Introducing Microsoft Dynamics Governance Risk Compliance Dynamics GRC
- Slides: 46
Introducing… Microsoft Dynamics Governance, Risk & Compliance
Dynamics GRC 365 Agenda • Preface Definitions of GRC Defense of having GRC inside ERP • Principle Instruction Identification • Processing Risk analysis D 365 user forms Reports • Performance Organization Balance scorecards Worker performance management
What is GRC Microsoft Dynamics Governance, Risk & Compliance Governance, Risk Management, and Compliance (GRC) are three pillars that support a common goal of an enterprise. Well executed; it assures that an organization meets its objectives by promoting collaboration, transparency and effective controls. It compliments OHS (HSE) and ERP systems. Better still if it is all completely integrated.
Preface
Preface • Governance includes: • Formal Tender management • Trade & non-trade contract governance • Overlaps into Sanctions management
Preface • Contracts • Systematic process for creation, execution & analysis Life cycle Commercials Performance management Renew or Terminate Contract management includes negotiating the terms and conditions in contracts; Ensuring compliance with them, as well as documenting and agreeing on any changes or amendments.
Preface • Contracts • Breach & Remedies
Preface
Preface • Compliance includes: • Meeting management to prove compliance • Audits (internal & ISO audits) to check compliance • Legals Legal register Deed register Declaration of interest Trade mark register etc.
Preface • Meetings • A meeting is a routine activity • Members of an enterprise discuss organizational issues and other agenda through a gathering • It is even part of the weekly itinerary of many working individuals and business people • Meetings can be formal (or informal) preparation must be done to properly plan and execute the meeting • There are various types of meetings that may depend on its nature and the objectives or purpose
Preface • Meetings
Preface • Audits
Preface • Audits • Scheduling of audits • Raising non-conformance & other findings
Preface • Internal Audits • Audit universe to Audit file
Preface • Internal Audits • Audit universe to Audit file – Engage
Preface • Internal Audits • Audit universe to Audit file – Findings
Preface
Preface • All activities and actions
Preface • Risk includes the big three • Safety (operational) risk; focus on hazards • Enterprise risk; focus on business issues • Financial risk; treasury focus (youngest addition to risk suite)
Preface • Definitions continued… • Risk Any threat that, if it occurs, may prevent the activity’s objectives from being achieved in whole, or in part. • Inherent risk: The risk that an activity would pose if no controls or other mitigating factors were in place. • Residual risk: The risk remaining when you have implemented all the preventive actions you intend to. • Hazard: • ERM: Any source of potential damage, harm or adverse health effects on something or someone under certain conditions at work. The identification and management of all risks within the enterprise. It includes the process of evaluating the chance of loss or harm and then taking steps to combat the potential risk - Enterprise Risk Management.
Preface • Defense – why inside “ERP”? • Same user interface, same database, one code base • Risk can continuously be monitored, and act swift action • Efficient support of documentation and implementation of automated controls for any framework • Preventative, real-time approach across diverse departments and disciplines • Performance indicators across ERP to deliver a common, system wide view • Unified management of strategic, financial, operational and compliance risks across the organization
Preface • Defense – what is the purpose? • To protect the organization from severe financial disruption due to accidental losses or internal implosion • To do so at a cost that is affordable and does not fluctuate significantly from year to year • To protect assets from loss or destruction, • To create a safe work environment for employees, • Reducing the likelihood of injuring or damaging a third party Governance, Risk & Compliance is everyone’s business, all people can provide insight into the nature, likelihood and impacts.
Dynamics GRC 365 Agenda • Preface Definitions of GRC Defense of having GRC inside ERP • Principle Instruction Identification • Processing Risk analysis D 365 user forms Reports • Performance Organization Balance scorecards Worker performance management
Principle • Instruction • Risk identification: Which accidental losses will be incurred? • Risk measurement and evaluation: How likely is the risk to occur and how much will the damage be? • Analysis of risk treatment methods: How can the organization protect itself from these losses at an affordable and stable cost? • Selection and implementation of treatment methods: What combination of risk avoidance, control, and financing will yield the best result? • Monitoring performance of treatment methods: Are the methods performing properly, and if not, what alterations can be made to raise their performance?
Principle • Identification • Hazards
Principle • Identification • Risk categories • and other • setups
Dynamics GRC 365 Agenda • Preface Definitions of GRC Defense of having GRC inside ERP • Principle Instruction Identification • Processing Risk analysis D 365 user forms Reports • Performance Organization Balance scorecards Worker performance management
Processing • Risk analysis • Risk probability and impact The risk analysis process requires some form of measure of both the probability that the risk will occur and the possible impact. These will normally include, but not be limited to: Performance Cost Timescale Operational capability Company reputation Risk score = Probability scale x Impact scale
Processing • Risk assessment … from: • • • Trading partner contracts Internal Audit (RCM) Investigations Permit to work Inspections Incidents Projects Manual App
Processing • Risk assessment … from: • • Trading partner contracts Investigations Audit needs Incidents Projects Manual App
Processing • Risk assessment wizard • Guided steps to do a Risk assessment Who/ what might be harmed Possible consequences Inherent risk rating Mitigation Residual risk rating Completion
Processing • Main user forms • Risk register • Risk worksheet • Bow tie
Processing • Risk worksheet
Processing • Bow tie explained • 4 principles
Processing • Bow tie explained
Processing • Bow tie explained
Processing • Some reports • Risk register
Processing • Some reports
Dynamics GRC 365 Agenda • Preface Definitions of GRC Defense of having GRC inside ERP • Principle Instruction Identification • Processing Risk analysis D 365 user forms Reports • Performance Organization Balance scorecards Worker performance management
Performance What is CPM? Microsoft Dynamics “Performance management includes activities which ensure that strategy, plans (goals & objectives) are aligned with operations and met. Improvements are formulated as the above are reported on and analyzed. It focus on the performance of an enterprise, a department, worker, vendor, customer or even the processes to build a product or render a service. ”
Performance • Why CPM inside ERP (& GRC) Insight: While often tied to enterprise resource planning (ERP) systems, CPM software complements ERP by providing management insights in addition to operational data. In other words, ERP is about operating the business—the day-to-day transactional activity—and CPM is about managing the business—analyzing, understanding, and reporting on the business. Integration: Linking financial and operational information to insights (and risk) —and ultimately driving strategies, plans and execution. Integrating management processes & aligning strategy with execution. Thus a unified solution.
Performance • Why CPM inside ERP (& GRC) Intelligence: CPM is not BI; BI is all about extracting data, transforming and loading into digestible bits and pieces. But BI normally excludes risks, processes, objectives & strategy. CPM allows for enforcement of objectives & strategy by native inclusion of ERP transactional data. Further more CPM inside GRC allows risks and returns to be matched. Risk is closely related to performance and mitigation. So CPM inside GRC takes an enterprise to RI (Risk intelligence). “By utilizing technology…to manage risk…managers can become more intelligent” (Laurent, W; Risk management systems 2006)
Performance Balance scorecard • • KPA, KPI Worker performance Contractor performance Goals, measures etc…
SHREQ (SHE+GRC) • Invoices (some clients)…
Thank you
- Oracle grc
- Hr governance risk and compliance
- Grc meaning
- Office automation microsoft dynamics gp
- Dynamics 365 risk management
- Market risk credit risk operational risk
- Data governance and risk management
- Azure pci dss responsibility matrix
- Ncrq diploma assignments
- Compliance risk definition
- Operator compliance risk score
- Forrester wave identity as a service
- Grc stack
- Grc computational chemistry
- Objectif d'un crm
- Grc roadmap
- Microsoft mooncake
- Portail grc
- Grc crm
- Informatique bts muc
- Omnichannel crm
- Phalanx grc
- Oe-254 distance range
- Microsoft dynamics wholesale distribution
- Rockton smartfill
- Sugarcrm riva crm
- Student relationship management
- Microsoft talent onboarding
- Metapack microsoft dynamics nav integration
- Microsoft dynamics nav purchase order workflow software
- Docmail microsoft dynamics ax integration
- Ax 2012 best practices white paper
- Microsoft dynamics seminar
- Microsoft dynamics 365 procurement
- Microsoft dynamics 365 public sector
- Microsoft dynamics ax edi
- Integrating plm system in dynamics
- Email marketing microsoft
- Office automation microsoft dynamics gp
- Microsoft dynamics nav 2009 installation guide
- Dynamics gp security roles list
- Microsoft teamsrahman
- Microsoft dynamics gp roadmap
- Fasttrack for dynamics 365
- Creditsafe revenue
- Microsoft dynamics employee self service
- Dynamics academic alliance