Curated for content, computing, and digital experience professionals

Month: May 2005 (Page 6 of 12)

The Operational Approach to Governance, Risk Management, and Compliance

Today marks the official release of the public draft of the governance, risk management, and compliance (GRC) paper that I have worked on over the past couple months with Ted Frank, of The Compliance Consortium, and others. The writing of the paper was driven by three convictions:

  • GRC stands apart: Governance, risk management, and compliance are all of a piece–and they are related to a coherent set of objectives and practices that are fundamentally different from the other things going on in an organization.
  • GRC needs high level attention: Governance, risk management, and compliance comprise a set of concerns and objectives that must be dealt with at the board of directors and senior management level.
  • GRC is manageable: Even though governance, risk management, and compliance touch thousands of processes and objectives throughout an organization, there really is a small, manageable set of concerns that should inform board and management decision-making.

This last point relates to the “both forest and trees” view that I wrote about in my recent post on XBRL and Compliance. To make GRC manageable we need ways to zoom into the details and zoom back out to the big picture. Said more formally, we need ways to deal with the concept at different levels of abstraction, from fine-grained to chunky. XBRL looks promising in this regard.

One of the key ideas expressed in the paper is that the United States Sentencing Commission guidelines regarding compliance and ethics can serve as a good starting point for identifying the important, board and senior management level GRC objectives. This idea is practically appealing, since following the guidelines can result in a 95% reduction in penalties in the event that, despite a company’s best efforts to prevent it, fraudulent activity takes place. The intent of the paper is to also make this idea appealing at an operational and functional level — we believe that we make the case that concentrating on just seven objectives can get management and board members focused on the right concerns and questions.

If this interests you, take a look at the paper.  If you have comments, you can of course add them here — but if you want your comments to get more in the way official consideration, you should also express your views on the Compliance Consortium website.

Gilbane Report & Compliance Consortium Publish Paper on Operational Framework for Managing GRC Enterprise-Wide Compliance

For Immediate Release:

5/16/05

Document Serves as Foundation for Managing Sarbanes-Oxley and Other Regulatory Mandates

Contacts:
Mary Laplante
Bluebill Advisors, Inc.
617.497.9443 ext 212
mary@gilbane.com

Cambridge, MA, May 16, 2005. The Gilbane Report and The Compliance Consortium, an international membership organization to promote effective governance, risk and compliance management (GRC), has published its operational approach for managing GRC requirements within the enterprise. Applicable to both public and private companies, the framework is designed to assist senior management and boards of directors in setting objectives for managing a wide range of compliance-related activities and instituting the programs needed to attain those objectives. This initial version is a “public draft” and is intended to invite constructive criticism and ultimately to build a broad consensus within the hundreds of companies that have registered as part of The Compliance Consortium Community over the past year. Interested parties may access “Governance, Risk Management, and Compliance: An Operational Approach” at https://gilbane.com/publications/GRC_Operational_Approach_PD1_0_050512.pdf or at www.thecomplianceconsortium.org.

About Bluebill Advisors, The Gilbane Report 
Bluebill Advisors, Inc. serves the content management community with publications, conferences and consulting services. The Gilbane Report administers the Content Technology Works program disseminating best practices with partners Software AG (TECdax:SOW), Sun Microsystems (NASDAQ:SUNW), Artesia, Atomz, Astoria, ClearStory (OTCBB:INCC), Context Media, Convera (NASDAQ:CNVR), IBM (NYSE:IBM ), Idiom, Mark Logic, Open Text (NASDAQ:OTEX), Trados, Vasont, and Vignette (NASDAQ:VIGN). www.gilbane.com

About the Compliance Consortium
The Compliance Consortium is an international membership organization designed to promote effective and efficient enterprise governance, risk and compliance management (GRC). Areas of interest include GRC best practices and reference architectures, influencing and contributing to GRC-related industry and computing standards and establishing conferences and other professional events focused on GRC-centric topics. Founding Consortium Members include Axentis, Approva, Corpedia, Hyland Software, Inc., Hyperion, Intuition, Jefferson Wells, Navigant Consulting and The Network. www.thecomplianceconsortium.org

About the Open Compliance and Ethics Group (OCEG)
OCEG is a not-for-profit organization that provides a framework (the OCEG Framework) for integrating governance, compliance, risk management, and integrity into the tangible practice of everyday business, drives adoption of the Framework through a multi-industry, multidisciplinary coalition and provides a community of practice for the exchange of information, tools, benchmarking and feedback for continual improvement of the Framework. www.oceg.org.

###

Ektron Unveils CMS400.NET Version 5.0

Ektron today unveiled Ektron CMS400.NET Version 5.0. In Version 5.0, Ektron delivers enhanced search capabilities, new calendar functions, and new Macromedia Dreamweaver integration. CMS400.NET Version 5.0 also ships with a new add-on component, Ektron DMS400, the companys recently released document management system designed from the ground up for the mid-market. Document management integration Ektron DMS400 is now integrated with CMS400.NET as an optional add-on module. Ektrons CMS and DMS share the same security, staging, collaboration, workflow, versioning, search, publishing, and globalization capabilities, all from a single user interface. Organizations can manage Microsoft Office documents and other digital files, and use the CMS to seamlessly publish documents to public sites, intranets, and portals. Ektron CMS400 version 5.0 is shipping now. Pricing begins at $7,200 for a 10-seat license and scales to $29,999 for unlimited users. Pricing for the Ektron DMS400 add-on ranges from $4,800 to $41,999. Ektron DMS400 will be available as a stand-alone product during this quarter. http://www.ektron.com

Arbortext & TRADOS to Provide Global Enterprise Publishing Solutions

TRADOS Inc. and Arbortext announced forming an alliance that closely ties the authoring and publishing processes with the entire globalization cycle. As a result, the alliance creates a global enterprise publishing solution that controls and streamlines the increasingly complex global content workflow. At the front of the lifecycle, where most costs are incurred, companies can create and manage content at both the micro-level of words, terms, phrases, and sentences and the macro-level of paragraphs, sections, or larger chunks. The new ability to preview documents ensures that content is translation-friendly and minimizes localization costs. At the end of the lifecycle, customers have more publishing options to deliver local content in any format, more rapidly covering “the last mile” to ensure that global information delivery is both timely and relevant. http://www.arbortext.com,

Gilbane Report & Compliance Consortium Publish Paper on Operational Framework for Managing Enterprise-Wide Compliance

The Gilbane Report and The Compliance Consortium, an international membership organization to promote effective governance, risk and compliance management (GRC), has published its operational approach for managing GRC requirements within the enterprise. Applicable to both public and private companies, the framework is designed to assist senior management and boards of directors in setting objectives for managing a wide range of compliance-related activities and instituting the programs needed to attain those objectives. This initial version is a “public draft” and is intended to invite constructive criticism and ultimately to build a broad consensus within the hundreds of companies that have registered as part of The Compliance Consortium Community over the past year. Interested parties may access the report at: “Governance, Risk Management, and Compliance: An Operational Approach” www.thecomplianceconsortium.org.

Arbortext Announces Version 5.2 of its Enterprise Publishing Software

Arbortext announced the company will release version 5.2 of its enterprise publishing software in September 2005. Representing a year-long development effort, this release has improvements in functionality and compatibility for organizations implementing enterprise publishing applications. The Import/Export feature, which provides conversion between word processing/desktop publishing files and XML, will provide over 50% new functionality and replace Arbortext’s Interchange product. The Import feature will offer much finer control over the conversion of styles into XML tags, so that word processing and desktop publishing files can more easily be translated into XML. The Contributor Web-based XML editor will be able to track changes (additions and deletions) so that editors can review, revise and approve documents more easily. In addition, Contributor will provide an API that provides developers with a greater level of control over the product’s functionality and appearance. DMC (Digital Media Composer) DMC replaces CD-ROM Composer and represents a major upgrade in Arbortext’s capability to publish large sets of documents that are too big to distribute over the internet. DMC can produce both DVDs and CD-ROMs for very large data sets and supports multiple volumes, password security and data compression. http://www.arbortext.com

Ipedo Releases New Version of Enterprise Information Integration (EII) Platform

Ipedo announced the latest version of its EII platform, incorporating several product enhancements to facilitate delivery of on-demand intelligence. Ipedo XIP 4.0 introduces a dual SQL/XQuery engine, giving it a broad span of information integration. The new release also features several new capabilities designed to reduce the cost and complexity of information integration, including a visual rules processing interface, Web Services publishing, and integration with BusinessObjects and Crystal Reports. In all, Ipedo XIP 4.0 has over 50 new additions and improvements, including enhanced query optimization techniques, new data source discovery and mapping capabilities, and new visual wizards for data import. Ipedo XIP leverages SQL and XML Query to integrate and manage information from disparate, complex data sources to enable real-time business decisions. Ipedo’s approach treats existing corporate databases and external data flows as a single, virtual data source. Ipedo XIP 4.0 is available now for Windows 2000, Windows NT, Sun Solaris and Red Hat Linux. Pricing is on a per-CPU basis. http://www.ipedo.com

« Older posts Newer posts »

© 2024 The Gilbane Advisor

Theme by Anders NorenUp ↑