SlideShare a Scribd company logo

Enterprise policy-management

Amit Bhargava
Amit Bhargava

Here is an interesting and insightful presentation on "Enterprise Policy Management" by Metric-stream. Hope you enjoy it as much as I did.

Technology
1 of 37
© 2015 MetricStream, Inc. All Rights Reserved. Enterprise Policy Management 101 Michael Rasmussen Chief GRC Pundit GRC 20/20 Research Vasant Balasubramanian Vice President Product Management MetricStream
© 2015 MetricStream, Inc. All Rights Reserved. Today’s Agenda  Inclusive policy creation process  Policies as links to other areas of compliance  Enterprise policy enforcement at various levels  Role of training and targeted communication  Leveraging technology to effectively manage the policy management program  Question & Answer
3© 2015, all rights reserved, www.GRC2020.com Change impacts policy management in the context of business
4© 2015, all rights reserved, www.GRC2020.com Battling the Hydra of Ineffective Policy Management
5© 2015, all rights reserved, www.GRC2020.com Policy Management Challenges Regulatory Change Risk Change Business Change Rogue Policies Out of Date Policies Different Templates Lack of Ownership Poorly Written Lack of Defensibility What is Driving Adoption in Policy Management and Maturity
6© 2015, all rights reserved, www.GRC2020.com Case Study in Effective Policy Management In a report in November 2012, the DOJ and SEC stated they: “have often encountered companies with compliance programs that are strong on paper but that nevertheless have significant . . . violations because management has failed to effectively implement the program even in the face of obvious signs of corruption.” POINT: Regulators are tired of paper-based compliance programs that look good on paper but fail in operations and employee engagement.
7© 2015, all rights reserved, www.GRC2020.com Begin by Understanding Your Policies
8© 2015, all rights reserved, www.GRC2020.com Policy Governance Strategies Centralized Policy Management Federated Policy Management Decentralized Balance Balance autonomy, best of breed with centralized reporting, collaboration, etc.
9© 2015, all rights reserved, www.GRC2020.com Policy Lifecycle is Not One Size Fits All POLICY COMMITTEE POLICY MANAGER POLICY OWNER(S) POLICY AUTHOR
10© 2015, all rights reserved, www.GRC2020.com Herding Cats – Getting Everyone Working Together
11© 2015, all rights reserved, www.GRC2020.com GRC 20/20’s Effective Policy Management Lifecycle
12© 2015, all rights reserved, www.GRC2020.com 1) Determine the Need for a New Policy
13© 2015, all rights reserved, www.GRC2020.com 2) Develop or Update Policy
14© 2015, all rights reserved, www.GRC2020.com 3) Communicate & Train on Policy
15© 2015, all rights reserved, www.GRC2020.com 4) Implement & Enforce Policy
16© 2015, all rights reserved, www.GRC2020.com 5) Measure & Reevaluate Policy
17© 2015, all rights reserved, www.GRC2020.com How Technology Enables Policy Management
18© 2015, all rights reserved, www.GRC2020.com Deliver a Unified Company Policy Portal in the Format Needed
19© 2015, all rights reserved, www.GRC2020.com An Engaging User Experience for Policy Management
20© 2015, all rights reserved, www.GRC2020.com Policy Push and Policy Pull
21© 2015, all rights reserved, www.GRC2020.com Integrated Information Architecture Drives Effective Policy Management REGULATIONS & OBLIGATIONS RISK & ANALYSIS OBJECTIVES & GOALS INCIDENTS & ISSUES ASSETS & RELATIONSHIPS POLICIES & TRAINING CONTROLS & ASSESSMENT ROLES & RESPONSIBILITIES
Questions? Michael Rasmussen, J.D. The GRC Pundit & OCEG Fellow mkras@grc2020.com +1.888.365.4560 Some of the content we have evaluated is OCEG content which GRC 20/20 has an established relationship to use. Please do not copy slides or graphics without permission. GRC 20/20 highly recommends you consider OCEG membership at www.OCEG.org. GRC 20/20 Newsletter LinkedIn: GRC 20/20 Blog: GRC Pundit Twitter: GRCPundit LinkedIn: Michael Rasmussen
© 2015 MetricStream, Inc. All Rights Reserved. A Federated & Systematic Approach to Policy Management Role of Technology Vasant Balasubramanian Vice President Product Management MetricStream
© 2015 MetricStream, Inc. All Rights Reserved. Policies at the heart of GRC Initiatives Issues & Remediation Compliance (Financial, IT, HR, Regulatory) Audits PoliciesRisks Dashboards & Reporting  Tracking Regulatory Changes  Implementing and Assessing Controls  Program Tracking  Assessing Risk related to non- compliance  Quantitative and Qualitative Analysis  Issue remediation  Approvals  Scheduling  Electronic Workpapers  Scheduling  Reporting
© 2015 MetricStream, Inc. All Rights Reserved. Key Technology Components
© 2015 MetricStream, Inc. All Rights Reserved. Make it Simple Business users do not have time for a complex enterprise-style interface
© 2015 MetricStream, Inc. All Rights Reserved. Author Policies 1 2 3 Create & Manage Policies at the most granular level (i.e. sections in a policy) 2 Drive consistency with Policy Templates 1 Cross-reference & link related and supporting policies and regulations for each section 3
© 2015 MetricStream, Inc. All Rights Reserved. Review & Approve Policies 1 2 3 Standardize and streamline the Enterprise Policy management program 1 Set Policy Implementation and review due dates 3 Manage Policy versions2
© 2015 MetricStream, Inc. All Rights Reserved. Communicate and Attest 1 Choose Geographies, Business units and Individuals for policy Implementation
© 2015 MetricStream, Inc. All Rights Reserved. Manage Exceptions 2 1 3 1 Establish and follow consistent procedures for exception capture, review, approvals reporting, 2 Manage policy exceptions and potential risks 3 Track policy exception status, due dates in real time
© 2015 MetricStream, Inc. All Rights Reserved. Drive Awareness and Training 1 2 3 Train and create awareness around policies 1 Identify, streamline and manage “end to end” training and certification requirements 2 Managing e-Learning and other forms of training3
© 2015 MetricStream, Inc. All Rights Reserved. Monitor Policy Compliance Use reports and analytical dashboards for insights into the policy inventory and to monitor policy compliance.
© 2015 MetricStream, Inc. All Rights Reserved. Selected Case Studies Leading North-West Regional Community Bank • MetricStream Solution: Integrated GRC for Policy management, ORM, Internal Audits, Financial Reporting, Regulatory Compliance, IT Governance and Issue Management • Improved coordination across various assurance groups, provided real-time risk-control intelligence, and minimized operational redundancies • Deployed Over MetricStream Cloud Fortune 500 Technology Company • Used by nearly 120,000 employees worldwide • Enabled a centralized, and consistent approach to policy development, communication, and implementation across the organization’s worldwide operations; • provided a single, common framework to standardize policy related processes Large Regional Not-for-Profit Health Care Provider • Provided an integrated framework for managing policies across the enterprise • Helped collaborate on policy creation and review, enabled policy process tracking, and mapped all policies to compliance requirements for complete transparency
© 2015 MetricStream, Inc. All Rights Reserved. Benefits • Simplify the development, review, and approval of polices and relevant documents. • Enable a federated approach to policy management and enforcement at local, regional, departmental, and headquarter levels. • Leverage a central library of standardized policy content, templates, and best practices. • Simplify and accelerate the retrieval of policies and documents, including reference and supporting documents and linked policies. • Identify, streamline and manage training and certification requirements • Gain enterprise-wide visibility into the status of policy and document management. Proactively address issues and gaps. • Strengthen regulatory compliance by mapping regulations and standards to organizational policies.
© 2015 MetricStream, Inc. All Rights Reserved. About MetricStream • Over 1,800 employees • Headquarters in Palo Alto, California with offices worldwide • Over 350 enterprise customers • Privately held – backed by leading global VCs, Goldman Sachs, Sageview Capital Integrated Governance, Risk, Compliance and Quality Management for Better Business PerformanceVision Apps & Solutions • Risk Management • Compliance Management • Audit Management • Business Continuity Management • IT GRC Partners Differentiators • Technology - GRC Platform – 9 Patents • Breadth of Solutions – Single Vendor for all GRC needs • Cross-industry Best Practices and Domain Knowledge • ComplianceOnline.com - Largest Compliance Portal on the Web Organization • Policy & Document Management • Third-party Management • Quality Management • EHS & Sustainability • Content and Training
© 2015 MetricStream, Inc. All Rights Reserved. Q&A Please submit your questions to the host by typing into the chat box on the lower right-hand portion of your screen. Thank you for participating! Michael Rasmussen Chief GRC Pundit GRC 20/20 Research Email: mkras@grc2020.com Vasant Balasubramanian Vice President Product Management MetricStream Email: vasant@metricstream.com A copy of this presentation will be made available to all participants in next 48 working hours. For more details on upcoming MetricStream webinars: http://www.metricstream.com/webinars/index.htm
© 2015 MetricStream, Inc. All Rights Reserved. THANK YOU Contact Us: Website: www.metricstream.com | Email: webinar@metricstream.com Phone: USA +1-650-620-2955 | UAE +971-5072-17139 | UK +44-203-318-8554

Recommended

Corporate governance
Corporate governanceCorporate governance
Corporate governanceNur Dalila Zamri
 
Good corporate governance
Good corporate governanceGood corporate governance
Good corporate governanceCG Hylton Inc.
 
Auditing Profession – Global Development And Key Issues
Auditing Profession – Global Development And Key IssuesAuditing Profession – Global Development And Key Issues
Auditing Profession – Global Development And Key IssuesNik Hasyudeen
 
Internal Control & Risk Management Framework
Internal Control & Risk Management FrameworkInternal Control & Risk Management Framework
Internal Control & Risk Management FrameworkTreasury Consulting LLP
 
Operational risk ppt
Operational risk pptOperational risk ppt
Operational risk pptNehaKamboj10
 
Pp the three lines of defense in effective risk management and control
Pp the three lines of defense in effective risk management and controlPp the three lines of defense in effective risk management and control
Pp the three lines of defense in effective risk management and controlErwin Morales
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
Operational Risk Management
Operational Risk ManagementOperational Risk Management
Operational Risk ManagementAsad Hameed
 

Recommended

Corporate governance
Corporate governanceCorporate governance
Corporate governanceNur Dalila Zamri
 
Good corporate governance
Good corporate governanceGood corporate governance
Good corporate governanceCG Hylton Inc.
 
Auditing Profession – Global Development And Key Issues
Auditing Profession – Global Development And Key IssuesAuditing Profession – Global Development And Key Issues
Auditing Profession – Global Development And Key IssuesNik Hasyudeen
 
Internal Control & Risk Management Framework
Internal Control & Risk Management FrameworkInternal Control & Risk Management Framework
Internal Control & Risk Management FrameworkTreasury Consulting LLP
 
Operational risk ppt
Operational risk pptOperational risk ppt
Operational risk pptNehaKamboj10
 
Pp the three lines of defense in effective risk management and control
Pp the three lines of defense in effective risk management and controlPp the three lines of defense in effective risk management and control
Pp the three lines of defense in effective risk management and controlErwin Morales
 
Grc governance, risk management & compliance
Grc governance, risk management & complianceGrc governance, risk management & compliance
Grc governance, risk management & complianceHR Globe Consulting
 
Operational Risk Management
Operational Risk ManagementOperational Risk Management
Operational Risk ManagementAsad Hameed
 
PERFORMANCE EVALUATION POWERPOINT
PERFORMANCE EVALUATION POWERPOINTPERFORMANCE EVALUATION POWERPOINT
PERFORMANCE EVALUATION POWERPOINTAndrew Schwartz
 
operations risk management power point presentation.
operations risk management power point presentation.operations risk management power point presentation.
operations risk management power point presentation.Miyelani Shibambo
 
White paper on ICFR/IFC with implementation approach
White paper on ICFR/IFC with implementation approachWhite paper on ICFR/IFC with implementation approach
White paper on ICFR/IFC with implementation approachChandan Goyal
 
Operational Risk Management
Operational Risk ManagementOperational Risk Management
Operational Risk Managementarsqureshi
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides SlideTeam
 
Managing for results
Managing for resultsManaging for results
Managing for resultsTan Tran
 
9e daft chapter_8_managerial_decision_making
9e daft chapter_8_managerial_decision_making9e daft chapter_8_managerial_decision_making
9e daft chapter_8_managerial_decision_makingfatwaamrani
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)deeptica
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Eneni Oduwole
 
A Board Perspective on Enterprise Risk Management
A Board Perspective on Enterprise Risk ManagementA Board Perspective on Enterprise Risk Management
A Board Perspective on Enterprise Risk ManagementTurlough Guerin GAICD FGIA
 
Managers as leaders chapter 18
Managers as leaders chapter 18Managers as leaders chapter 18
Managers as leaders chapter 18arnabji
 
360 Degree Appraisal
360 Degree Appraisal360 Degree Appraisal
360 Degree AppraisalHrhelp board
 
Recent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management DevelopmentsRecent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management DevelopmentsInternational Federation of Accountants
 
Governance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskGovernance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskAndrew Smart
 
Introduction to governance
Introduction to governanceIntroduction to governance
Introduction to governanceKing Abidi
 
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONOPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONFrackson Kathibula-Nyoni
 
Enterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceEnterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceResolver Inc.
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk ManagementCroydon Consulting, LLC
 
Corporate Compliance Management
Corporate Compliance Management Corporate Compliance Management
Corporate Compliance Management Pavan Kumar Vijay
 
Aras PLM Requirements Management
Aras PLM Requirements ManagementAras PLM Requirements Management
Aras PLM Requirements ManagementAras
 
Pere_Certificate_MetricStream
Pere_Certificate_MetricStreamPere_Certificate_MetricStream
Pere_Certificate_MetricStreamPere Torrà
 

More Related Content

What's hot

PERFORMANCE EVALUATION POWERPOINT
PERFORMANCE EVALUATION POWERPOINTPERFORMANCE EVALUATION POWERPOINT
PERFORMANCE EVALUATION POWERPOINTAndrew Schwartz
 
operations risk management power point presentation.
operations risk management power point presentation.operations risk management power point presentation.
operations risk management power point presentation.Miyelani Shibambo
 
White paper on ICFR/IFC with implementation approach
White paper on ICFR/IFC with implementation approachWhite paper on ICFR/IFC with implementation approach
White paper on ICFR/IFC with implementation approachChandan Goyal
 
Operational Risk Management
Operational Risk ManagementOperational Risk Management
Operational Risk Managementarsqureshi
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesCapgemini
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides SlideTeam
 
Managing for results
Managing for resultsManaging for results
Managing for resultsTan Tran
 
9e daft chapter_8_managerial_decision_making
9e daft chapter_8_managerial_decision_making9e daft chapter_8_managerial_decision_making
9e daft chapter_8_managerial_decision_makingfatwaamrani
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)deeptica
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Eneni Oduwole
 
A Board Perspective on Enterprise Risk Management
A Board Perspective on Enterprise Risk ManagementA Board Perspective on Enterprise Risk Management
A Board Perspective on Enterprise Risk ManagementTurlough Guerin GAICD FGIA
 
Managers as leaders chapter 18
Managers as leaders chapter 18Managers as leaders chapter 18
Managers as leaders chapter 18arnabji
 
360 Degree Appraisal
360 Degree Appraisal360 Degree Appraisal
360 Degree AppraisalHrhelp board
 
Governance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskGovernance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskAndrew Smart
 
Introduction to governance
Introduction to governanceIntroduction to governance
Introduction to governanceKing Abidi
 
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONOPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONFrackson Kathibula-Nyoni
 
Enterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceEnterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceResolver Inc.
 
Corporate Compliance Management
Corporate Compliance Management Corporate Compliance Management
Corporate Compliance Management Pavan Kumar Vijay
 

What's hot (20)

PERFORMANCE EVALUATION POWERPOINT
PERFORMANCE EVALUATION POWERPOINTPERFORMANCE EVALUATION POWERPOINT
PERFORMANCE EVALUATION POWERPOINT
 
operations risk management power point presentation.
operations risk management power point presentation.operations risk management power point presentation.
operations risk management power point presentation.
 
White paper on ICFR/IFC with implementation approach
White paper on ICFR/IFC with implementation approachWhite paper on ICFR/IFC with implementation approach
White paper on ICFR/IFC with implementation approach
 
Operational Risk Management
Operational Risk ManagementOperational Risk Management
Operational Risk Management
 
Governance, Risk, and Compliance Services
Governance, Risk, and Compliance ServicesGovernance, Risk, and Compliance Services
Governance, Risk, and Compliance Services
 
Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides Enterprise Risk Management PowerPoint Presentation Slides
Enterprise Risk Management PowerPoint Presentation Slides
 
Managing for results
Managing for resultsManaging for results
Managing for results
 
9e daft chapter_8_managerial_decision_making
9e daft chapter_8_managerial_decision_making9e daft chapter_8_managerial_decision_making
9e daft chapter_8_managerial_decision_making
 
Coso Erm(2)
Coso Erm(2)Coso Erm(2)
Coso Erm(2)
 
Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...Operational Risk Management - A Gateway to managing the risk profile of your...
Operational Risk Management - A Gateway to managing the risk profile of your...
 
A Board Perspective on Enterprise Risk Management
A Board Perspective on Enterprise Risk ManagementA Board Perspective on Enterprise Risk Management
A Board Perspective on Enterprise Risk Management
 
Managers as leaders chapter 18
Managers as leaders chapter 18Managers as leaders chapter 18
Managers as leaders chapter 18
 
360 Degree Appraisal
360 Degree Appraisal360 Degree Appraisal
360 Degree Appraisal
 
Recent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management DevelopmentsRecent COSO Internal Control and Risk Management Developments
Recent COSO Internal Control and Risk Management Developments
 
Governance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational RiskGovernance Culture & Incentives- Fundamentals of Operational Risk
Governance Culture & Incentives- Fundamentals of Operational Risk
 
Introduction to governance
Introduction to governanceIntroduction to governance
Introduction to governance
 
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATIONOPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
OPERATIONAL RISK MANAGEMENT FRAMEWORK PRESENTATION
 
Enterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and PerformanceEnterprise Risk Management - Aligning Risk with Strategy and Performance
Enterprise Risk Management - Aligning Risk with Strategy and Performance
 
Enterprise Risk Management
Enterprise Risk ManagementEnterprise Risk Management
Enterprise Risk Management
 
Corporate Compliance Management
Corporate Compliance Management Corporate Compliance Management
Corporate Compliance Management
 

Viewers also liked

Aras PLM Requirements Management
Aras PLM Requirements ManagementAras PLM Requirements Management
Aras PLM Requirements ManagementAras
 
Pere_Certificate_MetricStream
Pere_Certificate_MetricStreamPere_Certificate_MetricStream
Pere_Certificate_MetricStreamPere Torrà
 
Governance Risk and Compliance for SAP
Governance Risk and Compliance for SAPGovernance Risk and Compliance for SAP
Governance Risk and Compliance for SAPPECB
 
MetricStream Culture Play Book
MetricStream Culture Play BookMetricStream Culture Play Book
MetricStream Culture Play BookDheeraj Prasad
 
Oracle OpenWorld 2014 GRC events and sessions
Oracle OpenWorld 2014 GRC events and sessionsOracle OpenWorld 2014 GRC events and sessions
Oracle OpenWorld 2014 GRC events and sessionsOracle
 
Canadian Compliance Essentials: What U.S. companies coming to Canada need to ...
Canadian Compliance Essentials: What U.S. companies coming to Canada need to ...Canadian Compliance Essentials: What U.S. companies coming to Canada need to ...
Canadian Compliance Essentials: What U.S. companies coming to Canada need to ...This account is closed
 
Lets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNixLets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNixFixNix Inc.,
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCBill Graham CP.APMP
 
Fixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixNix Inc.,
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013FixNix Inc.,
 
Forrester GRC Q1 2016 Report
Forrester GRC Q1 2016 ReportForrester GRC Q1 2016 Report
Forrester GRC Q1 2016 ReportDaryl Resnick
 
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...Nicolas Beyer
 
Dave Govan (VP of Sales, Sailthru) - Aligning a Go to Market Strategy with Sa...
Dave Govan (VP of Sales, Sailthru) - Aligning a Go to Market Strategy with Sa...Dave Govan (VP of Sales, Sailthru) - Aligning a Go to Market Strategy with Sa...
Dave Govan (VP of Sales, Sailthru) - Aligning a Go to Market Strategy with Sa...Sales Hacker
 
Forrester wave enterprise_grc_platforms_q4_2011
Forrester wave enterprise_grc_platforms_q4_2011Forrester wave enterprise_grc_platforms_q4_2011
Forrester wave enterprise_grc_platforms_q4_2011dudugolf
 
Glenmark analyst ppt
Glenmark analyst pptGlenmark analyst ppt
Glenmark analyst pptKevin Simon
 
The competitive landscape of the Internet of Things
The competitive landscape of the Internet of ThingsThe competitive landscape of the Internet of Things
The competitive landscape of the Internet of ThingsIoTAnalytics
 

Viewers also liked (20)

Aras PLM Requirements Management
Aras PLM Requirements ManagementAras PLM Requirements Management
Aras PLM Requirements Management
 
Pere_Certificate_MetricStream
Pere_Certificate_MetricStreamPere_Certificate_MetricStream
Pere_Certificate_MetricStream
 
Governance Risk and Compliance for SAP
Governance Risk and Compliance for SAPGovernance Risk and Compliance for SAP
Governance Risk and Compliance for SAP
 
MetricStream Culture Play Book
MetricStream Culture Play BookMetricStream Culture Play Book
MetricStream Culture Play Book
 
Oracle OpenWorld 2014 GRC events and sessions
Oracle OpenWorld 2014 GRC events and sessionsOracle OpenWorld 2014 GRC events and sessions
Oracle OpenWorld 2014 GRC events and sessions
 
Vc us v4.0
Vc us v4.0Vc us v4.0
Vc us v4.0
 
Canadian Compliance Essentials: What U.S. companies coming to Canada need to ...
Canadian Compliance Essentials: What U.S. companies coming to Canada need to ...Canadian Compliance Essentials: What U.S. companies coming to Canada need to ...
Canadian Compliance Essentials: What U.S. companies coming to Canada need to ...
 
5
5 5
5
 
Lets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNixLets understand the GRC market well with Ponemon analysis- FixNix
Lets understand the GRC market well with Ponemon analysis- FixNix
 
Ten Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRCTen Slides in Ten Minutes - Company Realities - GRC
Ten Slides in Ten Minutes - Company Realities - GRC
 
Fixnix GRC Suite A Glance
Fixnix GRC Suite A GlanceFixnix GRC Suite A Glance
Fixnix GRC Suite A Glance
 
GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013GRC 101 ISACA Bengaluru on 28th Dec 2013
GRC 101 ISACA Bengaluru on 28th Dec 2013
 
Forrester GRC Q1 2016 Report
Forrester GRC Q1 2016 ReportForrester GRC Q1 2016 Report
Forrester GRC Q1 2016 Report
 
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
PAC Webinar - "Show me the money!" - evaluating market opportunities in cyber...
 
Dave Govan (VP of Sales, Sailthru) - Aligning a Go to Market Strategy with Sa...
Dave Govan (VP of Sales, Sailthru) - Aligning a Go to Market Strategy with Sa...Dave Govan (VP of Sales, Sailthru) - Aligning a Go to Market Strategy with Sa...
Dave Govan (VP of Sales, Sailthru) - Aligning a Go to Market Strategy with Sa...
 
Forrester wave enterprise_grc_platforms_q4_2011
Forrester wave enterprise_grc_platforms_q4_2011Forrester wave enterprise_grc_platforms_q4_2011
Forrester wave enterprise_grc_platforms_q4_2011
 
Glenmark analyst ppt
Glenmark analyst pptGlenmark analyst ppt
Glenmark analyst ppt
 
GRC
GRCGRC
GRC
 
GRC
GRCGRC
GRC
 
The competitive landscape of the Internet of Things
The competitive landscape of the Internet of ThingsThe competitive landscape of the Internet of Things
The competitive landscape of the Internet of Things
 

Similar to Enterprise policy-management

Policies cornerstone of privacy, compliance and information security manage...
Policies cornerstone of privacy, compliance and information security manage...Policies cornerstone of privacy, compliance and information security manage...
Policies cornerstone of privacy, compliance and information security manage...Natalie Thorpe
 
The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field Resolver Inc.
 
Technology Strategy for Impact
Technology Strategy for ImpactTechnology Strategy for Impact
Technology Strategy for ImpactDonny Shimamoto
 
EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance Posture
EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance PostureEVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance Posture
EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance PostureMichele Collu
 
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...DATUM LLC
 
Molina Troux Worldwide Conference 2014
Molina Troux Worldwide Conference 2014Molina Troux Worldwide Conference 2014
Molina Troux Worldwide Conference 2014carybrown
 
Introduction to DCAM, the Data Management Capability Assessment Model - Editi...
Introduction to DCAM, the Data Management Capability Assessment Model - Editi...Introduction to DCAM, the Data Management Capability Assessment Model - Editi...
Introduction to DCAM, the Data Management Capability Assessment Model - Editi...Element22
 
The Path to Configure Price Quote (CPQ) Sustainability
The Path to Configure Price Quote (CPQ) SustainabilityThe Path to Configure Price Quote (CPQ) Sustainability
The Path to Configure Price Quote (CPQ) SustainabilityApttus
 
Third-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyThird-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyNICSA
 
Vendor risk management webinar 10022019 v1
Vendor risk management webinar 10022019 v1Vendor risk management webinar 10022019 v1
Vendor risk management webinar 10022019 v1ControlCase
 
Data Governance And Culture
Data Governance And CultureData Governance And Culture
Data Governance And Culturennorthrup
 
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear LLC
 
Optimizing Compliance Programs in Organizations: A Top Down Approach
Optimizing Compliance Programs in Organizations: A Top Down ApproachOptimizing Compliance Programs in Organizations: A Top Down Approach
Optimizing Compliance Programs in Organizations: A Top Down ApproachEthisphere
 
Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsGoutama Bachtiar
 
6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectiveness6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectivenessRavi Tirumalai
 
Building a Strategy customers and Auditors Love
Building a Strategy customers and Auditors LoveBuilding a Strategy customers and Auditors Love
Building a Strategy customers and Auditors Lovejadams6
 
value and implications of master data management.pptx
value and implications of master data management.pptxvalue and implications of master data management.pptx
value and implications of master data management.pptxMuhammad Khalid
 
How to Centre your PCI Programme Around your Business Objective - SureCloud
How to Centre your PCI Programme Around your Business Objective - SureCloud How to Centre your PCI Programme Around your Business Objective - SureCloud
How to Centre your PCI Programme Around your Business Objective - SureCloud SureCloud
 

Similar to Enterprise policy-management (20)

Policies cornerstone of privacy, compliance and information security manage...
Policies cornerstone of privacy, compliance and information security manage...Policies cornerstone of privacy, compliance and information security manage...
Policies cornerstone of privacy, compliance and information security manage...
 
The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field The Journey to Integrated Risk Management: Lessons from the Field
The Journey to Integrated Risk Management: Lessons from the Field
 
Technology Strategy for Impact
Technology Strategy for ImpactTechnology Strategy for Impact
Technology Strategy for Impact
 
EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance Posture
EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance PostureEVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance Posture
EVERFI/SEI Webinar: Implementing a Competitive GDPR Compliance Posture
 
Top 10 Artifacts Needed For Data Governance
Top 10 Artifacts Needed For Data GovernanceTop 10 Artifacts Needed For Data Governance
Top 10 Artifacts Needed For Data Governance
 
Standards in Third Party Risk - DVV Solutions ISACA North May 19
Standards in Third Party Risk - DVV Solutions ISACA North May 19 Standards in Third Party Risk - DVV Solutions ISACA North May 19
Standards in Third Party Risk - DVV Solutions ISACA North May 19
 
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
DGIQ 2018 Presentation: How to be successful in the post GDPR landscape – bui...
 
Molina Troux Worldwide Conference 2014
Molina Troux Worldwide Conference 2014Molina Troux Worldwide Conference 2014
Molina Troux Worldwide Conference 2014
 
Introduction to DCAM, the Data Management Capability Assessment Model - Editi...
Introduction to DCAM, the Data Management Capability Assessment Model - Editi...Introduction to DCAM, the Data Management Capability Assessment Model - Editi...
Introduction to DCAM, the Data Management Capability Assessment Model - Editi...
 
The Path to Configure Price Quote (CPQ) Sustainability
The Path to Configure Price Quote (CPQ) SustainabilityThe Path to Configure Price Quote (CPQ) Sustainability
The Path to Configure Price Quote (CPQ) Sustainability
 
Third-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a StrategyThird-Party Risk Management: Implementing a Strategy
Third-Party Risk Management: Implementing a Strategy
 
Vendor risk management webinar 10022019 v1
Vendor risk management webinar 10022019 v1Vendor risk management webinar 10022019 v1
Vendor risk management webinar 10022019 v1
 
Data Governance And Culture
Data Governance And CultureData Governance And Culture
Data Governance And Culture
 
Maclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and TrendsMaclear’s IT GRC Tools – Key Issues and Trends
Maclear’s IT GRC Tools – Key Issues and Trends
 
Optimizing Compliance Programs in Organizations: A Top Down Approach
Optimizing Compliance Programs in Organizations: A Top Down ApproachOptimizing Compliance Programs in Organizations: A Top Down Approach
Optimizing Compliance Programs in Organizations: A Top Down Approach
 
Understanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor RelationshipsUnderstanding IT Strategy, Sourcing and Vendor Relationships
Understanding IT Strategy, Sourcing and Vendor Relationships
 
6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectiveness6 Steps to Transition Govt ICT effectiveness
6 Steps to Transition Govt ICT effectiveness
 
Building a Strategy customers and Auditors Love
Building a Strategy customers and Auditors LoveBuilding a Strategy customers and Auditors Love
Building a Strategy customers and Auditors Love
 
value and implications of master data management.pptx
value and implications of master data management.pptxvalue and implications of master data management.pptx
value and implications of master data management.pptx
 
How to Centre your PCI Programme Around your Business Objective - SureCloud
How to Centre your PCI Programme Around your Business Objective - SureCloud How to Centre your PCI Programme Around your Business Objective - SureCloud
How to Centre your PCI Programme Around your Business Objective - SureCloud
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingEdi Saputra
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...apidays
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Angeliki Cooney
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

Enterprise policy-management

  • 1. © 2015 MetricStream, Inc. All Rights Reserved. Enterprise Policy Management 101 Michael Rasmussen Chief GRC Pundit GRC 20/20 Research Vasant Balasubramanian Vice President Product Management MetricStream
  • 2. © 2015 MetricStream, Inc. All Rights Reserved. Today’s Agenda  Inclusive policy creation process  Policies as links to other areas of compliance  Enterprise policy enforcement at various levels  Role of training and targeted communication  Leveraging technology to effectively manage the policy management program  Question & Answer
  • 3. 3© 2015, all rights reserved, www.GRC2020.com Change impacts policy management in the context of business
  • 4. 4© 2015, all rights reserved, www.GRC2020.com Battling the Hydra of Ineffective Policy Management
  • 5. 5© 2015, all rights reserved, www.GRC2020.com Policy Management Challenges Regulatory Change Risk Change Business Change Rogue Policies Out of Date Policies Different Templates Lack of Ownership Poorly Written Lack of Defensibility What is Driving Adoption in Policy Management and Maturity
  • 6. 6© 2015, all rights reserved, www.GRC2020.com Case Study in Effective Policy Management In a report in November 2012, the DOJ and SEC stated they: “have often encountered companies with compliance programs that are strong on paper but that nevertheless have significant . . . violations because management has failed to effectively implement the program even in the face of obvious signs of corruption.” POINT: Regulators are tired of paper-based compliance programs that look good on paper but fail in operations and employee engagement.
  • 7. 7© 2015, all rights reserved, www.GRC2020.com Begin by Understanding Your Policies
  • 8. 8© 2015, all rights reserved, www.GRC2020.com Policy Governance Strategies Centralized Policy Management Federated Policy Management Decentralized Balance Balance autonomy, best of breed with centralized reporting, collaboration, etc.
  • 9. 9© 2015, all rights reserved, www.GRC2020.com Policy Lifecycle is Not One Size Fits All POLICY COMMITTEE POLICY MANAGER POLICY OWNER(S) POLICY AUTHOR
  • 10. 10© 2015, all rights reserved, www.GRC2020.com Herding Cats – Getting Everyone Working Together
  • 11. 11© 2015, all rights reserved, www.GRC2020.com GRC 20/20’s Effective Policy Management Lifecycle
  • 12. 12© 2015, all rights reserved, www.GRC2020.com 1) Determine the Need for a New Policy
  • 13. 13© 2015, all rights reserved, www.GRC2020.com 2) Develop or Update Policy
  • 14. 14© 2015, all rights reserved, www.GRC2020.com 3) Communicate & Train on Policy
  • 15. 15© 2015, all rights reserved, www.GRC2020.com 4) Implement & Enforce Policy
  • 16. 16© 2015, all rights reserved, www.GRC2020.com 5) Measure & Reevaluate Policy
  • 17. 17© 2015, all rights reserved, www.GRC2020.com How Technology Enables Policy Management
  • 18. 18© 2015, all rights reserved, www.GRC2020.com Deliver a Unified Company Policy Portal in the Format Needed
  • 19. 19© 2015, all rights reserved, www.GRC2020.com An Engaging User Experience for Policy Management
  • 20. 20© 2015, all rights reserved, www.GRC2020.com Policy Push and Policy Pull
  • 21. 21© 2015, all rights reserved, www.GRC2020.com Integrated Information Architecture Drives Effective Policy Management REGULATIONS & OBLIGATIONS RISK & ANALYSIS OBJECTIVES & GOALS INCIDENTS & ISSUES ASSETS & RELATIONSHIPS POLICIES & TRAINING CONTROLS & ASSESSMENT ROLES & RESPONSIBILITIES
  • 22. Questions? Michael Rasmussen, J.D. The GRC Pundit & OCEG Fellow mkras@grc2020.com +1.888.365.4560 Some of the content we have evaluated is OCEG content which GRC 20/20 has an established relationship to use. Please do not copy slides or graphics without permission. GRC 20/20 highly recommends you consider OCEG membership at www.OCEG.org. GRC 20/20 Newsletter LinkedIn: GRC 20/20 Blog: GRC Pundit Twitter: GRCPundit LinkedIn: Michael Rasmussen
  • 23. © 2015 MetricStream, Inc. All Rights Reserved. A Federated & Systematic Approach to Policy Management Role of Technology Vasant Balasubramanian Vice President Product Management MetricStream
  • 24. © 2015 MetricStream, Inc. All Rights Reserved. Policies at the heart of GRC Initiatives Issues & Remediation Compliance (Financial, IT, HR, Regulatory) Audits PoliciesRisks Dashboards & Reporting  Tracking Regulatory Changes  Implementing and Assessing Controls  Program Tracking  Assessing Risk related to non- compliance  Quantitative and Qualitative Analysis  Issue remediation  Approvals  Scheduling  Electronic Workpapers  Scheduling  Reporting
  • 25. © 2015 MetricStream, Inc. All Rights Reserved. Key Technology Components
  • 26. © 2015 MetricStream, Inc. All Rights Reserved. Make it Simple Business users do not have time for a complex enterprise-style interface
  • 27. © 2015 MetricStream, Inc. All Rights Reserved. Author Policies 1 2 3 Create & Manage Policies at the most granular level (i.e. sections in a policy) 2 Drive consistency with Policy Templates 1 Cross-reference & link related and supporting policies and regulations for each section 3
  • 28. © 2015 MetricStream, Inc. All Rights Reserved. Review & Approve Policies 1 2 3 Standardize and streamline the Enterprise Policy management program 1 Set Policy Implementation and review due dates 3 Manage Policy versions2
  • 29. © 2015 MetricStream, Inc. All Rights Reserved. Communicate and Attest 1 Choose Geographies, Business units and Individuals for policy Implementation
  • 30. © 2015 MetricStream, Inc. All Rights Reserved. Manage Exceptions 2 1 3 1 Establish and follow consistent procedures for exception capture, review, approvals reporting, 2 Manage policy exceptions and potential risks 3 Track policy exception status, due dates in real time
  • 31. © 2015 MetricStream, Inc. All Rights Reserved. Drive Awareness and Training 1 2 3 Train and create awareness around policies 1 Identify, streamline and manage “end to end” training and certification requirements 2 Managing e-Learning and other forms of training3
  • 32. © 2015 MetricStream, Inc. All Rights Reserved. Monitor Policy Compliance Use reports and analytical dashboards for insights into the policy inventory and to monitor policy compliance.
  • 33. © 2015 MetricStream, Inc. All Rights Reserved. Selected Case Studies Leading North-West Regional Community Bank • MetricStream Solution: Integrated GRC for Policy management, ORM, Internal Audits, Financial Reporting, Regulatory Compliance, IT Governance and Issue Management • Improved coordination across various assurance groups, provided real-time risk-control intelligence, and minimized operational redundancies • Deployed Over MetricStream Cloud Fortune 500 Technology Company • Used by nearly 120,000 employees worldwide • Enabled a centralized, and consistent approach to policy development, communication, and implementation across the organization’s worldwide operations; • provided a single, common framework to standardize policy related processes Large Regional Not-for-Profit Health Care Provider • Provided an integrated framework for managing policies across the enterprise • Helped collaborate on policy creation and review, enabled policy process tracking, and mapped all policies to compliance requirements for complete transparency
  • 34. © 2015 MetricStream, Inc. All Rights Reserved. Benefits • Simplify the development, review, and approval of polices and relevant documents. • Enable a federated approach to policy management and enforcement at local, regional, departmental, and headquarter levels. • Leverage a central library of standardized policy content, templates, and best practices. • Simplify and accelerate the retrieval of policies and documents, including reference and supporting documents and linked policies. • Identify, streamline and manage training and certification requirements • Gain enterprise-wide visibility into the status of policy and document management. Proactively address issues and gaps. • Strengthen regulatory compliance by mapping regulations and standards to organizational policies.
  • 35. © 2015 MetricStream, Inc. All Rights Reserved. About MetricStream • Over 1,800 employees • Headquarters in Palo Alto, California with offices worldwide • Over 350 enterprise customers • Privately held – backed by leading global VCs, Goldman Sachs, Sageview Capital Integrated Governance, Risk, Compliance and Quality Management for Better Business PerformanceVision Apps & Solutions • Risk Management • Compliance Management • Audit Management • Business Continuity Management • IT GRC Partners Differentiators • Technology - GRC Platform – 9 Patents • Breadth of Solutions – Single Vendor for all GRC needs • Cross-industry Best Practices and Domain Knowledge • ComplianceOnline.com - Largest Compliance Portal on the Web Organization • Policy & Document Management • Third-party Management • Quality Management • EHS & Sustainability • Content and Training
  • 36. © 2015 MetricStream, Inc. All Rights Reserved. Q&A Please submit your questions to the host by typing into the chat box on the lower right-hand portion of your screen. Thank you for participating! Michael Rasmussen Chief GRC Pundit GRC 20/20 Research Email: mkras@grc2020.com Vasant Balasubramanian Vice President Product Management MetricStream Email: vasant@metricstream.com A copy of this presentation will be made available to all participants in next 48 working hours. For more details on upcoming MetricStream webinars: http://www.metricstream.com/webinars/index.htm
  • 37. © 2015 MetricStream, Inc. All Rights Reserved. THANK YOU Contact Us: Website: www.metricstream.com | Email: webinar@metricstream.com Phone: USA +1-650-620-2955 | UAE +971-5072-17139 | UK +44-203-318-8554