Simplified and Unified Enterprise Governance Risk & Compliance

Drive growth with iSPIRAL eGRC solution
Supporting COSO Framework standards

Artboard 1

With our eGRC Solution (RCMS Platform) , you can set strategic business objectives and KRIs in one central repository where you can define, classify, and connect risks to control activities within business processes.

Artboard 1 copy

This allows end-users to perform impact analysis and generate reports on potentially high-risk areas of the business where controls should be leveraged.

Artboard 1 copy 2

Our enterprise governance, risk, and compliance solutions (Risk Management, Compliance Management, Internal Audit Management, Incident & Loss Management) are fully integrated, and they work perfectly together and apart.

Artboard 1

Risk Management

This Module provides an easy-to-use, and efficient means to significantly improve activity execution and data quality for the risk management process. It enables the identification, assessment, and management of risks across an organization. It allows for:

Incident & Loss Management

This Module manages all incidents, from financial losses, to workplace injuries through to security breaches. It provides a set of features for documenting, reporting, and investigating incidents and losses. It allows users to register, analyze and manage identified incidents including defining incident management actions, delegating responsibility and aggregating financial losses. It allows for:

Compliance Management

This Module provides the ability to ensure and demonstrate compliance with internal and external standards, legislations, procedures and codes of conduct. It allows users to register and manage compliance requirements stemming from an obligation, either due to a regulation, an external audit or other source. Users can register an obligation (e.g. audit by an external entity – such as PCI) and then add the compliance requirements that need to be managed. Each requirement is registered and the defined actions associated to the fulfilment of the requirement are defined. It allows for:

Internal Audit Management

This Module automates the audit life-cycle and workflow activities. It enables the scheduling, planning, and conducting of audits/assessments, the subsequent identification of non-conformances, and triggering and tracking of recommendations, management responses and actions for improvement. This can be performed either based on standard audit programs or via a risk based approach as a result of a risk assessment. It allows for:

Unified Actions & KRIs Monitoring

The Unified Actions Management Module provides central access to all actions to be monitored form the Risk, Compliance, Audit and Incident Management modules. This includes the functionality to assign and follow up actions / tasks and maintain a chronological history of the updates received. It allows for:

Alert & Notifications Management

It provides the capability to configure and generate alerts via email and text messages to notify defined users of specific system / data events of interest. This can include expiration of deadlines, registering of a high risk, changes to a risk rating, registering of an incident, assignment of an action, etc. In addition, the system allows users to generate ad hoc alerts to other system users regarding specific information visible through the system interface. It allows for:

Reporting & Document Management

It provides the capability, to generate pre-defined reports, ad hoc reports and to attach and manage documents at all screens / forms of the system. A relevant document can be attached to a specific system form and can be accessed by all users accessing the form or can be searched via the search capabilities. Standard reports can be accessed via the Reports Module and ad hoc reports can be designed and generated by users as needed. It allows for:

Access & Data Management

The RCMS Platform provides a comprehensive access and authorization management module that is utilized to define user roles, authorization parameters and data / project level access control. In addition, a Data Management module allows privileged users to manage the different data elements utilized by the system and create custom data parameters.

The data parameters are utilized by the functionality modules for the execution of the risk and compliance management process activities. It allows for:

Benefits

Client Stories

Bank of Cyprus

Bank of Cyprus, with a long presence and tradition in the banking and financial services in Cyprus, has selected iSPIRAL and its Enterprise GRC solution to tackle its Risk Management & Compliance processes.