Effective February 2015, the Securities and Exchange Commission (SEC) published Regulation Systems Compliance and Integrity (Reg SCI). Reg SCI is a robust and extensive regulation that requires certain market participants that are essential to the US securities market function to have “robust technology controls and to promptly take corrective action when problems arise.” It was created in response to the increasing dependence on technology and heightened concerns of cyber security.
Efforts to comply with Reg SCI continue to push the risk management and compliance agenda. For example, there is increased pressure on the material accuracy of the Reg SCI report produced by the entity as senior management (i.e., the Chief Executive Officer, Chief Technology Officer, Chief Information Officer, Chief Compliance Officer, and General Counsel) and the board must submit statements to any material inaccuracies or omissions in the report.
SCI entities must also:
- Review and determine the criticality of systems
- Evaluate the design of software and system architecture
- Assess the completeness and any weaknesses in policies and procedures
- Review and evaluate the availability and capacity of operations and systems
- Evaluate and remediate any dependencies on vendors/3rd parties of systems and software
- Test and evaluate the efficacy of organizational business continuity and disaster recovery plans
HOW BWISE CAN HELP
BWise offers a suite of Governance, Risk, and Compliance (GRC) solutions that can assist SCI entities in complying with the components of Reg SCI. Each solution has the capacity to support the end-to-end process of specific risk management topics applicable to Reg SCI such as:
- information security
- vendor management
- compliance and regulatory management
- business continuity
- internal control
- enterprise and operational risk management
- policy and procedure/governance management
The BWise software can enable, support, and sustain the organization’s compliance and risk management processes. Illustrative solution capabilities include the following, and allow users to:
- Centralize risk data to mine, store for an audit trail, and monitor in real-time
- Configure dashboards and reports
- View portlets depicting particular end-user needs
- Seamlessly integrate vendor, 3rd party, or regulatory feeds
- Incorporate, evaluate, and summarize threats and vulnerabilities (e.g., cyber)
- Facilitate the organization’s risk and business impact assessment and analysis processes
- Support the governance process, including policy and procedure management
- Codify, simplify, execute, monitor, and summarize risk treatment and issue management activities
- Centralize, summarize, and evaluate controls and management activities
For more information, please contact us.
Select a GRC Platform?
Download the brochure: Top 7 Considerations When Evaluating GRC Software - A guide to selecting the best GRC platform for your company.
Role-based software solutions
Download the brochures about the software solutions we offer.
- BWise Internal Audit Software Solution
- BWise Risk Management Software Solution
- BWise Internal Control Software Solution
- BWise Compliance Management Software Solution
- BWise Information Security Software Solution
More information about Governance, Risk and Compliance can be found in our GRC Library.
For more information, contact us.