tag:blogger.com,1999:blog-53051482904406535812011-04-21T21:06:49.957-07:00Syed Salman Chishtihttp://www.blogger.com/profile/02117252451540569231noreply@blogger.comBlogger11100tag:blogger.com,1999:blog-5305148290440653581.post-55105087226391377052008-10-06T09:48:00.000-07:002008-10-06T10:08:05.614-07:00<a href="http://governanceriskandcompliance.blogspot.com/" title="Governance, Risk, and Compliance">Governance, Risk, and Compliance</a> or <span style="font-weight: bold;">"GRC"</span> is an increasingly recognized term that reflects a new way in which organizations can adopt an integrated approach to these three areas. However, this term is often positioned as a single business activity, when in fact, it includes multiple overlapping and related activities within an organization, e.g. <a href="http://www.favoredsolutions.net/GRCProducts/HighPointAudits.aspx" title="internal audit">internal audit</a>, compliance programs like <span style="font-weight: bold;">SOX</span>, <a href="http://www.favoredsolutions.net/GRCProducts/GRCEnterpriseRiskManagement.aspx" title="enterprise risk management"><span style="font-weight: bold;">enterprise risk management</span></a> (ERM), <a href="http://operationalriskmanagementsoftware.blogspot.com/2008/06/it-governance-risk-and-compliance-itgrc.html" title="operational risk management"><span style="font-weight: bold;">operational risk</span>,</a> incident management, etc.<br /><br /><a href="http://governance-risk-compliance.blogspot.com/2008/06/overview-of-governance-risk-and.html" title="Governance">Governance</a> is the responsibility of senior executive management and focuses on creating organizational transparency by defining the mechanisms an organization uses to ensure that its constituents follow established processes and policies. A proper governance strategy implements systems to monitor and record current business activity, takes steps to ensure compliance with agreed policies, and provides for corrective action in cases where the rules have been ignored or misconstrued.<br /><br /><a href="http://enterpriseriskmanagementsoftwares.blogspot.com/" title="Risk Management">Risk Management</a> is the process by which an organization sets the risk appetite, identifies potential risks and prioritizes the tolerance for risk based on the organization’s business objectives. Risk Management leverages internal controls to manage and mitigate risk throughout the organization.<br /><br /><a href="http://compliancesoftwares.blogspot.com/" title="Compliance Software">Compliance</a> is the process that records and monitors the policies, procedures and controls needed to enable compliance with legislative or industry mandates as well as internal policies<br /><br />While there are several on premise <a href="http://www.favoredsolutions.net/index.html">GRC solutions</a> available in the market for example ‘Paisley’, one of the successful GEC strategies for SMEs could be to go for an ‘On demand’ or hosted solution along with GRC implementation and professional services. I call it ‘Software plus Services’ strategy.<br /><br /><span style="color: rgb(0, 0, 153);"><u>Software plus Services</u></span> describes the idea of combining hosted services with capabilities that are best achieved with locally running software. It describes composite applications created by combining traditional software with remote services to provide consistent and seamlessly integrated user experience across devices and form factors. Software plus Services is a concept that Software As A Service (SaaS) complements the traditional packaged software running on both client or server by services adding value.<br /><br /><u style="font-weight: bold;"><span style="color: rgb(0, 0, 153);">SaaS GRC Software (on-demand) Vendors</span></u><span style="font-weight: bold;">:</span><br />Some of the hosted GRC applications with the capabilities of best IT/GRC teams are:<br />1, Axentis<br />2, <a href="http://ondemand.favoredsolutions.net/">Favored Solutions </a><br />3, Paisley<br /><br /><br /><u><span style="color: rgb(0, 0, 153);"><span style="font-weight: bold;">Software-as-a-Service (SaaS) Benefits:</span><br /></span></u>With the increasing use of internet and due to heavy maintenance cost the latest trend is On-demand software, often referred to as ‘Software-as-a-Service’ (SaaS), is rapidly gaining attention of not only SMEs but large corporations as well and some of the benefits of ‘SaaS’ model are:<br /><br />1. Anytime, anywhere access.<br />2. Subscription based.<br />3. Cost effective.<br />4. Easy to maintain.<br />5. Automatic, off-site backups.<br />6. Secure.<br /><br />.<div class="blogger-post-footer"><img width='1' height='1' src='https://blogger.googleusercontent.com/tracker/5305148290440653581-5510508722639137705?l=ondemandcompliance.blogspot.com' alt='' /></div>Syed Salman Chishtihttp://www.blogger.com/profile/02117252451540569231noreply@blogger.com0