Embed Size (px)
Citation preview
GRC Applications Overview/ NCOAUG
Michael Harron, Specialty Sales Manager - GRC
2
Agenda
• Introductions
• GRC Solution Overview
• GRC Intelligence
• GRC Manager
• GRC Controls
• Q&A
3
Oracle Solutions for GRC
GRC Application Controls
Transaction
Controls
Application
Access
Controls
Configuration
Controls
Reporting KRI & AlertsDashboards
GRC Reporting & Analytics
GRC Process Management
AuditManagement
Assessment
Custom or Legacy Applications
GRC Infrastructure Controls
Change
MgmtDigital
Rights
Data
SecurityIdentity
Mgmt Records
Mgmt
Pre-integrated with Oracle applications and technology, supports heterogeneous environments
Purpose-built business solutions for key industries and GRC initiatives
Best-in-class GRC core solutions to support all mandates and regulations
Issue &
Remediation
Event &
Loss Mgmt
Preventive Controls
4
Oracle GRC Reporting & Analytics
GRC Application Controls
Transaction
Controls
Application
Access
Controls
Configuration
Controls
Dashboards
GRC Reporting & Analytics
GRC Process Management
AuditManagement
Assessment
Custom or Legacy Applications
GRC Infrastructure Controls
Change
MgmtDigital
Rights
Data
SecurityIdentity
Mgmt Records
Mgmt
Issue &
Remediation
Event &
Loss Mgmt
Preventive Controls
Reporting KRI & Alerts
Pre-built dashboards aggregateinformation from all sources
Combine performance & GRCinformation
Respond to KRI and issues
Produce attestations anddisclosures
Configure to meet your specificneeds
5
Intuitive, graphical risk and control analytics.
View by location, regulation, due date, etc.
6
Consolidated view of financial balances from Hyperion Financial Management and risk rating from
GRC Manager
7
Oracle GRC Process Management
GRC Application Controls
Transaction
Controls
Application
Access
Controls
Configuration
Controls
Reporting KRI & AlertsDashboards
GRC Reporting & Analytics
GRC Process Management
Audit
Custom or Legacy Applications
GRC Infrastructure Controls
Change
MgmtDigital
Rights
Data
SecurityIdentity
Mgmt Records
Mgmt
Event &
Loss Mgmt
Preventive Controls
Management
AssessmentIssue &
Remediation
GRC system of record
End-to-end GRC processmanagement
Platform independent
Integrated control management
Closed-loop issue remediation
8
Manage Regulations, Policies and ProceduresAlign Regulations to policies to best-practice frameworks
Frameworks align corporate policies and associated controls to standards
Link shared policies and controls in master libraries for easy maintenance
Manage Multiple Regulations/Standards
9
Oracle GRC Applications Controls
Reporting KRI & AlertsDashboards
GRC Reporting & Analytics
GRC Process Management
AuditManagement
Assessment
Custom or Legacy Applications
GRC Infrastructure Controls
Change
MgmtDigital
Rights
Data
SecurityIdentity
Mgmt Records
Mgmt
Issue &
Remediation
Event &
Loss Mgmt
GRC Application Controls
Transaction
Controls
Application
Access
Controls
Configuration
Controls
Preventive and detective controls
What-if risk simulation
Automated controls testingPreventive Controls
10
Simplify segregation of duties
enforcement with simulation and
remediation
Mitigate risk of privileged user
access to enterprise applications
with approval workflow and audit
trails
Accelerate deployment and time
to value with pre-delivered
controls library
Detection
Access
Analysis
Compensating
Policies
Define
Access
Controls
Remediation
(Clean-up)
Preventive
Provisioning
Prevention
• Policy Library• Conflict Paths
• Policy Library• Conflict Paths
Oracle Application Access Controls GovernorEnforce proper segregation of duties
11
Implement field-, block- and/or
form-level controls to hide, mask
or validate information
Enforce business policy through
additional automated processes
Mitigate risk of application
changes with approval workflow
and audit trails
Add Navigation
&
Extend Forms
Add Approval
Workflows
Secure & Audit
Fields
Add Messages
&
Default Values
Enforce LOVs
&
Field Attributes
Prevention
Oracle Preventive Controls GovernorEnforce granular controls conditionally
12
Detection
Oracle Configuration Controls GovernorEnsure integrity of critical application setups
Document or
Compare
Configurations
Manage
Data
Integrity
Define
Configuration
Controls
Monitor
Configuration
Changes
Enforce
Change
Control
Prevention
Achieve consistent application
setup and operating standards
across multiple instances
Track complete audit trails for
changes to key configurations
Tightly control change
management to accelerate
development and test time
13
Detection
Oracle Transaction Controls GovernorIdentify inaccurate or fraudulent transactions
Perform
Transaction
Analysis
Define
Transaction
Controls
Review and
Address
Suspects
Preventive
Transaction
Controls
Prevention
Pre-delivered Transaction Controls
Suspect Transactions
Pre-delivered Transaction Controls
Suspect Transactions
Continuously monitor accuracy
of transactions and mitigate
exposure to fraud
•Test against thresholds
•Search for anomalies
•Perform transaction
sampling
