Results per page:



Match:

any search words

all search words

 

Governance, Risk & Compliance

ApprovalCompanies are exposed to a number of risks. Many incidents over the last years, e.g. bankruptcies, loss of sensitive data or damages by criminal activities resulted in more and more regulations industries have to adhere to. For the implementation of such directives next to organizational measures also extensive precautions in the IT systems are required. Completely new solutions have been created which manage the topic GRC holistically and help to reduce risks and avoid damage.

 

 

RiskAnalysis

The scope of GRC topics is wide. But two aspects are always in focus. One aspect emphasizes the fact that is is advantageous to act preventatively instead of taking measures after an incident has already occurred. The other aspect deals with the question how a requirement can be implemented efficiently. For both aspects it is necessary to intensively pay attention to the risks that need to be managed.

 

 

UserInstructionUser requirements are a good example for demonstrating how important the aspects mentioned before are. Good user requirements must have specific properties and must be testable independently from each other. This postulation from classic software engineering was adopted by industry-specific regulations, e.g. the validation of computerized systems that have to be applied especially in the pharmaceutical industry. Here a traceability matrix must be used to consistently document which user requirements have been recorded, how they have been implemented in the IT systems and how they have been tested. The objective is to avoid any risks that originate from the use of the software. This objective is much easier to achieve if the quality of user requirements is ensured already when recording them and if appropriate tools are used that can manage the traceability matrix.

The service „Governance, Risk & Compliance“ includes a selection of topics where each topic alone can be very comprehensive. The service offers help if GRC shall first be explored holistically. Alternatively single topics can be explored in-depth if there is only need for action in a specific area.

 

Service Description "Governance, Risk & Compliance"