INTEGRATED DIGITAL AND COLLABORATIVE GRC
AND ASSURANCE FRAMEWORK (iGAP)



Functional Disciplines

Overview

As organisations mature their Governance Risk and Compliance functions and as these functions specialise and expand, Integrated GRC will be the glue that binds these various disciplines, ensuring alignment, Integration and a single clear and collaborative message enabling correct decision making. This integration will be the Single Source of Truth, thus reducing redundancies, duplications, contradictions and ensuring a combined view from various perspectives.

Puleng, being a specialist in the delivery of Integrated Digital and Collaborative GRC Solutions and Advisory, with a strategy defined by best practices, assists our clients to remain ahead and relevant. Based on the above, our defined integrated service approach is applied across the various disciplines we service.

The below mentioned functional disciplines and our methodologies and practices are supported and enhanced through the use and implementation of the RSA Archer Suite of technologies.

Speak to a Consultant

All fields are required!

ENTERPRISE MANAGEMENT

Enterprise management is the core of the Integrated GRC and Assurance platform and help organisations structure their most basic information on top of which will sit the fictional disciplines noted further below. The Enterprise management module includes:

  • Business Assets and Maturity Assessments
  • Enterprise Planning and Objectives
  • Risk and Controls Libraries
  • Issues Management
  • Standard Libraries
  • Organisational structures
  • Business Infrastructure

 

OPERATIONAL RISK MANAGEMENT

This module houses the main operational functions and objectives required for effective and efficient risk management, including:

  • Annual Risk Planning
  • Risk Registers
  • Risk Maturity and Attestations
  • Risk Quantifications and Assessments
  • Risk Events Management
  • Key Risk Indicator Monitoring and Reporting

 

AUDIT MANAGEMENT

Audit management is key to ensure that business functions and others alike are kept honest and efficient in their operations and management. Our Audit Management approach includes:

  • Annual Audit Planning
  • Audit Engagement Management
  • Audit working paper Management
  • Issues Management
  • Remediation and Action Plans Tracking and Monitoring
  • Reviews Feedback and Surveys
  • Quality Assurance Management

 

FORENSIC SERVICES MANAGEMENT

In a world of constant demand for people and companies to achieve, companies need to be ever aware of fraud risk and events which could affect them. Our Forensic service management suite includes:

  • Annual Fraud Plans
  • Fraud Proactive Engagements
  • Fraud Incidents and Response
  • Fraud Investigations
  • Internal and External Sanctions
  • Fraud Risks Assessments

 

INFORMATION SECURITY MANAGEMENT

Information and data security is pivotal to every organisation, as the world digitises and improves. With this in mind, Puleng’s Information Security approach includes:

  • Vulnerabilities Management
  • Incident and Breach Response
  • Controls Assessments
  • Policy Program Management
  • Business Assets and Maturity Assessments
  • Cyber Risk Quantifications
  • PCI Management

 

INCIDENT MANAGEMENT

With so many events and incidents occurring in our organisations today, we need a way to effectively and efficiently monitor, manage and report on all of these, but still maintain the segregated, but integrated view. Our Incident management includes:

  • Security Incidents
  • Fraud Incidents and Response
  • Ethics Incidents
  • Insurance Incidents
  • Risk Events
  • Policy and Compliance Breaches
  • Loss and Privacy Events

 

REGULATORY AND COMPLIANCE MANAGEMENT

With increasing regulation and demands from external regulators and governments, organisations find themselves scrambling to manage and monitor compliance. The regulatory compliance module includes:

  • Regulatory Management
  • Obligations Management
  • Annual Compliance Planning
  • Compliance Engagement Management
  • Compliance Breaches Management
  • Compliance Controls Monitoring and Assurance

 

POLICY AND COMPLIANCE MANAGEMENT

Organisations often concentrate on managing external regulatory compliance but forget about their own internal compliance management. Organisations looking for a way to effectively manage and monitor internal compliance should consider this module which includes:

  • Policy Program Management
  • Annual Compliance Planning
  • Compliance Engagement Management
  • Policy Breaches Management
  • Policy Controls Monitoring and Assurance
  • Policy approvals and workflow

 

BUSINESS CONTINUITY AND RESILIENCY MANAGEMENT

In times of crisis and disaster, organisations should be ever ready to manage and respond. To properly plan, manage, monitor and respond, organisations need to ensure they have a comprehensive business continuity and resiliency strategy and plan. This module includes:

  • Business Processes Management
  • Business Impact Analysis
  • Business continuity and Disaster Recovery Planning
  • Critical Assets, People, Facilities, Devices, etc.
  • Plan Testing and Activations
  • Crisis Management