Governance, Risk Management and Compliance
Everything under Control with PROMATIS GRC Solutions
The times in which an enterprise could be led completely in "squire's kind" have long gone. The legislative body and supervisory authorities react upon criminal activities in the sector of economics, environment and computers, which are strongly increasing around the globe, with more and more complicated sets of rules (SOX, Basel II etc.). In addition investors and financial institutions demand an effective Risk Management, e.g. by establishing early warning systems to detect risks and to create a higher transparency within financial processes. The shorter and shorter half-life of strategic decisions can be met only with efficiently managed, safe and controlled business processes. In short: Governance, Risk and Compliance subjects are at the top of the management agenda.
PROMATIS GRC – Competitive Advantages of a process-oriented GRC Solution Portfolio
GRC is often felt, primarily, as an expense factor and thwarting for fast business processes. PROMATIS GRC solutions break off these prejudices: process-oriented methods, procedures and polished technologies provide for a lasting lowering of GRC costs. In addition, GRC works as a catalyst for intelligent business processes and makes thus its contribution to the development of competitive potentials that have not been tapped so far. PROMATIS GRC solutions offer optimally coordinated components which allow for a high return on investment and short implementing times:
Business Process Modeling
Business Process Governance forms the base of every PROMATIS GRC solution. This can be reached only by highly competitive and safe business processes which are accepted by users, business partners and by the certified public accountant. We reach the integration of all partners by using simple to understand graphic models. Here we help ourselves of efficient business process tools - mainly Horus and Oracle BPA Suite - which make working with business process models as easy as child's play with functionalities such as visualization, documentation, analysis and simulation.
Comprehensive GRC Process Management
Enterprise-wide, automated Compliance management across application borders and different sets of rules becomes true with Oracle Enterprise GRC Manager for the first time. Results are a transparency and efficient GRC processes. The product is based on a comprehensive documentation of critical business regulations, processes and leadership instruments, risks and problem fields. By means of defining and retaining controls, it can be defined how and if business processes and the connected risks have tob e monitored. Across the entire organization test plans, reviews and certifications can be generated. The Enterprise GRC Manager allows for a complete pursuit of all processes relevant for GRC in the enterprise through authorized users by means of audit trails.Monitoring, Reporting and Analysis
With Oracle Business Activity Monitoring (BAM) and Fusion GRC Intelligence we implement a comprehensive system for monitoring, reporting and analysis of information relevant for GRC. Modern Oracle Business Intelligence technologies provide for a seamless integration into the information landscape of the enterprise. Precast, role-based dashboards with drill down functionalities are suitable instruments to control business processes any time. The result is a consistent and up to date illustration of the menace situation of the enterprise. Besides real and potential compliance injuries can be detected quickly any time.
We offer a continuous concept to build up an integrated GRC solution bases on definitions and documentations in the Oracle Enterprise GRC Manager and in combination with connection information systems within one corporation.
This creates transparency regarding relevant business processes, their risk potentials and the belonging controls and compares these to concrete indicators from the ongoing operation. This ensures a nearly real-time detection regarding how far risks have developed and enables for fast reaction, just as it was pre-defined in the Enterprise GRC Manager.
GRC Controls
Automated GRC Controls on a application-, middleware- and data base level complete the spectrum of the GRC solution. They provide for the safe contact with resources of information at all levels of the IT infrastructure. Moreover we rely on the Oracle Enterprise GRC Controls which we implement on the Oracle E-Business Suite. With the support of Oracle Enterprise TCG (Oracle Enterprise Transaction Controls Governor) program-technical abnormities and defenses with transactions are recognized. This means that we enable the process-responsible staff to ward off or avoid any attempts to defraud or integrity-discrepancies at an early stage.
Conflicts, which can come up in relation to roles and responsibilities regarding SOD (Segregation of Duties) are monitored by us with Oracle Application ACG (Oracle Application Access Controls Governor). This enables to avoid defenses against task-separation in the run-up.
With the products Oracle Configuration Controls Governor and Oracle Preventive Controls Govenor we enable to upgrade data protection and safety as well as releaseability with the solutions named above.
We realize infrastructure controls with board components of the Oracle Fusion Middleware- and Oracle Enterprise Data Base portfolios in connection with Oracle Enterprise Manager and the Oracle Content Management products.
More information about the PROMATIS GRC Solution:
Trendsheet Process-oriented GRC: Scalable Consulting- and Software Solution for more Transparency and Safety
