Upload File

grc green sutainability solutions

prev
next
out of 5
Download GRC Green Sutainability Solutions

Upload: divya-venkat

Post on 08-Apr-2018

214 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • 8/6/2019 GRC Green Sutainability Solutions

    1/5

    Governance, Risk & Compliance (GRC) Use Case Process

    Certification & Risk Management

    Supporting Green Initiatives across the Global Organization

    Revision History

    Date Author Description of change

    05/18/2011 Shyam

    Radhakrishnan

    Document Created

  • 8/6/2019 GRC Green Sutainability Solutions

    2/5

    Use Case: Perform Global Processes, Risks & Controls Assessment

    Id: UC- UC-GRC-171640-1

    Description

    Customer records global business processes for each organization, documents risks associated with

    each parent process & establishes controls that mitigate those risks.

    This Use Case establishes efficient cost saving procedures that will result in the contribution towards

    reduction of global greenhouse challenges such as avoidable mass travel to global destination using

    Air, Road & other means in addition to contribution toward avoidable resource consumption.

    Level: High-Level Summary of controls assessment process

    Primary Actor

    Chief Executive Officer (CEO)

    Office of Compliance & Oversight Committee

    Supporting Actors

    Internal Audit Assessor

    Global Process Owners

    Stakeholders and Interests

    External Auditor Controls Efficiency; Risk-levels; Adherence to Annual Compliance

    Mandates

    Oversight Committee Internal controls state of readiness; Global Organizational controlframework

    IT Department Automated/Manual controls around business & infrastructure systems

    Finance Department Internal controls around financial applications

    Office of the CIO/CEO (Executive Team) Status of Assessment & Accountability activities

    Pre-Conditions

    Governance, Risk & Compliance Tool/Application needs to be installed & implemented

    Global Availability of Tool/Application

    Statutory exercise to record business process assessment needs to be initiated

    Corporate Internal Audit department has the mandate to perform exercise Timeline for initiation & completion of the assessment exercise is set

    Post Conditions

    Reporting capability based on GRC assessment data

    Tool/Application Availability Post-Assessment

    Post-Assessment Executive Sign-off for Accountability

  • 8/6/2019 GRC Green Sutainability Solutions

    3/5

  • 8/6/2019 GRC Green Sutainability Solutions

    4/5

    Extensions

    1. The GRC Tool/Applications needs to be setup by Global Entity/Organization and further by

    department within those Organizations as it relates to Main Success Scenario Step # 3above

    2. Control Framework is required to be setup based on compliance mandates that need to be

    satisfied year over year (SOX, ITIL, BASEL etc) as it related to Main Success Scenario Step # 5

    3. Electronic Process Certification initiation is dependent on the availability of the functionality

    (workflow/SMTP based) within the GRC tool/application Main Success Scenario Step #6

    4. Audit Engagements need to be created within the GRC tool/application prior to executing theinternal audit exercise as it related to Main Success Scenario Step # 10

    5. Consolidate processes, risks & controls scenario Report is either out-of-the-box or written

    using BI Reporting tools (Oracle GRC Intelligence/OBIEE) based on data from the GRCManager Suite

    Variations

    1. Processes, Risks & Controls can either be typed entered into the GRC tool/application oruploaded from file using a web interface similar to Oracle Web ADI (Application desktop

    integrator)2. If GRC tool/application is not available for some remote locations, the Internal Audit

    Department can send/receive certifications using other methods such as certified/signed

    hardcopies, Excel based documentation or other electronic methods as long as Internal AuditController approves such methods

    3. Internal Audit department is required to document evidence of successful/failed controls

    assessment. The artifacts can be electronic or hardcopies but the final resting place(repository) needs to be within the GRC tool/application as it related to the Processes, Risks

    & Controls for that specific organization/department audited.

    Frequency:

    Every Quarter

    Assumptions

    1. The GRC tool/application has multi-lingual capability

    2. Global assessment is done by the Internal Audit Department from the Corporate HQ3. Users within the GRC tool/application are setup and access rights configured prior to

    initiation of the certification process

    4. Timeline for certification process initiation & completion are setup in advance

    5. External Audit is provided access to the GRC tool/application to monitor/compare progressof the assessment

    6. IAD Corporate is the owner of the Global process documentation & assessment exercise7. Unit Heads from Global Locations are required to complete their Self-Assessment

    certification within the stipulated timeframe of the exercise8. Reporting requirements may change and are managed by the Internal Audit Department

    Corporate

  • 8/6/2019 GRC Green Sutainability Solutions

    5/5

    Special Requirements

    Performance

    1. Availability of GRC tool/application is mandatory across global locations (browser basedaccess) with limited exceptions see variations above

    2. Global business process certification needs to be a required task announced by the Office of

    the CEO (and enforced by the Office of the Corporate Internal Audit Controller) thus acommunication needs to be sent out to each global unit prior to initiation of the quarterly

    process

    User Interface

    1. The GRC tool/application needs to be multi-lingual and special characters/fonts displayed to

    users Globally

    2. Requirements & Procedures need to be made available to the process owners Globally withinthe GRC tool/application as instructions

    Security

    1. Access to the GRC tool/application Globally needs to be secured by standard authenticationmethods (Access credentials & encryption)

    2. Process certification authority (Stakeholder workflow) needs to be established by corporate

    Internal Audit Department within the GRC tool/application

    Issues

    1. In the event of control failure for a certain key business process, process owner needs to

    certify this event as a failure and seek guidance for remediation of the control deficiency2. When IAD performs internal audit across the global organization for certified processes, any

    deviations to the certification needs to be discussed with the process owner and plan of actionestablished

    3. In case there is system unavailability, backup methods to gather data needs to be established

    To do

    1. Obtain list of organizations, departments & process owners in order to prepare

    communication2. Ensure system availability (GRC tool/application)


GRC Applications Overview/ NCOAUGesoaug.communities.oaug.org/.../Presentations/GRC_Apps_Overview.pdfGRC Applications Overview/ NCOAUG ... Oracle GRC Process Management GRC Application

GRC Foundation: Transforming Data to Information · Navigating Your GRC Journey MetricStream GRC Summit Europe 2014: Case Study GRC Foundation: Convergence and Alignment The objective

GRC Overview.pptx

Demystifying GRC - The GRC Bluebook · PDF fileDemystifying GRC Understanding Governance, ... GRC is an acronym describing an integrated approach to ... Oracle

Grc Whitepaper

Resumen GRC

Aerodynamic analysis of a helicopter fuselage with rotating … · mental issues in the rotorcraft domain are addressed by the Green Rotorcraft Consortium (GRC). The GRC subproject

GRC Cloud - resolver.com Resolver GRC Cloud GRC Cloud allows your company to manage all its Governance, Risk and Compliance (GRC) needs in one application. GRC …

Glassfibre Reinforced Concrete (GRC) - GRC - Gulf · PDF fileGlassfibre Reinforced Concrete (GRC) Glassfibre Reinforced ... GRC gives the architects a unique and unrivalled opportunity

GRC Dashboards - Runtime Installation · 2019. 7. 1. · GRC DASHBOARDS - RUNTIME INSTALLATION 1 1 Introduction The following GRC dashboards (GRC = Governance, Risk and Compliance)

Understanding GRC

GRC - CANARIE Green IT 2009

GRC LeaderCon - GRC Software for Risk, Compliance, and Audit

Building an Effective GRC Process with TrustedAgent GRC

Oracle GRC

2015 GRC MATURITY SURVEY - Workiva | Cloud Platform€¦ · An OCEG Benchmark on GRC Maturity within Organizations 2015 GRC MATURITY SURVEY HOW THE APPROACH TO GRC STRATEGY & …

GRC Annual Meeting - GRC Sponsorships

Absolute grc-

GRC diagram

Calumex grc

SAP GRC Online Training | SAP GRC tutorials | SAP GRC TRAINING COURSE, USA

GRC Examples

Grc Column

Geothermal SuStainable, Green e - Sernageomin · GRC TransacTions, Volume 35 Geothermal: SuStainable, Green enerGy GeotheRmal ResouRCes CounCil 2011 annual meetinG oCtobeR 23 –

Green Rotorcraft. Environmental Objectives Clean Sky / GRC– IPAS 2013

GRC ACCESS

GRC Base Parcel GRC Base Point

The_views on Sutainability Reporting

GRC Portfolio

GRC DIY Guide - Green Roof Centre DIY... · such as garage roofs and sheds, are relatively simple to install as long as they follow certain guidelines. ... GRC DIY Guide.indd Created

ARCHITECTURAL GLASS REINFORCED CONCRETE - GRC … GRC July 2011.pdf · THE WORLD OF GRC Glass Reinforced Concrete (GRC) ... (GRCA) Specification recognises three grades of GRC, Grade

Insights on grc grc technology au1488

Grc Tutorial

ESPECIFICACIONES GRC

Implementing an integrated GRC approach with SAP GRC · PDF fileImplementing an integrated GRC approach with SAP GRC Sumit Sanyal(PwC) GRC Conference 26. November 2013 in Moscow