As organizations find increasing pressure both from regulatory bodies and other stakeholders both inside and outside the organizations to comply with a growing list of by laws and regulations, audit departments increasingly find themselves trying to navigate complex audit environments. A complex audit environment differs from a traditional audit environment based on a number of[…]
This research report summarizes Blue Hill observations and conclusions following a series of research interviews conducted between February and March 2016. The objective of this research was to investigate and analyze the relative impact and business value of the DoubleCheck audit process automation strategy, solution components, and value propositions described above among organizations confronted by[…]
Most GRC solutions include some sort of automated reporting, producing either preconfigured or customizable reports on organizational compliance and risk profiles, performance, and activities. These reports are generally used to understand current or historical performance, based on the data managed within the GRC solution. In their simplest variations, these automated reports replace any number of[…]
Risk Management & Reporting For Enterprises Governance, risk, and compliance (GRC) solutions evolved in response to growing information and process complexity of compliance and risk management. Initially launched in large part by Sarbanes-Oxley requirements, GRC has evolved into a full enterprise application for compliance and risk management. While the GRC vendor landscape remains fragmented, the[…]
This is Part Two of a four-part blog series on ERM that is from guest blogger Michael Rasmussen of GRC 20/20 Research. To maintain the integrity of the organization and execute on strategy, the organization has to be able to see their individual risk (the tree) as well as the interconnectedness of risk (the[…]