1 / 28

NASACT Grants Management: Are States Ready to Manage More Federal Grant Funds?

NASACT Grants Management: Are States Ready to Manage More Federal Grant Funds?. March 2, 2010. Agenda. Oracle: Did you know? What is “G-R-C”? GRC Offering Benefits Key Take-Aways. Oracle. Did you know?. #1 in North America #1 in HR #1 in Public Sector Globally Project “Oracle”, 1977

nasim-gonzales
Download Presentation

NASACT Grants Management: Are States Ready to Manage More Federal Grant Funds?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. NASACTGrants Management: Are States Ready to Manage More Federal Grant Funds? March 2, 2010

  2. Agenda • Oracle: Did you know? • What is “G-R-C”? • GRC Offering • Benefits • Key Take-Aways

  3. Oracle

  4. Did you know? • #1 in North America • #1 in HR • #1 in Public Sector Globally • Project “Oracle”, 1977 • Longest running relationship with government of any software vendor Scale • $22.4 in revenue for FY 08 • 320,000 customers in 145 countries • 92,000 employees (1 in 3 joined from acquisitions) Innovation and Investment • Over 3,000 products with over 2,000 patents • $3b R&D • 20,000+ developers, running over 300,000 test scripts nightly • 6,500 customer-driven enhancements yearly • 1 million students supported • 7,500 customer support specialists speaking 27 languages • 20,000+ implementation consultants

  5. What is “G-R-C”?

  6. Creating Public TrustGRC in the Public Sector Governance Integrity Risk Compliance Governance + Risk Management + Compliance = Integrity equates to Structures + Threat Mitigation + Proofing = Public Trust

  7. Fraud Triangle Reducing Fraud in Government • As much as 7% of annual budget* • That is $70m per billion of budget • Need to break one leg of the triangle • Motivation and Opportunity easiest to address Human Performance Improvement • Rationalization may be impossible to manage Motivation GRC Kohlberg Moral Stages FRAUD Rationalization Opportunity Pednault, S. (2009). Fraud 101: Techniques and Strategies for Understanding Fraud, 3rd ed. Hoboken, NJ: John Wiley & Sons, p. xi.

  8. Risk-Controls Relationships Controls Yes No Yes Possible Loss Risk No Possible Waste

  9. Oracle’s GRC Offering

  10. Transaction Controls Oracle GRC Applications Suite Benefits Financial Compliance IT Governance Regulatory Policy Mgmt Information Privacy Environmental Product Quality & Safety Global Trade Mgmt Financial Services • GRC Intelligence • “If only we had a dash board that could highlight real time application access and / or transactional risk…” • Pre-built role-based Dashboards & KPI's • Tailored diagnostics for all GRC initiatives • Processes / Controls • Documents • Certification • Assessments & Test Results • Single source of GRC information across orgs and locations GRC Intelligence Alerts Reports Dashboards Key Risk & Control Indicators GRC Manager GRC Manager Issues Risks Issues Risks Processes Processes Assessments Assessments Remediation Remediation Policies Policies Procedures Procedures GRC Controls Management Access Controls Configuration Controls Preventive Controls Applications Infrastructure

  11. Transaction Controls Oracle GRC Applications Suite Benefits Financial Compliance IT Governance Regulatory Policy Mgmt Information Privacy Environmental Product Quality & Safety Global Trade Mgmt Financial Services GRC Manager “We can’t manage nor have the visibility of all the GRC initiatives across the enterprise…. • End-to-End GRC business process • Reduce cost and complexity by managing multiple global mandates with one system • Rely on tamper proof chain of evidence for all financial compliance processes • Align policies and processes with best practice risk and control frameworks GRC Intelligence Alerts Reports Dashboards Key Risk & Control Indicators GRC Manager GRC Manager Risks Ris Issues Risks Assessments Issues Processes Processes Assessments Remediation Policies Remediation Policies Procedures Procedures GRC Controls Management Access Controls Configuration Controls Preventive Controls Applications Infrastructure

  12. Multiple hierarchies exist to represent frameworks, business models and financial structures.

  13. Relationships are managed from the hierarchy down to the objectives, risks and controls in a many to many structure.

  14. Oracle GRC workflow automatically generates emails to compliance staff of action items. These emails link the user directly back to Oracle GRC Manager with a single mouse click.

  15. Easy to Use testing screens allow conclusions and supporting comments.

  16. Track Issues until they are closed with immediate access to who is currently tasked and how long they have been working on it.

  17. Transaction Controls Oracle GRC Applications Suite Benefits Financial Compliance IT Governance Regulatory Policy Mgmt Information Privacy Environmental Product Quality & Safety Global Trade Mgmt Financial Services • Access Controls “The SOD process is very manually intensive and only covers a fraction of the application landscape” • Best practice SOD Library • Cross Application SOD Enablement • Real-time Simulation & Remediation • Preventive User Provisioning • Library of prepackaged reports • Accelerates role design and implementation GRC Intelligence Alerts Dashboards Reports Key Risk & Control Indicators GRC Manager GRC Manager Risks Risks Issues Processes Assessments Processes Assessments Issues Remediation Remediation Policies Policies Procedures Procedures GRC Controls Management Access Controls Configuration Controls Preventive Controls Applications Infrastructure

  18. Transaction Controls Oracle GRC Applications Suite Benefits Financial Compliance IT Governance Regulatory Policy Mgmt Information Privacy Environmental Product Quality & Safety Global Trade Mgmt Financial Services • Configuration Controls “If only we had a dash board that could highlight real time application access and / or transactional risk…” • Ease of deploying change management controls • Enable risk management controls by enforcing policy procedures within the application • Increase confidence in the management of data integrity. • Repository of audit trails in change management reports • Increase business confidence in efficiency and data integrity of the system. GRC Intelligence Alerts Reports Dashboards Key Risk & Control Indicators GRC Manager GRC Manager Risks Risks Issues IAssessments Issues ssues Processes Processes Assessments Remediation Policies Procedures Procedures Remediation Policies GRC Controls Management Access Controls Configuration Controls Preventive Controls Applications Infrastructure

  19. Transaction Controls Oracle GRC Applications Suite Benefits Financial Compliance IT Governance Regulatory Policy Mgmt Information Privacy Environmental Product Quality & Safety Global Trade Mgmt Financial Services GRC Intelligence • Transaction Controls “We currently manage this on an ad-hoc basis that is manual and often error prone” • Easy to use interface to manage threshold values and generate parameterized reports across multiple applications • Readily available audit reports of suspicious activities • Workflow enabled process to distribute suspicious activities to key personnel for action / remediation Alerts Reports Dashboards Key Risk & Control Indicators GRC Manager GRC Manager Assessments Risks Risks Issues Issues Processes Processes Assessments Remediation Remediation Policies Policies Procedures Procedures GRC Controls Management Access Controls Configuration Controls Preventive Controls Applications Infrastructure

  20. Transaction Controls Oracle GRC Applications Suite Benefits Financial Compliance IT Governance Regulatory Policy Mgmt Information Privacy Environmental Product Quality & Safety Global Trade Mgmt Financial Services • Preventive Controls “We need to move from manual controls to automated controls…” • Automate & Streamline manual controls to become part of the transactional process • Enforce and report data security and valid change management • Audit • Audit & Workflow Notifications • Audit & Workflow Approvals GRC Intelligence Alerts Reports Dashboards Key Risk & Control Indicators GRC Manager GRC Manager Risks Risks Issues Issues Processes Processes Assessments Assessments Remediation Remediation Policies Policies Procedures Procedures GRC Controls Management Access Controls Configuration Controls Preventive Controls Applications Infrastructure

  21. Oracle GRC Benefits

  22. 5 Key Areas Where GRC Can Reduce Risks and Costs Activity Benefits Value Impact • 20-35% reductionin cost of on-going SOD auditing and monitoring • Industry proven, best practices policies • Library of prepackaged reports • Accelerates role design and implementation • Run test cases and what-if analysis SOD Analysis • Enforce preventive controls for data • integrity and access security • Ease of creating workflow processes for • Approval and notification • Library of best practices prepackaged controls • 15-25% reduction in cost for IT to create and implement automated controls Automated Preventive Controls • 20-30% reduction inaudit and compliance testing cost related to configuration change management Configuration & Change Management • Ease of deploying change management controls • Enforce policy procedures within the application • Increase confidence of data integrity • 20% reduction inaudit and compliance costs related to investigation of transactions and fraud controls • Manage & report suspect records • across multiple applications • Readily available audit reports • Automated distribution of suspect • records for review & remediation Transaction Monitoring Governance & Compliance Visibility • 10-40% reduction in costs of proving risk and compliance effectiveness across the enterprise • Capture internal and external perform-ance metrics quickly & accurately • Fact-based continuous improvement SOD = Segregation of Duties 24

  23. Cost Benefit AnalysisRelative Impacts Audit cost savings Mission Enhancement Fraud Prevention

  24. Key Take-aways

  25. Key Take-aways GRC Suite: • Demonstrates accountability • Increases public trust • Lowers costs of audits • Provides integrity • Prevents waste, fraud, and abuse How? • Library of prepackaged controls based on best practices • Single source of truth for all documentation that will be audited • Flexible reporting tool that can generate dashboards, alerts, and printed reports

  26. Contact Information Cindy Schwimer Executive Director, Public Sector Solutions Cindy.schwimer@oracle.com Voice: 703-364-3104 Adam Schwartz GRC Specialist Adam.b.schwartz@oracle.com Voice: 860-817-9403

More Related