Escolar Documentos
Profissional Documentos
Cultura Documentos
*Note: Tracked activity includes document changes, announcements, and enforcements by regulators.
Average Daily Alerts = Total Alerts Year-on-Year / 261 Working Days
© 2015, all rights reserved, www.GRC2020.com
3
The hydra of inefficiency
Organizations are burdened by manual ad
hoc processes. This involves being
overwhelmed with emails and documents
— leading to, in varying degrees…
Excessive emails, documents,
and paper trails
Poor visibility & reporting
Files and documents out of sync
Wasted resources and spending
Overwhelming complexity
No accountability
Difficulty maintaining
accurate compliance
information;
Regulatory
Taxonomy
Regulatory
Content
Technolog
y
Enableme
nt
Understand
1 fragmented
approaches
Determine
2 synergies
3 Critical Changes
Action Items
Analyzed to
understand relationships
Integrated and
mapped
together to
Distributed & provide context
Disconnected
IT GRC
Data Points
© 2015, all rights reserved, www.GRC2020.com
11
Conduct Analysis and Manage Regulatory Change Process
Speeches
ROLES &
RESPONSIBILITIES
© 2015, all rights reserved, www.GRC2020.com
18
GRC 20/20’s Regulatory Change Management Maturity Model
5 AGILE
Regulatory intelligence
Strategic Process, Information & Technology Architecture Alignment
architecture that
integrates feeds from
4 INTEGRATED regulatory knowlwedge
Regulatory intelligence providers that map to
architecture across the policies, risks, controls,
organization enables etc. Enables full
3 MANAGED consistent management situational awareness
Roles & responsibilities of regulatory change of regulatory change in
are defined with use of process with the the context of business.
technology to manage integration of content Regulatory feeds deliver
2 FRAGMENTED workflow and tasks to feeds from regulatory fully analyzed content
Limited structure in provide accountability. intelligence knowlege that identifies relevancy,
regulatory change Inconsistencies remain. providers. impacts, and tasks.
reponsibilities. Process There is no integration
1 AD HOC is accomplished via of technology and
Unstructured approach. email and documents content.
Constantly putting with limited
out fires. Often caught accountability and
off guard. oversight.
Some of the content we have evaluated is OCEG content which GRC 20/20 has an established relationship to use. Please do not copy
slides or graphics without permission. GRC 20/20 highly recommends you consider OCEG membership at www.OCEG.org.