• About BWise
  • The Company
  • Mission and Values
  • Growth and Strategy
  • Message from the CEO
  • Management
    • Luc Brandts, CTO
    • Tonny Boerboom, COO
    • Rob van Straten, Global Head of Sales
    • Theo Marneweck, CFO
    • Harry Roelfsema, VP GPS
    • Robert Pijselman, CEO
  • Supervisory Board
    • Wim H. Heijting
    • Anna Ewing
    • Lars Ottersgard
  • Career Opportunities
  • BWise Blog
  • GRC Library
• Industries
  • Energy & Utilities
  • Financial Services
  • Insurance
  • Manufacturing
  • Pharmaceuticals & Chemicals
  • Services
  • Other Industries
• GRC Challenges
  • Case Management
  • Convergence of GRC
  • Continuous Monitoring/SoD
  • Corporate Governance
  • Corporate Social Responsibility
  • Enterprise Risk
  • Financial Governance
  • Internal Audit
  • IT Governance
  • Operational Risk
  • Process Standardization
  • Regulatory Compliance
    • Basel III
    • Bill 198
    • Conflict Minerals
    • FERC
    • Foreign Corrupt Practices Act
    • MiFID
    • Model Audit Rule (MAR)
    • NERC
    • Sarbanes-Oxley
    • SAS 70 and SSAE 16
    • UK Bribery Act
    • Solvency II
    • Turnbull
    • Unified Compliance Framework
  • Soft Control Testing
  • Sustainability Performance Management
  • Vendor Risk Management
• Solutions & Services
  • GRC Platform
    • Risk Management
    • Internal Control
    • Internal Audit
    • Compliance and Policy Management
    • IT GRC
    • Sustainability Performance Management
    • Process Management
    • Business Continuity Management
    • Continuous Monitoring/SoD
    • Continuous Auditing
  • Templates
    • Basel III
    • COBIT™
    • Model Audit Rule (MAR)
    • MiFID
    • Solvency II
    • SAS 70 & SSAE 16
    • Soft Control Testing
    • IT Control & UCF
  • Software as a Service
  • Implementation Methodology
  • Business Consulting
  • BWise Academy
    • GRC Training Program
    • IR Training Program
• Customers
  • Customer references
    • AEGON
    • AG2R LA MONDIALE
    • Ahold
    • DSM
    • FMP
    • France Telecom
    • Headwaters
    • Robeco
    • Roche
    • Swiss Life
    • TNT
  • Customer events
    • NASDAQ Closing Bell 2012
    • DACH Customer Summit 2010
    • French Customer Summit 2009
    • North American Customer Summit 2009
    • North American Customer Summit 2008
    • Trustday 2008
• Partners
  • Partner Program
• News & Events
  • News
  • Events
  • Webinars
  • News Room
• Contact
  • Offices
  • Support

Follow Us

• GRC Challenges
• Case Management
• Convergence of GRC
• Continuous Monitoring/SoD
• Corporate Governance
• Corporate Social Responsibility
• Enterprise Risk
• Financial Governance
• Internal Audit
• IT Governance
• Operational Risk
• Process Standardization
• Regulatory Compliance
• Soft Control Testing
• Sustainability Performance Management
• Vendor Risk Management

Convergence of GRC

The integration of Governance, Risk and Compliance Management initiatives into one converged approach is not easy. There are huge benefits to organizations that perform the duties involved in true GRC convergence. A successful, embedded and integrated GRC approach will result in a transparent organization, with streamlined processes, significant cost and time savings, reductions in key controls and risks, and numerous options for business performance improvements.

The importance of the Process-based approach to Convergence

To gain those benefits an organization needs to develop a GRC strategy. Internal audit, risk management and compliance departments need to work closely and agree on the framework to be used, for example COSO or ISO 31.000. Consensus must also be made on the language and definition of terms, as well as the GRC platform to be used to embed the GRC strategy into the entire organization. Many questions will need to be answered: How can various risk management and compliance initiatives be integrated into one overall corporate framework? For compliance, how can the enterprise ensure a control is tested once, but used many times for different regulatory reports? Regarding risk management, how do risks roll-up and relate? These are important and difficult questions to resolve.

Convergence is an ongoing process

Many well defined Enterprise GRC platforms are able to support an already converged organization, but convergence is a process, and very few organizations have already reached a truly converged state. Companies need a solution to assist them in the ongoing process of convergence, not only in the end result. Without a proper methodology and supporting technology to aid the enterprise in the convergence process, it may never achieve the desired converged state.

A true GRC platform that can grow along with your organization

The business process is the prime area where converged controls and risks meet. A truly integrated GRC solution will include a fully embedded process documentation solution. BWise enables an organization to document business processes at any level, from a strategic enterprise level down to transactional levels, with all the corresponding risks and controls. Risks and controls can be converged at all levels with the solution. The BWise solution is a process based GRC platform made up of nine modules and is flexible enough to grow along with the needs of the enterprise of today and in the future.