Compliance Template
With few exceptions, most organizations now have had a taste of what is involved in complying with regulatory mandates, whether they be HIPAA or SOX section 404. They have spent the money (the average Fortune 1000 company will spend $2 million or more on compliance through 2005) and seen the resources required (the effort of 70 percent of all companies surveyed in a recent study is greater than 10,000 hours). They are also realizing that 1.) regulatory compliance is not a one time expense but instead is an ongoing one that is far greater than they ever anticipated 2.) time to create controls, gather evidence and provide reporting is ever shortening (section 409 of SOX will mandate real-time disclosure of occurrences that have a material impact on the company’s financial condition). Because of these factors, organizations are starting to heed the recommendations of most leading analyst firms and organizational thought leaders that: 1.) compliance must be re-thought as an integral part of an organization’s business processes, not simply an auditing and reporting exercise and 2.) a programmatic vs. project based/one-off approach is critical to reigning in costs and mitigating risk as more regulatory requirements appear on the horizon and compliance timeframes condense, and 3.) the emphasis of a compliance solution must shift from auditing what has already occurred, to automatically detecting and preventing violations before they happen. While each compliance mandate has its own specific requirements, all have a common denominator: the need for greater visibility and control of content and processes to lower business and financial risk. BPM enables process automation and facilitates process monitoring management, which offers end-to-end visibility and control of the process, both of which are crucial to compliance. BPM enables organizations to capture information on its processes and controls as specified by regulatory mandates and ultimately evaluate the effectiveness of its internal control system as a whole. It also helps them intuitively organize, securely store, and easily access compliance-related documents to satisfy the needs of internal and external auditors and other business users. Organizations are able to leverage reporting capabilities that give a macro perspective for overall compliance assessments, as well as granular detail that enables management to look at different groupings of individual controls. BPM also involves process analytics, which enables managers to see how processes can be improved and areas of risk as well as audit trails to track and capture all process transactions. Red flags can automatically be raised in instances of compliance risk. Automation enabled by BPM shifts the emphasis from documentation of controls and preliminary testing to:
The Global 360 Active Compliance Framework includes: Comprehensive Compliance Solution
Benefits
|
Global 360 Compliance White Paper 
|
Compliance Solution Brief