Download
slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds..
Aneesh Bhatnagar PowerPoint Presentation
Download Presentation
Aneesh Bhatnagar

Aneesh Bhatnagar

128 Vues Download Presentation
Télécharger la présentation

Aneesh Bhatnagar

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. Policy and Compliance Management Aneesh Bhatnagar Aneesh Bhatnagar Policy & Compliance Management Associate Director – Product

  2. Agenda Policy Management Compliance Management

  3. Policy • Management

  4. Topics Policy Management Product Overview: Key Features Policy Development Policy Maintenance Policy Communication Policy Implementation & Enforcement Reports / Dashboards

  5. GRC

  6. GRC Policy Management helps set the principles/ rules to guide decisions (set the governance objective & procedures) to achieve compliance on these objectives

  7. Policy Management Determine the Need Develop & Maintain Implement & Enforce Communicate

  8. Key features of Policy Management Ability to create Inline as well as Document based policies

  9. Key features of Policy Management Ability to create Inline as well as Document based policies Ability to link policies/sections to relevant GRCF objects

  10. Key features of Policy Management Ability to create Inline as well as Document based policies Ability to link policies/sections to relevant GRCF objects User Configurable workflows

  11. Key features of Policy Management Ability to create Inline as well as Document based policies Ability to link policies/sections to relevant GRCF objects User Configurable workflows Audit Trails

  12. Key features of Policy Management Ability to create Inline as well as Document based policies Ability to link policies/sections to relevant GRCF objects User Configurable workflows Audit Trails Powerful Policy Search

  13. Key features of Policy Management Ability to create Inline as well as Document based policies Ability to link policies/sections to relevant GRCF objects User Configurable workflows Audit Trails Powerful Policy Search Granular Access Controls

  14. Key features of Policy Management Ability to create Inline as well as Document based policies Ability to link policies/sections to relevant GRCF objects User Configurable workflows Audit Trails Powerful Policy Search Granular Access Controls Supports for policy management lifecycle

  15. Key features of Policy Management Ability to create Inline as well as Document based policies Ability to link policies/sections to relevant GRCF objects User Configurable workflows Audit Trails Powerful Policy Search Granular Access Controls Supports for policy management lifecycle Ability to control the number of copies that can be printed

  16. Key features of Policy Management Ability to create Inline as well as Document based policies Ability to link policies/sections to relevant GRCF objects User Configurable workflows Audit Trails Powerful Policy Search Granular Access Controls Supports for policy management lifecycle Ability to control the number of copies that can be printed Automatic conversion of the final policies into PDF along with the header, footer, e-signature & document information

  17. Key features of Policy Management Ability to create Inline as well as Document based policies Ability to link policies/sections to relevant GRCF objects User Configurable workflows Audit Trails Powerful Policy Search Granular Access Controls Supports for policy management lifecycle Ability to control the number of copies that can be printed Automatic conversion of the final policies into PDF along with the header, footer, e-signature & document information Sophisticated dashboards to monitor the policy management

  18. Key features of Policy Management Ability to create Inline as well as Document based policies Ability to link policies/sections to relevant GRCF objects User Configurable workflows Audit Trails Powerful Policy Search Granular Access Controls Supports for policy management lifecycle Ability to control the number of copies that can be printed Automatic conversion of the final policies into PDF along with the header, footer, e-signature & document information Sophisticated dashboards to monitor the policy management MLS enabled

  19. Create Document based policies Any user defined in the first stage (i.e. the author stage) of the lifecycle can initiate a policy creation process Select the lifecycle and the category/ sub-categories Modify the stage level users. Upload the controlled policy document

  20. Map it to other GRCContent The author / reviewers can relate a policy with GRCF Objects to set the Policy / Procedures for one or many GRCF Objects

  21. Review / Approve Document based policy The Reviewers can access the Policy using the View, Download, Print, Upload Privileges Reviewers can select the reviewers of the next stage based on the appropriate privileges Can have ‘n’ number of stages based on how the lifecycle is setup

  22. Create Inline Policy Create a policy in sections. Each section can relate to a GRCF object All the sections will be exported to Word and the Policy Users will get a complete view of the policy The author can choose to send the section to a reviewer / approver

  23. Review & Approve Inline Policy Each approver / reviewer will be shown the section that he needs to approve He can choose to approve or reject a section Once all the sections are approved / reviewed, the policy will get published.

  24. Policy Maintenance • Major Change - When an existing policy needs to be changed significantly • Minor Change - When an existing policy needs to be undergo a small modification • Policy Obsoletion - When an existing policy goes out-of-date

  25. Policy Maintenance : Upversion Option to change the lifecycle while upversioning the policy

  26. Policy Maintenance : Change Request Select the Option Change Request. The policy routes through all the stages of the lifecycles and once published will be available to the end users

  27. Policy Maintenance : Change Request Policies can be obsoleted by initiating the policy Obsoletion process Obsoleted policies are not available to the end users

  28. Policy Communication After a policy is published, the policy can be sent out for Policy Communication. All the policy users of that specific policy will receive an email notification with the link to provide their feedback. The policy users can access the Policy and can either accept or reject the policies The acceptance or rejection of the policy is retained in the system and can be produce as an evidence

  29. Policy Attestation The Policy users can either accept a policy or Request for exception and provide their comments The attestation information provided by the policy users are available in the policy management reports

  30. Policy Discovery Policy discovery can be done in two ways • Browse – In a windows explorer like tree view • Search – Using the search filters

  31. Reports • In-process Policy Documents Report • Approved Policy Documents Report • Obsolete Policy Documents Report • Audit History Report • Policy Management Reports

  32. Audit History

  33. Dashboards Dashboards for • Policies in the lifecycle • Published Policies • Policy Access • Policy Attestations Provides drill down from each of the dashboards to list additional information like the number of people who have not attested, who have already attested etc. with an option to export these details

  34. Multi Lingual Support

  35. Multi Lingual Support

  36. Regulatory • Changes

  37. GRC Intelligence

  38. GRC Intelligence

  39. Compliance • Management

  40. Objectives • Standards • Controls • Compliance • Management • AOC • Processes • Policies • Regulations

  41. Questions/ • Procedure • Objectives • Functions • Standards • Controls • Assertions • Auditable Entity • Compliance • Management • AOC • Processes • Evidences • Financial Account • Policies • Regulations • Exceptions • Assets

  42. ONE • F L E X I B L E • DATA MODEL

  43. Flexible Model that helps test NOT just Controls

  44. Leverages Harmonized Content from GRC Library

  45. GRC Library linked to your Policies

  46. Supports correlation between Controls and Question

  47. Integrated with Issue and Action Tracking System

  48. Create Adhoc Tests

  49. View Prior Test Results whileperforming Tests