|
|
 |
 |
 |
 |
|
Governance, Risk & Compliance
|
|
|
 |
| |
Compliance Support
 The Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act, the USA Patriot Act, the Freedom of Information Act, and other regulations, are among a steady flow of industry, State, Federal and international mandates that codify the way businesses gather, store, manage, and report information.
IT organizations must create systems and processes that allow their organizations to easily comply with any new regulation it encounters, regardless of that regulation's specifics and origin.
In a January 2004 survey of 321 companies, industry group Financial Executives International found that for large companies, the average cost of compliance with Section 404: Management Assessment of Internal Controls, was: $4.6 million, including 35,000 hours of internal staff time, $1.3 million for consulting and software, and $1.5 million in new audit fees.
Business Roundtable, an association of CEOs of U.S. companies, conducted another survey in July 2003 in which it polled 150 CEOs at large companies. Half said their compliance costs would range from $1 million to $5 million; some estimates topped $10 million. According to Gartner Inc., public companies that adopt a Comprehensive Compliance Management Architecture will spend 50% less per year than those who don't.
A number of technologies play a role in compliance support:
- Business Process Management applications, for both reporting and risk forecasting.
- Enterprise resource planning, to ensure that controls are in place.
- Search and retrieval, for information discovery and communications monitoring.
- Storage (software and hardware), to protect and retain data.
- Security, to control access, protect data and ensure that systems are auditable.
- Content management, to control access and handle document compliance efforts.
- Records management and e-mail archiving, to meet retention regulations.
- Data and application integration, to make unstructured data usable and ensure the data's reliability.
- Business Process Automation, to monitor key processes and define relationships among data.
Source: ComputerWorld
Compliance Support
The Sarbanes-Oxley Act, the Health Insurance Portability and Accountability Act, the USA Patriot Act, the Freedom of Information Act, and other regulations, are among a steady flow of industry, State, Federal and international mandates that codify the way businesses gather, store, manage, and report information.
IT organizations must create systems and processes that allow their organizations to easily comply with any new regulation it encounters, regardless of that regulation's specifics and origin.
In a January 2004 survey of 321 companies, industry group Financial Executives International found that for large companies, the average cost of compliance with Section 404: Management Assessment of Internal Controls, was: $4.6 million, including 35,000 hours of internal staff time, $1.3 million for consulting and software, and $1.5 million in new audit fees.
Business Roundtable, an association of CEOs of U.S. companies, conducted another survey in July 2003 in which it polled 150 CEOs at large companies. Half said their compliance costs would range from $1 million to $5 million; some estimates topped $10 million. According to Gartner Inc., public companies that adopt a Comprehensive Compliance Management Architecture will spend 50% less per year than those who don't.
A number of technologies play a role in compliance support:
- Business Process Management applications, for both reporting and risk forecasting.
- Enterprise resource planning, to ensure that controls are in place.
- Search and retrieval, for information discovery and communications monitoring.
- Storage (software and hardware), to protect and retain data.
- Security, to control access, protect data and ensure that systems are auditable.
- Content management, to control access and handle document compliance efforts.
- Records management and e-mail archiving, to meet retention regulations.
- Data and application integration, to make unstructured data usable and ensure the data's reliability.
- Business Process Automation, to monitor key processes and define relationships among data.
Source: ComputerWorld
|
|
|
 |
 |
 |
|
|
|
|
|
|
|
|
|
|
|
|
OnBase for Governance, Risk and Compliance (GRC)
|
|
|
|
| |
GRC Solution
Results Engineering meets this challenge by offering a consistent, comprehensive and flexible GRC solution using OnBase from Hyland software.
By combining the ability to manage Enterprise Content and processes at every layer of an organization, with tools for monitoring, tracking and reporting, the single infrastructure of OnBase tightens corporate governance, mitigates risk, and manages compliance.
An OnBase GRC framework allows users to:
- Compound the cost-saving and operational efficiency benefits of an ECM solution
- Reduce the expense and complexity of maintaining multiple point solutions
- Automate workflows and impose business rules on specific processes
- Increase efficiency and accuracy in auditing, control and discovery
- Respond quickly to diverse, evolving standards, laws and regulations
- Extend policies, procedures and best practices across multiple business units
- Document distribution/notification of policies and procedures through Document Knowledge Transfer (DKT), a module that enforces and documents acknowledgement of these policies.
From a centralized administrative interface, businesses can monitor and manage all GRC-related content and records, including documents, physical assets, and human interaction.
Results Engineering, using OnBase and other tools, helps manufacturers address ISO requirements, hospitals adhere to HIPAA regulations, lenders demonstrate compliance with the Graham-Leach-Bliley Act, public companies abide by Sarbanes-Oxley guidelines, and government organizations respond to FOIA requests.
GRC Solution
Results Engineering meets this challenge by offering a consistent, comprehensive and flexible GRC solution using OnBase from Hyland software.
By combining the ability to manage Enterprise Content and processes at every layer of an organization, with tools for monitoring, tracking and reporting, the single infrastructure of OnBase tightens corporate governance, mitigates risk, and manages compliance.
An OnBase GRC framework allows users to:
- Compound the cost-saving and operational efficiency benefits of an ECM solution
- Reduce the expense and complexity of maintaining multiple point solutions
- Automate workflows and impose business rules on specific processes
- Increase efficiency and accuracy in auditing, control and discovery
- Respond quickly to diverse, evolving standards, laws and regulations
- Extend policies, procedures and best practices across multiple business units
- Document distribution/notification of policies and procedures through Document Knowledge Transfer (DKT), a module that enforces and documents acknowledgement of these policies.
From a centralized administrative interface, businesses can monitor and manage all GRC-related content and records, including documents, physical assets, and human interaction.
Results Engineering, using OnBase and other tools, helps manufacturers address ISO requirements, hospitals adhere to HIPAA regulations, lenders demonstrate compliance with the Graham-Leach-Bliley Act, public companies abide by Sarbanes-Oxley guidelines, and government organizations respond to FOIA requests.
|
|
|
|
|
|
|
|
|
|