Control & Compliance Managment

The risk2value® module for Control & Compliance Management allows the management of various control-frameworks and compliance-catalogs as an integrated management-system. As companies are uderlying an increasing number of compliance-frameworks and regulations an integrated management-system is the applicable answer to this requirement. Redundant requirements among multiple regulations lead to high efforts in managing these regulations. To solve this redundancies the requirements among different regulations can be mapped to each other to only evluate them once regarding their implementation status, effectivness and maturity level. Still the reporting can take place in the view of the specific regulations structures.

The modeling interface for controls and compliance-catalogs can be used to import official regulations or build individual catalogs (e.g. ICS-catalogs) and map their contents.

The method of monitoring the control-status, -quality and -maturity can be configured customer-specific. risk2value® allows to configure individual evaluation-mechanisms mit configurable evaluation- and documentation-criteria as well as calculation-formulas and aggregation methods.

The Control & Compliance Management module in risk2value® also includes internal interfaces to other risk2value® modules. Controls managed in the system can be mapped directly to riks from the Risk-Management module. Also activity items like measures, audit findings or incidents can be mapped controls during the control-assessment phase.

Futhermore risk2value® automatically logs all changes in an integrated audit trail and users can provide evidence when perfoming Control- or Compliance-Assessments to proove their evaluation.

Features

• Import of compliance-standards or modeling of individual control-frameworks
• Use of multiple indivdual evluation methods incl. calculation and aggregation methods for the evaluation of control-implementation / control-status
• Mapping of control from the different regulations and compliance-standards to reduce redundancies
• Workflow-based management of control- / compliance-assessment cycles
• Central monitoring over assessment progress
• Management and mapping of audit findings, incidents, compliance definciencies or exceptions as well as monitoring
• Tracability of all changes in th application in the central audit trail
• Users are alble to provide evidence for their evaluations
• Transfer from previous assessment-results and review of this information

Back to the overview of risk2value® Modules