes extensive use of the ability of the Governance Portal
to export its data to Microsoft Excel, which the SOX team uses to create easy-to-read graphical charts and
pivot tables.
“The reporting capabilities in the Governance Portal have made it easier to satisfy our reporting require-
ment, while providing the SOX team and senior management with a much clearer picture of the risks facing
the organization,” added Higgins.
“ THE REPORTING CAPABILITIES IN THE GOVERNANCE PORTAL HAVE MADE IT EASIER TO SATISFY OUR
REPORTING REQUIREMENT WHILE PROVIDING THE SOX TEAM AND SENIOR MANAGEMENT WITH A MUCH
CLEARER PICTURE OF THE RISKS FACING THE ORGANIZATION.”
14. 10 Protiviti’s Governance Portal – Client Insights
U.S. manufacturer streamlines field audit with
Protiviti’s Governance Portal
Client Challenge
Our client, one of the world’s leading manufacturers, with headquarters in the United States and multiple retail
and distribution locations throughout the U.S., needed to develop a field audit solution for display tracking. The
company supports its network of retail sales representatives by providing them with display systems, which hold
flip-through binders of samples. These systems are placed in retail stores and are maintained by the sales rep-
resentatives. However, the company did not have an efficient system for tracking these displays – such as their
current locations, whether they have been moved from one location to another and the condition they were in.
The client uses the sample binders as a primary means to educate and promote its product to the retail customer.
Ensuring the binders are available and in good shape is essential to the company’s marketing and sales strategy.
In 2013, the company decided to develop a field audit solution to improve the tracking of these display sys-
tems. The company consulted with its internal audit partner, Protiviti, on the best way to address the issue.
We proposed developing a tablet-based field audit solution, which sales representatives could use to conduct
a field audit while in a store. The company management agreed to the proposal, and the Protiviti internal
audit team contacted the Protiviti Governance Portal team for assistance with the proposed solution.
Powerful Insights
The Protiviti team collected the company’s requirements for the audit and efficiently set up and deployed a
program for a mobile-device-enabled audit that covered 180 store locations and 450 displays. Using their tablets,
the sales representatives completed their audits by ranking display details through drop-down rating fields and
adding commentary if needed. The audit management team was then automatically notified that a field audit had
been completed, and the data was consolidated at the company headquarters. The audit process was intuitive,
simple and straightforward, and was received extremely favorably by the users.
“Despite a tight deadline and limited budget, Protiviti quickly created and deployed the field audit solu-
tion,” said the company manager of residential sales operations. “Initially, some of our reps were concerned
about having to take the extra time to do the in-store audit, but they found that it was easy to use and did
not take more than five minutes.”
Proven Delivery
The new field audit program fully addressed the needs of the internal audit team, enabling field reps to report
timely and accurately on the status of the displays in stores. Previously, the audits were performed manually
and required multiple steps to consolidate and report on the results – a cumbersome process that was stream-
lined and made much more efficient with the Governance-Portal solution. As a result, the company is now
looking to adopt the Governance-Portal-enabled field audit as a standard practice at all its locations.
15. 11Protiviti’s Governance Portal – Client Insights
About Protiviti’s GRC Practice and Governance Portal
Protiviti’s GRC experts have worked with thousands of global clients to deliver targeted GRC software solu-
tions that address their immediate needs, while facilitating convergence toward fully integrated, value-added
GRC practices.
The Protiviti Governance Portal is a comprehensive software platform that integrates content and com-
monly accepted and proprietary frameworks with world-class consulting expertise to provide organizations
with the visibility and insight needed to manage and mitigate current and future risk and compliance issues.
The Governance Portal integrates process, knowledge and technology to help clients:
• Start the GRC program quickly, using out-of-the-box content and templates
• Execute GRC tasks efficiently, using proprietary GRC content that provides industry normative guidance
• Create a self-sustainable GRC program by easily configuring the Governance Portal to meet
each organization’s GRC program requirements, methodology and terminology
• Add value by converging multiple GRC activities
• Rely on real-time reporting and dashboards to provide executives with a holistic view of all GRC efforts
For additional information about the issues reviewed here or Protiviti’s services, please contact:
Scott Wisniewski
+1.312.476.6302
scott.wisniewski@protiviti.com
About Protiviti
Protiviti (www.protiviti.com) is a global consulting firm that helps companies solve problems in finance,
technology, operations, governance, risk and internal audit, and has served more than 60 percent of
Fortune 1000®
and 35 percent of Fortune Global 500®
companies. Protiviti and our independently owned
Member Firms serve clients through a network of more than 70 locations in over 20 countries. We also work
with smaller, growing companies, including those looking to go public, as well as with government agencies.
Named one of the 2015 Fortune 100 Best Companies to Work For®
, Protiviti is a wholly owned subsidiary
of Robert Half (NYSE: RHI). Founded in 1948, Robert Half is a member of the S&P 500 index.