• About BWise
  • Message from the CEO
  • Growth Strategy & Mission
  • History
  • Management
    • Robert Pijselman
    • Luc Brandts
    • Tonny Boerboom
    • Berco Leeftink
    • Supervisory Board
  • Sales & Marketing
    • Leon la Porte
    • Marcel Starink
    • Tracy Varnum
    • Clarinda Dobbelaar
  • Career Opportunities
  • What is GRC?
• Industries
  • Energy & Utilities
  • Financial Services
  • Manufacturing
  • Pharmaceuticals & Chemicals
  • Services
  • Other Industries
• GRC Challenges
  • Convergence of GRC
  • Continuous Controls Monitoring
  • Corporate Governance
  • IT Governance
  • Regulatory Compliance
    • Basel II
    • Bill 198
    • FERC & NERC
    • MiFID
    • Model Audit Rule (MAR)
    • Sarbanes-Oxley
    • SAS 70 & SSAE 16
    • Solvency II
  • Financial Governance
  • Operational Risk
  • Enterprise Risk
  • Internal Audit
  • Health, Environment & Safety
  • Corporate Social Responsibility
  • Process Standardization
  • Soft Control Testing
• Solutions & Services
  • GRC Platform
  • Solution Components
    • Corporate Control
    • Compliance Management
    • Continuous Controls Monitoring
    • ERM Dashboards
    • Internal Audit
    • Internal Control
    • Loss & Incident Database
    • Policies & Procedures
    • Process Management
    • Risk Analysis
    • Risk Assessments
  • Templates
    • Basel II
    • COBIT
    • Model Audit Rule (MAR)
    • MiFID
    • Solvency II
    • SAS 70 & SSAE 16
    • Soft Control Testing
    • IT Control & UCF
  • Implementation Methodology
  • Business Consulting
  • Training & Certification
    • BWise 4.0
    • BWise 4.1
    • End User Training
    • Certification
    • Organization
• Web TV
  • Customer references
    • AEGON
    • DSM
    • FMP
    • France Telecom
    • Headwaters
    • Robeco
    • Roche
    • Swiss Life
    • TNT
  • Product demonstration
  • About BWise
    • Ad hoc or structured approach
    • BWise at a glance
    • Customer value at BWise
    • Vision & Strategy
  • Customer events
    • DACH Customer Summit 2010
    • French Customer Summit 2009
    • North American Customer Summit 2009
    • North American Customer Summit 2008
    • Trustday 2008
• Partners
  • Partner Program
  • Partners Overview
• News & Events
  • Events 2010
    • Archived webinars 2009
  • News 2010
    • 2009
    • 2008
  • Articles 2010
    • 2009
• Contact
  • Offices
  • Support

What is GRC?

Governance, Risk Management and Compliance, or GRC, is a relatively new topic. It is the integrated approach companies apply, to establish strong governance in an organization, through solid risk management and demonstrated compliance.

Formal definitions                                                                                                     OCEG is a nonprofit organization that uniquely helps organizations drive, what they call, ‘principled performance™’ by enhancing corporate culture and integrating governance, risk management, and compliance processes by providing guidelines and standards, establishing a community of practice and by developing evaluation criteria and benchmarks. Click here for the formal definitions from the OCEG Redbook 2.0 for Governance, Risk and Compliance. For more information about OCEG, visit www.oceg.org.
                                                                                                                                         How does BWise support the GRC process?
In laymen terms, what does BWise do to support the GRC process in your organization?

Governance:
BWise enables you to keep track of organizational structures, and document and communicate all relevant business processes, policies and procedures. A full audit trail is maintained of organizational and legal structures, lines of communication with stakeholders and third parties, including contracts. BWise helps to establish and test the corporate culture via code of conduct training, integrity and ethical values surveys and other soft controls. Finally, BWise enables you to perform independent reviews by the Internal Audit department, thus implementing a successful third line of defense.

Risk Management:
BWise enables you to capture all risks that have an (adverse) effect on your organization’s objectives. BWise then enables to assess the level of risk, define a risk response at any required level of detail with measures, processes and controls. BWise then enables you to monitor risks, via Key Risk Indicators, Incident management and other means. Finally, BWise provides the technology to analyze the risks at all levels, to drive improvement plans, lowering risks and costs.

Compliance:
BWise enables you to keep track and understand all the regulatory requirements your organization faces. BWise enables you to converge all the different regulatory requirements, ensuring compliance needs to be proven only once, and reported to different regulators as much as is required. BWise ensures everyone in your organization understands what they need to comply with. Most importantly, BWise ensures actual compliance can be proven continuously to the most strict of regulators by safely collecting all the required evidence.

Please contact us for more information about BWise and GRC.