the technology advantage the technology advantage placing the right bets to build the program of the...
TRANSCRIPT
The Technology Advantage Placing the Right Bets to Build the Program of the Future
April 2016 Michael Rasmussen, J.D., GRCP, CCEP The GRC Pundit @ GRC 20/20 Research, LLC OCEG Fellow @ www.OCEG.org
2 © 2016, all rights reserved, www.GRC2020.com
Realize that everything connects to everything else. Leonardo da Vinci
3 © 2016, all rights reserved, www.GRC2020.com
Regulatory Activity in Financial Services Tracked 2008-15
4 © 2016, all rights reserved, www.GRC2020.com The Chaos of Compliance Interconnectedness
5 © 2016, all rights reserved, www.GRC2020.com
Inevitability of Failure: Too Many Approaches
6 © 2016, all rights reserved, www.GRC2020.com
Compliance Management by Design: Federated Compliance Management
7 © 2016, all rights reserved, www.GRC2020.com
Compliance Management: a Top Down Approach
Compliance Management Strategy
Compliance Management Technology
Compliance Management Information
Compliance Management Process
8 © 2016, all rights reserved, www.GRC2020.com
The GRC Market: Technology, Information,& Professional Services
Technology to enable and automate compliance processes
Compliance Technology
Intelligence & content for compliance processes, often embedded in technology
Compliance Intelligence & Content
Professional services firms to advise on aspects of compliance
Compliance Professional Services
9 © 2016, all rights reserved, www.GRC2020.com
Compliance Information Architecture Provides 360° Contextual Intelligence
Strategic
Financial
Operational
Preventive
Corrective
Detective
Complaint
Investigation
Event
Strategic
Process
Department
Regulatory
Values
Contractual
Code of Conduct
Training & Awareness
Policies & Procedures
Owner
Employee
Subject Matter Expert
Controls
Risks
Issues
Roles
Objectives
Policies
Obligations
Organization Entity
Asset
Process
Central Hub of Compliance Information
10 © 2016, all rights reserved, www.GRC2020.com
360° Compliance Contextual Analytics & Intelligence Capabilities
Integrated and mapped together to provide context
Analyzed to understand relationships
Action Items
Distributed & Disconnected Compliance Data Points
11 © 2016, all rights reserved, www.GRC2020.com
Compliance Management by Design = Defensible Compliance Management
Compliance Technology Provides Automation and Tracking…
COLLABORATION AUDIT TRAIL ENFORCEMENT MANAGEMENT REPORTING WORKFLOW & TASKS
• Version (date/time • Ask and Resolve • Manage Expectations • Understand Context
• Provide Auditable Records • Demonstrate Sequence • Meet Requirements • Repeatable Cycle
12 © 2016, all rights reserved, www.GRC2020.com
Compliance Engagement: Bringing it to the Coal-Face of the Organization
13 © 2016, all rights reserved, www.GRC2020.com
Compliance management needs to provide a collaborative experience. Compliance engagement is accomplished through socialization and collaboration of compliance within the organization. This involves: • Getting questions answered
• Provide two-way communication
• Sharing information
• Connecting the dots through collaboration
Compliance Collaboration: Providing Collaboration Across the Organization
14 © 2016, all rights reserved, www.GRC2020.com
Compliance Operationalization: Integrating Compliance Across Systems & Processes
15 © 2016, all rights reserved, www.GRC2020.com
Compliance Intelligence: Integration of Actionable Content
16 © 2016, all rights reserved, www.GRC2020.com
Compliance Mobility: Done & Delivered Anywhere at Anytime
17 © 2016, all rights reserved, www.GRC2020.com
Maturing Compliance Through 360° Contextual Compliance Intelligence Delivers . . .
• Awareness
• Alignment
• Responsiveness
• Agility
• Resilience
• Lean Business Operations
Questions? Michael Rasmussen, J.D. The GRC Pundit & OCEG Fellow [email protected] +1.888.365.4560
Some of the content we have evaluated is OCEG content which GRC 20/20 has an established relationship to use. Please do not copy slides or graphics without permission. GRC 20/20 highly recommends you consider OCEG membership at www.OCEG.org.
GRC 20/20 Newsletter
LinkedIn: GRC 20/20
Blog: GRC Pundit
Twitter: GRCPundit
LinkedIn: Michael Rasmussen