Provide a Current Regulatory Universe (RU) Register

GRC-POS-08:

This service helps clients by taking the thousands of records, associated with their many current regulations and extracted DLRs, and providing the processing of this data into a multitude of different views – such as heat maps per business unit for inherent and residual risk, content groupings e.g. Data Privacy and AML, jurisdictions, etc.  This service supports various types of GRC Risk Management Plans in conjunction with GRC-POS-12.

Provide a GRC Library

GRC-POS-09:

We help clients consolidate into a central library all regulations and other digitised GRC external reference documents, along with their internal governance documentation, to create a sizeable knowledge base with considerable value including instant access to information from smart categorization and filing, search engine capabilities and version control.

Provide Governance Documentation Mapping to High-Risk DLRs

GRC-POS-10:

Governing Bodies of companies need to demonstrate to Regulators that their regulations have been internalised and to do this our service audits the links between all high-risk DLRs in the regulations and the internal governance documentation of the company through a mapping process.  This service works in conjunction with GRC-POS-05 and GRC-POS-09.

Provide a GRC Monitoring Programme (GMP)

GRC-POS-11:

The GRC Monitoring Programme (GMP) is like the service manual for your car, made up of a set of digitised Preventative Maintenance Routines (PMRs), derived from all the controls, and a schedule of how often they must be performed and by who, in order to achieve an error-free experience. Our GRC Standard has a PARA Monitoring Cycle of Plan-Action-Review-Attest and this is the Plan step that generates and maintains the GMP.

Provide Reviews of the GRC Monitoring Programme (GMP)

GRC-POS-12:

One of the main reasons for needing to do reviews of the GMP is that a selective monitoring approach is often used by clients due to limited resources.  PMRs are prioritised based on various risk criteria that are assessed periodically and this service then creates various types of GRC Risk Management Plans (e.g. CRMPs) based on these changing priorities.

Provide Control of GRC Disruptors

GRC-POS-13:

There are four primary GRC disruptors that our service is designed to help clients manage in an integrated way – risk events, complaints, changes to operating models and external regulatory obligations.  This is part of the Action stage of the PARA Monitoring cycle as these disruptors can happen at any time and the business needs to be set up to tackle them as an integral part of the broader GRC Standard.

Provide Automated GRC Monitoring

GRC-POS-14:

The other half of the picture for an error free experience mentioned in GRC-POS-11 is the dashboard. This service provides for the incremental development of automated monitoring for each client.  It represents the culmination of all the digitisation efforts and integration and automation engineering that is applied to deliver the GRC monitoring “nerve centre”.

Provide Automated GRC Reporting

GRC-POS-15:

An extension of Automated GRC Monitoring in GRC-POS-14 is the outputs that are flagged and reported on when certain thresholds are breached.  Our design provides for the customisation  of these thresholds and the details and manner in which breaches are then handled using a severity rating and escalation standard.

Provide a GRC Integration Hub

GRC-POS-16:

Automated monitoring (GRC-POS-14) relies heavily on access to the many sources of application data required for providing the feeds.  It requires a rules based approach that can be applied at the source of the processing and this introduces significant complexities that interface technology can provide incrementally through this service.

Provide Integration of Enterprise Solutions

GRC-POS-17:

Due to the enterprise nature of our GRC monitoring solution and the fact that it deals with every operating model in a company, together with the rules that drive them, an essential service is to integrate existing client enterprise solutions within the different operations that are necessary for delivering a complete solution.  This is an extension of GRC-POS-16.

Provide Integrated GRC Task Planning & Control

GRC-POS-18:

There are numerous services that generate tasks that are crucial for delivery of required outcomes.  This Task Planning & Control service is part of our underlying platform and provides the functionality for each service to manage the tasks that are required.  It uses a unique GRC component breakdown structure so that it is possible to provide a status on efforts and the history relating to each of these components.

Provide Integrated GRC Forum Planning & Administration

GRC-POS-19:

There are various strategic forums the GRC functions support in the company that are crucial for setting direction and generating important outputs in the form of deliberations, decisions and actions.  This service provides a common framework for how GRC functions and the governance structures work together for inputting, processing and outputting vital information to govern the company.

Provide a GC Desktop Assistant

GRC-POS-20:

Services GRC-POS-06 and GRC-POS-07 covered the digitisation of Governance Controller (GC) details and their ASCPs.  This is part of the key data in our desktop assistant we call MY COMPLY that this service helps clients set up.  It provides a go-to, expert system for helping GCs manage all aspects of their job and includes notifications, task reminders and other essential information directly related to their responsibilities.

Provide a GRC Forms Factory

GRC-POS-21:

To ensure consistency of approach, our GRC Standard has hundreds of forms and templates used throughout the many services in our portfolio. Attestation forms, reporting layouts, and PMR, ASCP and business control specification templates are but a few examples.  This service helps clients introduce a Forms Factory with these items under strict change control.

Request for Information

Should you wish to find out more about any of the products or services covered on our website, please don’t hesitate to give us a call or email us.  Our details can be found at the bottom of this screen or under Contact on the main menu.