1 / 10

Expertool GRC Optimization

barbara
Download Presentation

Expertool GRC Optimization

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

    1. Expertool GRC Optimization Improving Time to Value for Enterprise GRC Solutions Enabling Cost Effective GRC Agility

    2. 2 Expertool Overview Consulting for Fortune 500 and international clients History of innovation Privately held company established in 1996 Unique product developed iteratively to solve real-world problems Successful engagements in variety of sectors and problem domains

    3. The Value Proposition Enabled by our Unique Technology

    4. Current State GRC Complexity Triage, analysis and prioritization of 3000+ issues in 10 weeks Economic impact of new common control set (330 controls) modeled in 12 weeks Business case, impact and critical success factors for upgrade to new Archer version modeled in 3 weeks Controls upgraded, control framework re-architected and integrated in 8 weeks Similar effort previously, 18 months to do a portion of this. The project -saved the client a year of effort by internal and consulting resources time ($2M) -this represents only the initial return on investment Triage, analysis and prioritization of 3000+ issues in 10 weeks Economic impact of new common control set (330 controls) modeled in 12 weeks Business case, impact and critical success factors for upgrade to new Archer version modeled in 3 weeks Controls upgraded, control framework re-architected and integrated in 8 weeks Similar effort previously, 18 months to do a portion of this. The project -saved the client a year of effort by internal and consulting resources time ($2M) -this represents only the initial return on investment

    5. The GRC Problem GRC involves many experts in many functional areas Best-in-class enterprise GRC platforms* take months or years to implement due to the hidden requirement to build the bridge between the vendor’s solution and the company’s compliance architecture, business taxonomy, practices, procedures, and policies. Once rolled out to segments of the corporate population, GRC content updates require months for the evaluation of alternatives, change impact analysis, governance approval, technical update and testing, and user retraining. We closely follow the GRC group OCEG and appreciate their conclusion that a significant GRC problem is “humans as middleware”. We think that is true because GRC involves many experts and that current GRC tools can’t deal with expertise. The ITGF is a framework, and that must now be implemented in a GRC platform framework—bridging frameworks is hard work! Finally, once the bridge is designed and built, people are hesitant to modify the bridge without reconvening the team of experts to make sure the full implications of the change are understood. Questions: What do you anticipate as your major barriers to successful implementation of the ITGF at GE? Who is going to provide end users with help in applying the ITGF content delivered by the GRC platform?We closely follow the GRC group OCEG and appreciate their conclusion that a significant GRC problem is “humans as middleware”. We think that is true because GRC involves many experts and that current GRC tools can’t deal with expertise. The ITGF is a framework, and that must now be implemented in a GRC platform framework—bridging frameworks is hard work! Finally, once the bridge is designed and built, people are hesitant to modify the bridge without reconvening the team of experts to make sure the full implications of the change are understood. Questions: What do you anticipate as your major barriers to successful implementation of the ITGF at GE? Who is going to provide end users with help in applying the ITGF content delivered by the GRC platform?

    6. Expertool GRC Optimization Expertool GRC Optimization is a software-enabled service to help company GRC professionals and their consultants better plan, populate, integrate, and operate their GRC solution Our solutions fill the gaps between GRC platforms and complex human activities Add something about… Unique capability in understanding the complex issues, trade-offs and impacts associated with implementing or re-architecting a GRC program Triage, analysis and prioritization of 3000+ issues in 10 weeks Economic impact of new common control set (330 controls) modeled in 12 weeks Business case, impact and critical success factors for upgrade to new Archer version modeled in 3 weeks Controls upgraded, control framework re-architected and integrated in 8 weeks Similar effort previously, 18 months to do a portion of this. Add something about… Unique capability in understanding the complex issues, trade-offs and impacts associated with implementing or re-architecting a GRC program Triage, analysis and prioritization of 3000+ issues in 10 weeks Economic impact of new common control set (330 controls) modeled in 12 weeks Business case, impact and critical success factors for upgrade to new Archer version modeled in 3 weeks Controls upgraded, control framework re-architected and integrated in 8 weeks Similar effort previously, 18 months to do a portion of this.

    7. Architectural View (Client’s Slide) What should the GRC architecture be? Business rules analysis Content analysis GRC content governance environment Impact analysis What should the GRC architecture be? Business rules analysis Content analysis GRC content governance environment Impact analysis

    8. Features and Benefits Expertool GRC Optimization empowers the GRC team to rapidly implement and adapt their GRC solution to be integrated with company-specific policies, procedures, controls and with business and IT environments Prior to rolling out or updating their GRC solution, the GRC team can rapidly prototype and evaluate the impact of changes to their control architecture and/or control sets Once understood, analyzed and approved, the control solutions from Expertool GRC Optimization model can directly feed the GRC solution with controls related to control objectives, and grouped into tailored baselines.

    9. Increase Value of Your GRC Solution Reduce Time-to-Value by 50%-80% Populate initial client content from synthesized spreadsheets and system extracts Enable parallel and independent expert activities; integrate and upload results to GRC system Minimize project risk due to schedule coordination Improve agility and effectiveness of GRC solution Minimize political friction for GRC solution sponsor Frontload implementation quality control Speed update cycle to deal with emerging issues

    10. GRC Optimization Deliverables

    11. The GRC Optimization Project Knowledge sources integrated Mappings deduced and suggested Client internal taxonomy and architecture mapped to GRC product taxonomy Client SMEs and consultants analyze and refine mappings in tailored model

More Related