|
Compliance Software provides one GRC platform for handling multiple compliance requirements more cost effectively and with greater flexibility PLUS the ability to automate general business processes with built-in controls for complete integration and ensuring results - a unique GRC Plus™ solution. The following sections provide more information
on the problem and the solution:
Multiple Compliance Dilemma
While efforts are being made to change Sarbanes-Oxley law to reduce the complexities and cost of implementation it is not going to go away. In fact, greater demands are being made by regulatory bodies for stronger enforcement and more transparent reporting and management
for more and more different compliance regulations.
Many companies are faced not only with Sarbanes-Oxley ,but other compliance requirements and are struggling with how to most cost effectively implement. For example, in addition to Sarbanes-Oxley Act the following compliance related regulations are just a sample for the
U.S.:
|
ACT
|
DESCRIPTION
|
|
Sarbanes-Oxley Act of 2002
|
Financial reporting accountability.
|
|
AS5 (Accounting Standard No. 5)
|
Designed to increase the likelihood of finding material weaknesses in internal controls before they result in problems, eliminate unnecessary procedures, and focus on procedures that can be tailored to a company's facts and circumstances. Reduces costs while strengthening the financial reporting processes thus especially important to smaller businesses.
|
|
OMB A-123
|
Federal agencies must provide the same internal controls and financial reporting that publicly traded
companies must abide by within section 404 of the Sarbanes Oxley Act.
|
|
FCPA - Foreign Corrupt Practices Act
|
Makes it unlawful to bribe foreign government officials to obtain or retain business. Requires record keeping of all transactions and to maintain adequate internal accounting records with periodic reports to the SEC.
|
|
SEC Rules 17a-3 & 17a-4
|
Management of all records related to securities transactions to be maintained for 3 years.
|
|
Basel I/II
|
Regulatory guidelines for
international banking with Basel II making a comprehensive operational risk management framework and processes in place.
|
|
Health Insurance Portability & Accountability Act (HIPAA)
|
Privacy of patient information and right to carry insurance between jobs.
|
|
Gramm-Leach-Bliley Act
|
Privacy of financial information.
|
|
FDA CFR21 Part 11
|
Management of electronic records for clinical trials.
|
|
DoD 5015.2
|
Federal standards for records management.
|
|
U.S. Patriot Act
|
Customer documentation requirements.
|
Companies that need to implement multiple compliance regulations have been faced with trying to implement and integrate multiple single point solutions. The confusion is compounded by an increasing number of software and hardware vendors claiming they are critical
to compliance but in fact may only address one single aspect of the compliance requirements and do not deal at all with the business processes themselves.
As a result, this has led to confusion and increasing complexity in the decision making process for most customers and can result in actually increasing costs instead of reducing costs.
Top
Multiple Compliance Requirements Leads to Multiple Pains
The following breaks down the problems that are often associated with implementing multiple compliance requirements.
|
Area
|
Problem
|
|
Multiple requirements
|
Implementing and integrating multiple/overlapping regulatory
requirements using different systems.
|
|
Overall alignment
|
Lack of alignment of compliance with work on strategy,
governance, and overall risk management.
|
|
Resources and cost
|
Increased diversion of key resources and overall
cost to comply.
|
|
Deployment, training and support
|
Increased deployment and training time of business
owners, risk/compliance managers, audit staff and IT resources to support and
manage systems.
|
|
Adding new requirements; change management
|
Cost and time to implement new processes and
procedures to address deficiencies and be compliant and/or handle risk
objectives.
|
|
Meet new standards
|
Implementation and integration of new standards for records/information
management and IT controls.
|
|
Individual pillar effect
|
Each business unit implementing its own
un-coordinated solution for risk management.
|
|
Business integration
|
Inability to leverage overall risk and compliance efforts into
business performance gains to create value.
|
Top
Requirements for Addressing Multiple Compliance Needs
When companies need to implement multiple compliance requirements there are some common capabilities that lend themselves to a single solution:
Common Requirements
- Workflow automation that can link processes, documents and people.
- Documentation management including version and change control.
- Segregation of duties with roles based authentication.
- Granular secure access to ensure only authorized individuals access any specific file, document, process, system, etc. for accountability.
- Integration with existing systems to utilized already captured data and monitoring based on control requirements.
- Integration with communication systems such as email for collaboration and routing.
- Complete tracking of all activities for audit and issue management.
- On-demand reporting flexibility.
The most effective solution for handling multiple compliance needs will also need to meet the following requirements to improve ease of implementation, usability, rapid reaction to issues, business integration, and optimized cost effectiveness:
Enhanced Requirements
- Single platform for a common management system to reduce complexity, training and support.
- Business Process Management (BPM) based to insure integration and maximum flexibility for customization and expansion.
- Forms and template driven with no programming to improve implementation and usability.
- Role based interfaces to meet the needs of the stakeholders most efficiently.
- Distributed task routing of tasks to individual task holders and not require them to access the system thus reducing the cost of training and support.
- Real-time continuous control monitoring for the most up-to-date status.
- Executive dashboard monitoring and alerts for faster response time.
Top
A Next Generation Multi-Compliance Solution
Compliancy Software’s Internal Control
Management (ICM) is a next generation solution for automating and managing business
processes for enterprise risk and compliance management that is easier,
more flexible, and more cost effective with a future.
ICM provides complete internal control management capabilities including
the documentation, automation and management of all compliance processes, rules
based routing, segregation of duties, security authorization, automated
testing/auditing, certifications, evidence tracking, issues management and
reporting.
The Compliance ICM solution
is a single integrated platform that is Business Process Management (BPM)
based and forms and template driven making it easier to implement and use, is
extensible to cover any risk management process and compliance regulatory
requirement, and can be utilized to automate general operational business workflow
processes.
It enables a new level of ease of use for any level of user and enables
a company to truly push down the task ownership to the company business units
without requiring them to access the entire system thus reducing training,
support and bottlenecks.
Top
Easier, Faster Business Value That Is Future Proof
and More At NO Additional Cost
Compliancy makes it easier to quickly get started and then evolve as needed with roles based interfaces, SOX specific templates, and no programming
required. Compliancy customers have been
up and running in as little as a weeks time. Our research has clearly shown 20-50% increase
in savings versus more traditional methodologies and an increase in 20-30%
faster response to issues.
Why buy multiple solutions when you can have one platform that can meet your multi-compliance needs, integrate your complete risk, compliance and general business processes and be future proof.
Compliancy Software has the solution to meet your needs.
For more information contact us at info@compliancysoftware.com or call +1-919-342-6212
Top
|
