GRC functional

Risk Management

GRC functional

Audit Management

GRC functional

Incident Management

GRC functional

Regulatory and Compliance Management

GRC functional

Forensic Services Management

GRC functional

Information Security Management

GRC functional

Policy & Compliance Management

GRC functional

Business Continuity & Resilience Management

GRC Value Added

Third Party Governance

GRC Value Added

Insurance Management

GRC Value Added

Ethics Management

ARROW

Functional and Value Adding Disciplines

As organisations mature their Governance Risk and Compliance functions and as these functions specialise and expand, Integrated GRC will be the glue that binds these various disciplines, ensuring alignment, Integration and a single clear and collaborative message enabling correct decision making. This integration will be the Single Source of Truth, thus reducing redundancies, duplications, contradictions and ensuring a combined view from various perspectives.

Puleng, being a specialist in the delivery of Integrated Digital and Collaborative GRC Solutions and Advisory, with a strategy defined by best practices, assists our clients to remain ahead and relevant. Based on the above, our defined integrated service approach is applied across the various disciplines we service.

The below mentioned functional disciplines and our methodologies and practices are supported and enhanced through the use and implementation of the RSA Archer Suite of technologies.

As the core assurance functions within your organisation matures, these functions operations can be enhanced or complimented by other services and disciplines. This will help enhance the integration and collaboration. With this in mind, Puleng offers value adding systems design, implementation and support for additional functional disciplines including Third Party Governance, Insurance and Ethics Management.

OUR INTEGRATED SERVICE APPROACH INCLUDES:

Design and delivery of Internal Methodologies and processes across the various Disciplines we service.

Governance Risk and Compliance functions

System design and documenting to enable and complement your internal methodologies across the various Disciplines we service.

Governance Risk and Compliance functions

Configure, Implement and test the requested system as per provided specifications and in line with any internal methodologies and best practices across the various Disciplines we service.

Governance Risk and Compliance functions

Where requested and required, we provide Data Cleansing, Data Migration, Data Standardisation and Data Classification and Content Management.

Governance Risk and Compliance functions

Application and user support for the systems implemented. Includes 1st line, 2nd line support or both. In addition, we provide custom user training on implemented modules and admin training, where requested.

Governance Risk and Compliance functions

In an ever-changing world, we understand the need for constant change and enhancements, which we are ready to assist with if required. We offer system maintenance and configurations services.

Governance Risk and Compliance functions

Enterprise Management

Enterprise management is the core of the Integrated GRC and Assurance platform and help organisations structure their most basic information on top of which will sit the disciplines noted further below. The Enterprise management module includes:

  • Business Assets and Maturity Assessments
  • Enterprise Planning and Objectives
  • Risk and Controls Libraries
  • Issues Management
  • Standard Libraries
  • Organisational structures
  • Business Infrastructure

 

Operational Risk Management

This module houses the main operational functions and objectives required for effective and efficient risk management, including:

  • Annual Risk Planning
  • Risk Registers
  • Risk Projects and Engagements
  • Risk Maturity and Attestations
  • Risk Quantifications and Assessments
  • Risk Events Management
  • Key Risk Indicators
  • Risk Remediation and Action Plans

Audit Management

Audit management is key to ensure that business functions and others alike are kept honest and efficient in their operations and management.
Our Audit Management approach includes:

  • Annual Audit Planning
  • Audit Engagements
  • Audit working papers
  • Issue Management
  • Remediation and Action Plans
  • Reviews Feedback and Surveys
  • Quality Assurance

 

Forensic Services Management

In a world of constant demand for people and companies to achieve, companies need to be ever aware of fraud risk and events which could affect them.
Our Forensic service management suite includes:

  • Annual Fraud Plans
  • Fraud Proactive Engagements
  • Fraud Incidents and Response
  • Fraud Investigations
  • Internal and External Sanctions
  • Fraud Risks Assessments
  • Issue Management
  • Remediation and Action Plans

Information Security Management

Information and data security is pivotal to every organisation, as the world digitises and improves. With this in mind, Puleng’s Information Security approach includes:

  • IT Risk Management
  • Controls Assessments and Assurance
  • Cyber Risk Quantifications
  • IT Regulatory Management
  • Vulnerabilities Management
  • Incident and Breach Response
  • Issue Tracking and Remediation
  • IT Security Maturity and Management

Incident Management

With so many events and incidents occurring in our organisations today, we need a way to effectively and efficiently monitor, manage and report on all of these, but still maintain the segregated, but integrated view. Our Incident management includes:

  • Security Incidents
  • Fraud Incidents and Response
  • Ethics Incidents
  • Insurance Incidents
  • Risk Events
  • Policy and Compliance Breaches
  • Loss and Privacy Events

Regulatory & Compliance Management

With increasing regulation and demands from external regulators and governments, organisations find themselves scrambling to manage and monitor compliance. The regulatory compliance module includes:

  • Regulatory Management
  • Obligations Management
  • Annual Compliance Planning
  • Compliance Engagement Management
  • Compliance Breaches Management
  • Compliance Controls Monitoring and Assurance
  • Issue Management
  • Remediation and Action Plans

 

Policy and Compliance Management

Organisations often concentrate on managing external regulatory compliance but forget about their own internal compliance management. Organisations looking for a way to effectively manage and monitor internal compliance should consider this module which includes:

  • Policy Program Management
  • Annual Compliance Planning
  • Compliance Engagement Management
  • Policy Breaches
  • Policy Controls Monitoring and Assurance
  • Policy approvals and workflow
  • Issue Management
  • Remediation and Action Plans

Business Continuity & Resilience Management

In times of crisis and disaster, organisations should be ever ready to manage and respond. To properly plan, manage, monitor and respond, organisations need to ensure they have a comprehensive business continuity and resiliency strategy and plan. This module includes:

  • Business Processes
  • Business Impact Analysis
  • BC/DR Plans
  • Critical Assets, People, Facilities, Devices, etc.
  • Plan Testing and Activations
  • Crisis Management
  • Remediation and Action Plans

Third Party Governance

The Third-Party Governance Module includes:

  • Third Party/Vendor Catalogues
  • Third Party Risk Management
  • Third Party Engagements
  • Compliance Management
  • Third Party Assessments
  • Third Party Sanctions
  • Third Party Management
  • Remediation and Action Plans

 

Insurance Management

The Insurance Management Module includes:

  • Incident Management assessment and Logging
  • Investigation and Containment
  • Automatic Notifications and triggers
  • Status tracking and reporting
  • Status tracking and reporting
  • Task and Actions Management
  • Assessments and follow-ups

Ethics Management

The Ethics Management Module Includes:

  • Ethics Risk Registers
  • Ethics Risk Assessments (Culture, Behaviour, Management Indicators)
  • Ethics Violations and Assessments
  • Ethics Maturity and Profiling Assessments
  • Issue Management
  • Remediation and Action Plans