|
Governance, Risk and Compliance
  Challenge: How do I measure risk and compliance with some of today’s complex governmental regulations and once I achieve that goal how do I govern my operation around them?
Business leaders today face unprecedented challenges in meeting customer and shareholder expectations. Challenges result from increased complexity in executing the right business plan amid the backdrop of changing markets, converging technologies and heightened customer expectations, not to mention the challenges associated with the current economic environment. Leaders also want their decisions swiftly translated into responsive, competitive and measurable actions reflecting their vision and strategy.
Simultaneously the SEC has increased expectations for ethical business practices and sound reporting with initiatives like Sarbanes-Oxley Act, GLB, PCI-DSS and HIPAA. CEOs, CFOs, CIOs and their financial auditors are now required to certify not only the company's financial statements but also the internal controls and financial processes that produced those statements. Furthermore, the regulations for process certification will become more inclusive over time - requiring companies to move from passive to active compliance, with annual process reevaluation.
CPSG’s Governance, Risk and Compliance capabilities can assure executives, with reasonable certainty, that their operation is meeting the key controls they will be measured on by their external auditors. CPSG achieves this goal by documentation and enhancement of key client processes and coupling those with industry leading GRC and IT-GRC tools. This allows executives to see – in real time – a compliance informational dashboard of their operation.
Why is the pain great?
Control Testing
- Testing can involve 1000’s of controls, 100’s of people, and dozens of software applications, making it very complicated and expensive to do properly.
Remediation
- Fixing internal control problems usually involves adding time and expense to a process – exactly the opposite of where companies want to be.
Process Documentation
- Documents are easy to create but hard to manage.
Who needs GRC?
- A publicly traded company in the U.S.
- A private company with significant public debt
- Any private company with intentions to go public
- Any non-profit organization that answers to external oversight
- A person with “compliance” in their title (Chief Compliance Officer, Director of Compliance, etc)
Value Proposition
CPSG’s GRC consulting services along with industry leading compliance technologies can not only reduce the cost of expensive compliance initiatives but also significantly increase the business value the compliance effort adds, thereby turning obligation into opportunity.
- Leverages existing investments
- Easily configurable
- Agnostic to Transaction systems
- Guided analysis through executive dashboards
- Accountability at levels within the organization
- Provides process automation capabilities to improve business processes
- Facilitates ongoing compliance requirements
- Flexible to accommodate other similar government regulations
The Service Offering
Using CPSG’s 4-D Methodology, we will gather and document your current compliance requirements, define the impact of future initiatives, assess compliance issues, determine the best path to resolution, determine the most effective and efficient definition of a role, develop the criteria by which a role is to be defined, and fit the design to your existing application infrastructure.
Once the design has been finalized, CPSG can deploy the model throughout your enterprise application suite, including ERP (SAP, Oracle, PeopleSoft, JDE, etc.), and incorporate the model into your enterprise GRC strategy.
Time Frame
The definition, design, and development of the compliance architecture can be accomplished within weeks not years.
Before the Design phase is complete, the scope and effort of the deployment phase will be accurately estimated.
The Deliverables
Document:
- Current-state compliance model
- Current-state Role definition criteria
- List of applications incorporated into model
- Definition of required attributes
- Design of new state criteria
- Process flow for new state role definition
Spreadsheet:
- Estimate for implementation of new compliance model
Project Plan:
- Project Plan for model implementation
Getting Started
If you’re ready to discuss how CPSG can establish consistency and create a design of a GRC architecture, please contact us.
www.cpsg-inc.com
888.665.5640 toll free
sales@cpsg-inc.com
To ensure our customers achieve the highest quality deliverables:
View our Methodology
|
|
|
|
|
 |
