Process-Driven GRC Management
Define Processes and Regulations, Assign Personal Responsibility, Automate Enforcement, Monitor & Control
The ProcessGene suite aims to deploy a process-driven approach for enforcing regulations,
controlling risks and ensuring both regulatory and internal compliance in multi-subsidiary, global environments. almost every organization needs to confront the following challenges:
Associating Business Processes with Regulations, Risks and Control Measures
- GRC automation
- Presentation of compliance enforcement "objective evidence"
- Controlling Multi-Org Complexity
As these four challenges may seem a bit abstract, we present managements & boards of directors with the following quick compliance enforcement quiz:
- Do you know exactly how many business processes / procedures / regulations are operated in your organization?
- Do you know which compliance regulations affect each process? Do you know how?
- Can you indicate the specific person who is personally liable to enforce or follow a compliance requirement related to a given process?
- Have these "personally liable" employees been acknowledging, on a regular basis, their awareness of, and obligation to abide-by relevant, current compliance requirements?
- Bonus question: Can you, personally, provide an ongoing objective evidence that will backup (with current data) your previous positive answers, hence reducing your criminal and personal liability in case of non-compliance?
Clearly, all the answers to the above quiz should be positive. To enable stakeholders to pass this quiz and reduce their alleged liability we embed the following methodology and tools within ProcessGene's GRC Suite:
- Build a Multi-Org Business Process Model.
- Connect business processes, GRC requirements and people.
- Automate GRC related tasks and record activities.
- Be able to present an objective evidence for compliance enforcement at any point in the past- by keeping records of compliance enforcement activities.