More Related Content Similar to Enterprise Governance, Risk and Compliance (20) More from Axis Technology, LLC (20) Enterprise Governance, Risk and Compliance2. © Copyright 2012 Axis Technology, LLC
Enterprise Governance, Risk & Compliance
2
The world is changing dramatically. New and rapidly shifting regulatory environments affect the strategy,
structure, and operations of organizations, both within the enterprise and in its dealings with customers,
partners and other third parties.
eGRC is a rapidly evolving business capability that uses processes and tools to combine:
• Compliance programs that measure control effectiveness,
• Risk management programs that categorize and prioritize risks, and
• Governance programs that identify, monitor and manage remediation of those risks.
3. © Copyright 2012 Axis Technology, LLC
eGRC Risk
3
The typical organizations reaction to these shifting regulatory demands has produced multiple
new risks and disruptions
Impacts
• Unclear organizational
direction
• Fragmented control
framework
• Unrecognized /
unmitigated risks
• Organization
performance
interrupted
• Lost opportunities
4. © Copyright 2012 Axis Technology, LLC
eGRC Framework
4
eGRC is an enterprise initiative that reaches from strategy through architecture to the operations of the
organization. Whether an organization starts top-down with Corporate Leadership or starts the initiative at a
more targeted Architecture or Operations level, these modules form a framework for an Enterprise GRC
program.
eGRC Strategy
Maturity
Assessment
Risk
Appetite/Profile
IT Strategy
CORPORATE LEADERSHIP
eGRC
Realization
Maturity
Execution
Risk Appetite
Mgmt
IT
Implementation
OPERATIONS
eGRC
Architecture
Maturity
Roadmap
Risk Integration IT Architecture
ARCHITECTURE
Corporate Leadership
Ensure the eGRC strategy is well
defined, communicated effectively and
permeates the culture.
Architecture
Ensure there is a robust and integrated
control framework.
Operations
Implement processes, organizations and
technology that are aligned with the
strategy and architecture.
(Beyond)eGRC
Interface
3rd Party
Maturity Model
3rd Party Risk
Mgmt
3rd Party
Interfaces
THIRD PARTY
Third Party
Implement protocols and technology –
aligned with the enterprise strategy and
architecture – to interface effectively with
strategic third party vendors, partners,
channels, etc.
5. © Copyright 2012 Axis Technology, LLC
eGRC Expertise
5
Axis takes a holistic approach to eGRC by providing expertise across the key business and
technical disciplines (strategy, organization, culture, process, technology and
communication) to achieve enterprise change
6. © Copyright 2012 Axis Technology, LLC
eGRC Outcome
6
A holistic, insightful, and actionable eGRC strategy can help your organization to launch and
maximize its successful eGRC effort.
• Improved ability to
proactively manage to
current and emerging
regulatory demands
and market
opportunities
• Integrated information
that enables agility
• Transparency across
the organization
• Risk management
decisions throughout
the enterprise aligned
with strategic and
organizational goals
• Efficient and effective
management of
enterprise risk
7. © Copyright 2012 Axis Technology, LLC
www.AxisTechnologyLLC.com
70 Federal Street
Boston, MA 02110
(857) 445-0110
7