Audit management is the overall process of managing the overall audit process. It enables organizations to reduce dependence on paper, perform the functions faster and with fewer resources and provides a track able audit trail for these functions.
1. Audit Management and Vendor Compliance Management
Audit Management:
What is Audit Management?
Audit management is the overall process of managing the overall audit process. It enables organizations
to reduce dependence on paper, perform the functions faster and with fewer resources and provides a
track able audit trail for these functions.
Audit Manager
SecureGRC Audit Management feature provides an integrated solution to managing the functions,
documents, and tasks associatedwith audits (IT Security Compliance or Financial) of any organization. In
addition, it provides access to the core elementsfrom the SecureGRC platform such as Workflow,
Document Management, Audit Work paper repository, Fine-grained access control through a secure
Web based interface.
Key Features
Single and Centralized repositoryfor all work papers
Version control for all work papers
Link work papers to controls
Schedule audits
Assign personnel to audits
Audit trail
Ability to track audit failures
Dashboards and reports
2. Vendor Compliance Management:
SecureGRC Vendor Management solutionenables you to manage aneffective vendor
management process: risk-based vendor selection, centralized document management and
remediation management.
What is Vendor Management?
Vendor Management is the process financial institutions worldwide use to understand the risks
they assume due to their business relationships with their third-party vendors especially
regarding their data sharing or outsourcing relationships. Vendor Managementis a standard
practice today and has matured to anextent where some leading financial industry groups such
as BITS have standardized the process significantly through their Standard Information
Gathering (SIG) and Agreed upon Procedures (AUP) standards. The usage of these standards or
their derivatives helps organizations understand the risk associated with their vendors and then
incorporate appropriate governance risk and compliance mitigation techniques and measures to
mitigate the risk.
Key Features
Automate monitoring of controls such as management of sensitive data and technical controls.
Enable vendor managers to manage risk.
Assess vendor risk using various assessment types and a library of questions based on best-
practice standards.
Derive risk and compliance ratings by type of vendor from assessment results.
Measure vendor compliance to policies and procedures.
Track and address areas of non-compliance identifiedin the vendor assessment process.