INTEGRATED DIGITAL AND COLLABORATIVE GRC
AND ASSURANCE FRAMEWORK (iGAP)
As organisations mature their Governance Risk and Compliance functions and as these functions specialise and expand, Integrated GRC will be the glue that binds these various disciplines, ensuring alignment, Integration and a single clear and collaborative message enabling correct decision making. This integration will be the Single Source of Truth, thus reducing redundancies, duplications, contradictions and ensuring a combined view from various perspectives.
Puleng, being a specialist in the delivery of Integrated Digital and Collaborative GRC Solutions and Advisory, with a strategy defined by best practices, assists our clients to remain ahead and relevant. Based on the above, our defined integrated service approach is applied across the various disciplines we service.
The below mentioned functional disciplines and our methodologies and practices are supported and enhanced through the use and implementation of the RSA Archer Suite of technologies.
Enterprise management is the core of the Integrated GRC and Assurance platform and help organisations structure their most basic information on top of which will sit the fictional disciplines noted further below. The Enterprise management module includes:
This module houses the main operational functions and objectives required for effective and efficient risk management, including:
Audit management is key to ensure that business functions and others alike are kept honest and efficient in their operations and management.
Our Audit Management approach includes:
In a world of constant demand for people and companies to achieve, companies need to be ever aware of fraud risk and events which could affect them.
Our Forensic service management suite includes:
Information and data security is pivotal to every organisation, as the world digitises and improves. With this in mind, Puleng’s Information Security approach includes:
With so many events and incidents occurring in our organisations today, we need a way to effectively and efficiently monitor, manage and report on all of these, but still maintain the segregated, but integrated view. Our Incident management includes:
With increasing regulation and demands from external regulators and governments, organisations find themselves scrambling to manage and monitor compliance. The regulatory compliance module includes:
Organisations often concentrate on managing external regulatory compliance but forget about their own internal compliance management. Organisations looking for a way to effectively manage and monitor internal compliance should consider this module which includes:
In times of crisis and disaster, organisations should be ever ready to manage and respond. To properly plan, manage, monitor and respond, organisations need to ensure they have a comprehensive business continuity and resiliency strategy and plan. This module includes: