On-Demand Compliance

In control every step of the way

Whole-of-Business

Engagement

Automated

Workflow & Reporting

Self Service

Portal

Audits AssessmentsNotifications

Embrace the Enterprise

Shared duty of care

WorkflowManagement

Site Managers

Employees

Vendors

Contractors

Regulators

Customers

Self Service Portal

• Single point of access• Secure, data-aware login• Decentralised User Administration• Configurable access to portal functions• Users only need to do and see what they need• Designed for inbound and outbound compliance

Interactive Forms and Questionnaires with Regulatory Intelligence

Set up the Content

• Scheduled• Self-Served

Create

• Respond• Attach

Submit • Review• Evaluate

Review

• Modify• Upload

Refine • Finalise• Report

Approve

Control the Process

Secure data management

Report the Results

Hands-off automated compliance

Day 2

Welcome to the

iComply User Forum 2010

Compliance Trends

Tony Stephenson Director

Compliance TrendsThe role of risk management is still a mystery for most businesses. As executives and board members weave it into their corporate strategy and practices, they will look for ways it can improve their bottom line as well.

Forrester Research

Risk management will increasingly consider third parties and industry issues. Recent failures in the financial sector as well as in retail, food and drug, and other industries have demonstrated clearly that an internal view of risk management is woefully incomplete. The growing connection of businesses through supply chain and sourcing relationships will not be ignored in 2010, which means compliance and risk professionals will be expected to have tighter oversight and control over external aspects of the organization.

Corporate Integrity

The Risky Nature of the Extended Enterprise

• Organizational complexity• Fuzzy boundaries• The struggle to identify,

manage and control GRC• Business relationship life cycle

Extended Business Relationships

• Supply chain• Value chain• Vendors• Service providers• Outsourcers• Contractors

• Operational risks• Regulatory compliance• Environmental and emissions• Geo-political• Health and safety• Import and export• International labour standards• Quality• Security• Supply-chain risks

Ultimately, Your Reputation and Brand are at Risk

Risk and Compliance Issues

An Unseen Problem

• Risk is only considered during relationship acquisitiono Life Cycle risks are ignored

So often organizations look at the surface of a relationship and fail to foresee issues that can cascade, causing severe damageto reputation and exposure to legal and operational risks.

• Partner performance evaluations neglect risko Metrics are focused on vendor delivery of products and

services

•Issue Notification & Reporting

•Issue Management•Collaboration

•Surveillance Planning•Code of conduct compliance reviews

•Risk and Performance Validation

• Risk intelligence & Monitoring

• Risk Assessment• KRI Reporting• Alerts

• Real time regulatory intelligence

• Renewal management

• Managed compliance self-assessment

• Attestation Compliance Monitoring & Management

Risk Monitoring & Management

Issue Management

Auditing & Assessment

• Baseline Assessment and Ranking

• Contract Execution• Code of Conduct Attestation• Policies and Procedures

Relationship Acquisition

Relationship Life-Cycle

Roadmap to Extended Enterprise Risk Management

• Policies and procedures

An organization can face reputation and economic disaster by establishing ormaintaining the wrong business relationships

• Build the Team

• Risk criteria• Re-evaluate and re-engage• Ongoing monitoring and reporting across the life-cycle

Key Success Factors• Ownership and accountability

• Actively monitor all business partners for:o Adherence to code-of-conduct standards and key regulatory

policieso Changes in risk profile based on targeted risk assessments

• Manage the baseline and ongoing assessment processes

• Streamline the process• Manage the issues• Use verifiable evidence to readily attest to “in compliance” and

“in control” status

Licensing ModelsUser based

Up Front

Capital Spend

Few Users, many audits

Audit based

PAY as you Go

Revenue Spend

Few Audits, many users

• Intro• Flexibility• Road Map• Demo• Group discussion

iAppraise Risk Management