Presentation is loading. Please wait.

Presentation is loading. Please wait.

GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM GRC SUMMIT.

Published byJared Bradford Modified over 8 years ago

Similar presentations

Presentation on theme: "GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM GRC SUMMIT."— Presentation transcript:

1 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV MetricStream GRC Summit 2013: Product Showcase ENGAGE | INSPIRE | TRANSFORM → W E L C O M E

2 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV ENGAGE | INSPIRE | TRANSFORM Aneesh Bhatnagar Associate Director – Product Multi-Dimensional Risk Management & Sneak Preview of What’s Coming Aneesh Bhatnagar Risk Management

3 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Agenda 1.Multi-Dimensional Risk Management 2.The Year 2012 3.What’s new in Risk Management 6.1? 4.ORM – What’s Coming? 5.The Road Ahead - 2013 6.2014 and Beyond…

4 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Multi-Dimensional Risk Management

5 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Impact and Likelihood – JUST NOT ENOUGH! Don’t do it just for SOX and Financial controls Don’t rely on Heat Maps alone – They are 2 Dimensional

6 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Impact, Likelihood, Vulnerability, Frequency, Velocity etc Specific Factors for Each Risk Key Indicators (KXI’s), Probable and Actual Loss Events, Near Misses, Incidents /Issues etc Consider… Example of Project Risk

7 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Need Aggregation?

8 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Want to use it for Audit Plan?

9 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Have ‘Planets’ view – Different Group’s Perspective

10 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Importance of Common Risk Taxonomy and Harmonization

11 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Importance of Metrics / Key Indicators

12 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Pervasive Every member of the Organization needs to be part of Risk reporting, help make decision and manage Risk – Greater or Lesser extent

13 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Pervasive Make it Social and Collaborative Make it Easy, Simple and Engage “Gamify”

14 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM The Year 2012 M e t r i c S t r e a m ’ s Risk Management Tool

15 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM The Year 2012… 1.Upload Processes, Risks, Controls etc in Bulk 2.Flexible Data Model for your GRC Library 3.Enhancements to Risk Assessment Planning and Scheduling Ability to schedule Assessment in different timeframe with a single plan Focus on configurability 4.Enhanced Risk Assessment Assess based on attributes like Impact and Likelihood in addition to other Quantitative or Qualitative Factors Ability to pick actual Controls and provide their Effectiveness Ability to add ‘Control’ on the fly during an assessment Ability to add ‘Risks’ on the fly to an assessment 5.Supports Ongoing Risk Assessment Ability to view and access list of all risk assessment tasks at any point of time, irrespective of scheduled frequency

16 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM The Year 2012… 5.Enhancements to Scoring logic Supports multiplication or addition of Factors like Impact, Likelihood, Frequency etc This could be different for each group doing Assessment from their Perspective 6.Reports Report and Charts to view risk rating across Organizations, Processes, Perspectives assessed in the system. Also, ability to drill down and view n level child risk ratings as per the context of risk assessment type. Cross Perspective Report (by Organizations / Core Objects) Risk Rating Report (by Organizations / Core Objects) Inherent and Residual Risks Breakdown (by Organizations / Core Objects) Risk Assessment Status 7.Heat Map Charts 14 Heat Map Reports to view assessed risk ratings across Organizations or Processes for the Risk Assessment Perspective being associated

17 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Ongoing Risk Assessment View Historical Assessment details and its trend

18 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Cross Perspective Report By Organization By Process

19 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 The ‘New Look’ Heat Maps View By Number of Risks or the Risks itself

20 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Unveiling Risk Management 6.1

21 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New?

22 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM There is SO Much

23 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Let’s look @ The HIGHLIGHTS

24 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM 1.Configurable Scoring Logic 2.Simplified ‘Excel-Like’ Risk Assessment/RCSA UI 3.Enhanced Quantitative and Qualitative Factors 4.Landing Page / Reports / Dashboards / Heat Map

25 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Configurable Scoring Logic

26 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Risk Scoring Algorithm – Inherent Score Drag and Drop Factors and Build Inherent Score Formula

27 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Risk Scoring Algorithm – Control Score Option to have … -An Overall control score or -Controls reducing Impact and Likelihood independently & -Controls reducing both Impact and Likelihood Option to have … -An Overall control score or -Controls reducing Impact and Likelihood independently & -Controls reducing both Impact and Likelihood

28 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Controls Mitigating Impact and Likelihood Helps arrive at Residual Impact and Residual Likelihood based on Control Scores

29 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Risk Scoring Algorithm – Residual Score Likewise drag, drop and build your Residual Score Formula

30 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Functions Select Functions to Aggregate, Average or Multiply scores of each Factor

31 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Simplified ‘Excel-Like’ Risk Assessment UI

32 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Old vs New

33 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 The New ‘Excel-Like’ Risk Assessment UI Screen ‘Excel-Like’ screen for your Risk Assessment

34 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Example Airport Operations

35 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Risk Assessment for ‘Airport Operations’ Summary view of all Organizations, Risks, Controls and their Rating and Score Assess Factors to arrive at Inherent Risk Scores Assess Controls and arrive at Overall Control sore and Effectiveness Scores Assess Factors to arrive at Residual Risk Scores

36 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM All in ONE Screen

37 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Risk Assessment for ‘Airport Operations’ Provide your assessment for each factor Summary Bar to view Score and Rating

38 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Risk Assessment for ‘Airport Operations’ Section to assess Controls related to the Risk

39 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Risk Assessment for ‘Airport Operations’ Section to provide your Residual score or let the system automatically calculate it for you

40 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Risk Assessment for ‘Airport Operations’ Floating Snapshot window - Helps preview the Rating as you respond to Risk Assessment. Reduced scrolling.

41 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Risk Assessment for ‘Airport Operations’ Contextual Action to Add Risks on the fly during Risk Assessment

42 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Risk Assessment for ‘Airport Operations’ Search Risks from GRC Library or Add a New one on the fly

43 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Risk Assessment for ‘Airport Operations’ Add New Risks on the fly

44 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Risk Assessment for ‘Airport Operations’ Newly Added Risks indicated by ‘Star’ symbol

45 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Risk Assessment for ‘Airport Operations’ Red Flag indicating incomplete Risk Assessments The red underline indicates mandatory fields

46 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Multi-Factor / Questionnaire Based Risk Assessment

47 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Multi-Factor Based Assessment Example of ‘Organization – Process – Risk’ type of Assessment

48 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Multi-Factor Based Assessment Multiple Processes under an Organization

49 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Multi-Factor Based Assessment Risks related to each Process

50 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Multi-Factor Based Assessment Multiple Factors for each Risk. This could vary for each Risk. Multiple Factors for each Risk. This could vary for each Risk.

51 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Enhanced Quantitative and Qualitative Factors

52 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Landing Page / Reports / Dashboards / Heat Map

53 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Risk Register

54 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Risk Program Overview

55 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 My Assessments

56 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Other Reports… Risk Rating Report Top Risks by Residual Impact Top Risks by Residual Likelihood Top Risks by Open Issues Top Risks by Overdue Issues Top Risks by Owners Risks By Organization Risks by Category/Hierarchy Risks by Assessor Risks by Approver Risks by % Change Control Assessment by Risks Control Rating by Owner Overdue Risk Assessments Overdue Risk Assessments by Assessor Overdue Risk Assessments by Approver Assessment Status Risks with Delayed Assessments Risks with Assessments Before Due Date

57 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM ORM

58 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Loss Events Multi-Currency Support Direct Loss Indirect Loss Near Misses Additional Cost Recoveries Amount based workflow Multi-Currency Support Direct Loss Indirect Loss Near Misses Additional Cost Recoveries Amount based workflow

59 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Loss Events Supports multiple Regulators

60 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Loss Event Type to Basel Lines of Business

61 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Loss Event Type to Internal Business Lines

62 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Top Loss Events

63 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM The Road Ahead 2013

64 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM The Road Ahead - 2013… 1.Asses Risks related to Objective, Product and Project 2.Enhancement to Risk Assessment Ability to specify Risk Response Workflow for Risk Acceptance Ability to specify Target Residual Approvals based on the Rating Ability to Print Risk Assessments 3.Identify Source, Consequence, Threat, Opportunity, Risk Acceptance and workflow related to them 4.Risk Polling/Surveys Ability to send out a survey/poll to arrive at the risk assessment 5.Support Mass Reassignment of Tasks 6.Bow-Tie Support Bow-Tie method to visualize Cause, Controls and Consequences

65 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM The Road Ahead - 2013… 3.Risk Acceptance Capability to define Risk Acceptance Profile Approval Workflow for Risk Acceptance and Target Date Extension 4.Enhancements to Scoring Logic Support weightage for Process, Risk, Organizations Capability to exclude scores of an Organization, Process or Risks 5.Multi Language Support 6.Data Upload Capability to upload one or multiple Risk Assessment Plans Capability to upload one or more Risk Assessments

66 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Bow-Tie Threats Consequences Risk / Event

67 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM What’s New in Risk Management 6.1 Bow-Tie Preventive Controls Detective Controls Threats Consequence Risk / Event

68 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM The Long Term V i s i o n

69 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM 2014 and Beyond… 1.Assess Risks without Scheduling and Planning 2.Offline Risk Assessment 3.Weighting for Organization, Process etc while Rolling up the Scores 4.Visualize your Risks and Interconnections using Mind Map like visualization 5.Enhancements to Risk Polling 6.Cost of Controls and its impact 7.Continuous Improvements to Scoring Configurability 8.Gamification

70 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Recap

71 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Impact, Likelihood, Vulnerability, Frequency, Velocity etc Specific Factors for Each Risk Key Indicators (KXI’s), Probable and Actual Loss Events, Near Misses, Incidents /Issues etc Consider…

72 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM Have ‘Planets’ view – Different Group’s Perspective

73 GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV Q u e s t i o n s a n d D i s c u s s i o n ENGAGE | INSPIRE | TRANSFORM [ Aneesh Bhatnagar ] [ aneeshb@metricstream.com ]

Download ppt "GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM GRC SUMMIT."

Similar presentations

Project Management with VIVA PPM Tool (Project Portfolio Management)

Project Management with VIVA PPM Tool (Project Portfolio Management)
PROQUEST SIRS ISSUES RESEARCHER INSIGHT INTO TODAYS LEADING ISSUES Online Tutorial sks.sirs.com | proquestk12.com.

PROQUEST SIRS ISSUES RESEARCHER INSIGHT INTO TODAYS LEADING ISSUES Online Tutorial sks.sirs.com | proquestk12.com.
CATS System Welcome Screen. Program Access and Authority Three levels of access: Super User: Can update and delete assigned program records (Contract.

CATS System Welcome Screen. Program Access and Authority Three levels of access: Super User: Can update and delete assigned program records (Contract.
PROJECT RISK MANAGEMENT

PROJECT RISK MANAGEMENT
Welcome to QuadraNet Systems.

Welcome to QuadraNet Systems.
HP Quality Center Overview.

HP Quality Center Overview.
Note: See the text itself for full citations. Information Technology Project Management, Seventh Edition.

Note: See the text itself for full citations. Information Technology Project Management, Seventh Edition.
A more efficient you. Introducing EmployerAccess Anthem’s easy-to-use online benefits management system Anthem Blue Cross is the trade name of Blue Cross.

A more efficient you. Introducing EmployerAccess Anthem’s easy-to-use online benefits management system Anthem Blue Cross is the trade name of Blue Cross.
GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM GRC SUMMIT.

GRC SUMMIT 2013 Apr 30 - May 1, 2013 | Mandarin Oriental, Las Vegas, NV © MetricStream, Inc. |All Rights Reserved ENGAGE | INSPIRE | TRANSFORM GRC SUMMIT.
Welcome to RAI, the future of collaborative Project Risk Management Overview of Project Risk and Issue Management RAI for the Project Manager RAI for the.

Welcome to RAI, the future of collaborative Project Risk Management Overview of Project Risk and Issue Management RAI for the Project Manager RAI for the.
Viewing this Tutorial Use the ‘Down’ arrow on your keyboard, or left click your mouse, to move to the next point. Use the ‘Up’ arrow to go back. Use the.

Viewing this Tutorial Use the ‘Down’ arrow on your keyboard, or left click your mouse, to move to the next point. Use the ‘Up’ arrow to go back. Use the.
Service Design – Section 4.5 Service Continuity Management.

Service Design – Section 4.5 Service Continuity Management.
CCMDB 7.2.

CCMDB 7.2.
Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.

Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.
Project Portfolio Management:

Project Portfolio Management:
Welcome Verde 2.0 A Sneak Preview March 16, 2006 We will start at 2:00 PM EST Don’t Go Away… Ted Koppel, Verde Product Manager Heidi Trockman, Marketing.

Welcome Verde 2.0 A Sneak Preview March 16, 2006 We will start at 2:00 PM EST Don’t Go Away… Ted Koppel, Verde Product Manager Heidi Trockman, Marketing.
2015.1 New Features Adaptive Suite.

New Features Adaptive Suite.
Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.
Part of the BRE Trust Protecting People, Property and the Planet BREEAM In-Use: the international sustainability standard for existing buildings – quick,

Part of the BRE Trust Protecting People, Property and the Planet BREEAM In-Use: the international sustainability standard for existing buildings – quick,
Project Standard and Professional 2007 Overview Alice Steinglass Senior Lead Program Manager Microsoft Corporation.

Project Standard and Professional 2007 Overview Alice Steinglass Senior Lead Program Manager Microsoft Corporation.

Similar presentations

Ads by Google