The Network Policy Management
- IT.22 - Policy Mgmt, Communication & Training
- M1. Context Monitoring
- P1. Proactive Actions & Controls
- I2. Communication
- M2. Performance Monitoring
- P2. Codes Of Conduct
- C3. Culture
- M3. Systemic Improvement
- P3. Policies
- R3. 3rd Party Inquiry & Investigation
- M4. Assurance
- P4. Education
- P5. Incentives
SAI Global GRC Software
SAI Global’s GRC Platform provides a flexible software solution to manage and profile risks, compliance obligations, incidents and cases, policies, and learning across the organization. Specific applications include configurations for environmental, health and safety use and for bribery and corruption risk management. A full utilization of SAI Global's software enables integration with SAI Global's Learning & Communication Platform and a single view across highly decentralized global operations. This inevitably results in better use of human capital, reduced costs, increased transparency and improved business results. A partial list of solution components, deployable as standalone elements or integrated, include risk assessment and profiling; obligations management; case and incident management; policy management; registries to manage gifts, hospitality, entertainment, facilitation payments and conflicts of interests; audit management; integration with hotline; and a fully configurable GRC Dashboard that integrates with learning and communication.
- IT.02 - Board and Entity Management
- IT.05 - Compliance Management
- IT.11 - Environmental, Health, and Safety
- IT.14 - Global Trade Compliance/International Dealings
- IT.15 - Hotline/Helpline
- IT.19 - Issue and Investigations Management
- IT.22 - Policy Mgmt, Communication & Training
- IT.23 - Privacy Management
- IT.26 - Risk Management
- IT.26 - Regulatory Intelligence and Monitoring
- IT.28 - 3rd Party/Vendor Risk & Compliance
- (C) Context
- M1. Context Monitoring
- P1. Proactive Actions & Controls
- R1. Responsive Actions & Controls
- D2. Notification
- M2. Performance Monitoring
- P2. Codes Of Conduct
- R2. Internal Investigation
- D3. Inquiry
- P3. Policies
- R3. 3rd Party Inquiry & Investigation
- M4. Assurance
- P4. Education
- (O) Organize
- (A) Assess
- (I) Interact
Digital Investigations in the Cloud resource White Papers Member contribution
In this white paper, we look at the practical steps needed to ensure forensic investigations in the Cloud can progress unhindered. A methodology for investigating security breaches in the Cloud effectively starts with ensuring contracts are written in such a way that any possible future investigation is made possible from both technical and procedural viewpoints.
Managing Risk in the Extended Enterprise: Best Practices for Working with Suppliers, Partners and Contractors resource White Papers Member contribution
Even with internal measures in place, companies can remain exposed to substantial risk beyond the enterprise. That's because companies can be substantially harmed by the actions of their suppliers, subcontractors, service providers, and other business partners.
Why is GRC important? blog
I have been blogging about what GRC is, advocating the definition developed by the Open Compliance and Ethics Group, OCEG (see this and subsequent posts). But, I haven’t really talked about why the concept of GRC has value.
Investigations group
Welcome to the Investigations community group. This group addresses GRC issues that arise in the conduct of investigations regarding compliance and ethical conduct.
