Transcription
Risk IQ - MetricStream Event--------------------------------------June 9th, Te Papa gton, New ZealandLEADINGWITH GRCThe Past, Present, and Future of GRCSamir AzimAssociate Director, Partnerships@MetricStream
"Float like a butterfly. Sting like a bee.You can't hit what your eyes don’t see"Leading with GRC MetricStream, Inc. All Rights Reserved
The perfect storm of GRC challengesLeading with GRC MetricStream, Inc. All Rights Reserved3
Leading with GRC MetricStream, Inc. All Rights Reserved
Stock Prices – Volkswagen and CompetitorsLeading with GRC MetricStream, Inc. All Rights Reserved
Leading with GRC MetricStream, Inc. All Rights Reserved
Evolution of GRCLeading with GRC MetricStream, Inc. All Rights Reserved
Evolution of GRCLeading with GRC MetricStream, Inc. All Rights Reserved
Business Drivers Influencing Investment in GRCBusiness Drivers Influencing Investment in GRCNeed to Improve Risk Oversight76.2%New business initiatives introducing new risks 54.0%Privacy and data protection issues39.5%Regulatory Proliferation making it hard to 34.9%Industrial Level Cyber Threats22.6%Global Business Uncertainty17.6%Need to improve Anti-Fraud, -Bribery, - Increasing geo-political risks17.2%11.1%Political stability concerns8.4%Other (please specify)5.4%0.0% 10.0% 20.0% 30.0% 40.0% 50.0% 60.0% 70.0% 80.0% 90.0%Leading with GRC MetricStream, Inc. All Rights Reserved
Business Value of GRC1A single system of record forGRCeliminates spreadsheet chaos2Increased GRC productivity, lowercosts3Leading with GRCImproved business performanceproviding decision makersreliable risk intelligence MetricStream, Inc. All Rights Reserved
What’s Next?Leading with GRC MetricStream, Inc. All Rights Reserved
Innovation, Disruption — What Is It That You Really Want to Do?S-1 Holland and Russian battleship Retvizan entering the New York Navy Yard dry dockhttp://pigboats.com/subs/holland.htmlLeading with GRC MetricStream, Inc. All Rights Reserved
GRC in TransitionDigital BusinessTransformationPhase 2BusinessPerformance4G – M73GEmerging Issues,Innovation,Disruption2GPhase 11G20042008Leading with GRC20122016 MetricStream, Inc. All Rights Reserved
The Human DimensionHR Master Data,Time Card andAttendance TrackingSocial Network AnalysisEmployee related policiesEmail MonitoringSocial Media MonitoringSensitive Data Access logERP Continuous ControlsMonitoringWeb Activity LogsOnline/Offline Business ActivityLeading with GRC MetricStream, Inc. All Rights Reserved
And After That?Leading with GRC MetricStream, Inc. All Rights Reserved
Future of GRCHyperconnectedTechnology PervasivenessFree for AllPower to thePeopleVirtual TribesBig BrotherFencedEconomic DisruptionSocio-PoliticalLeading with GRCFinancial MetricStream, Inc. All Rights Reserved
Power to the PeopleHyper-connected, Financial System Uncertainty Low Trust in Fin Inst leads to broadand immediate Impact.Regulators gain power due tobetter connectivity and Politicianslose power due to people havingcontrolFinancial profile will be determinedby personal digital footprintGreater productivity due toautomated decision makingReduced uncertainty inenvironment changes due tohyper-connectivityCyber sanctions as a geo-politicaltoolLeading with GRCPhoto: DoD MetricStream, Inc. All Rights Reserved
Virtual TribesFenced, Socio-Political Uncertainty Digital connection moreimportant than family Attacks across tribes Crypto-currencies within tribes More protectionism New types of politicalentities/cults of personality inpolitics Corporatocracies that canconnect the dots become moreimportantPhoto: FacebookLeading with GRC MetricStream, Inc. All Rights Reserved
And for NowLeading with GRC MetricStream, Inc. All Rights Reserved
Recommendations Make GRC more people focused Identify high risk use cases and the peopleinvolved Identify sources for human behavioral KRIs Develop baselines and trending Integrate reporting into GRC systemLeading with GRC MetricStream, Inc. All Rights Reserved
Leading with GRC MetricStream, Inc. All Rights Reserved
About MetricStream!Leading with GRC MetricStream, Inc. All Rights Reserved
MetricStream 201620 Core Apps450 Customers1800 GRC Experts100 PartnersBacked by Goldman Sachs 2015 MetricStream, Inc. All Rights Reserved.50 Zaplets
About USVisionSolutionsOrganizationDifferentiators 2015 MetricStream, Inc. All Rights Reserved. Integrated Governance, Risk and Compliance for Better Business Performance Risk Management Business Continuity Management IT GRC Compliance Management Audit Management Supplier Governance Quality Management EHS & Sustainability Governance & Ethics Content and Training Over 1,900 employees Headquarters in Palo Alto, California with offices worldwide Over 450 enterprise customers Privately held – backed by leading global VCs, Goldman Sachs, Sageview Capital Technology - GRC Platform – 9 Patents Breadth of Solutions – Single Vendor for all GRC needs Cross-industry Best Practices and Domain Knowledge ComplianceOnline.com - Largest Compliance Portal on the Web
MetricStream GRC PlatformHorizontal SolutionsVertical Solutions(Integrated GRC, Vendor Governance, etc.)(Banking, Financial Services, Insurance, tsThreats &VulnerabilitiesIT ty AppsContentTrainingCommunityAlerts & FeedsRetail ContentOnlineComplianceThird-PartyCaseMgmt.Mgmt.[ ] other AppsAppStudioGRC gurationAnalyticsGRC ganizations RegulationsPoliciesCloud InfrastructureProvisioning 2014 MetricStream, Inc. All Rights Reserved.MonitoringUnstructured DataRules EngineInfoletsRelational DataSecurityBig DataNotificationsCollaborationRisk Analytics &Intelligence
MetricStream Packaged Applications 2014 MetricStream, Inc. All Rights Reserved.
Product Leadership – A Disruptive Force“MetricStream’s fast growth is a disruptive force in the market.”Highest score for Current Offering criteria for strength of productoffering and capabilities- Forrester Wave : GRC Platforms, Q1 ’14 2014 MetricStream, Inc. All Rights Reserved.MetricStream continues to be a strong leader.Highest score possible across all the core GRCApplications- Forrester Wave : GRC Platforms, Q1 ’16
Leader in Gartner Magic Quadrants 2014 MetricStream, Inc. All Rights Reserved.Business Continuity Mgmt.Highest current product capabilityscores IT Risk Mgmt.MetricStream has made goodinvestments in R&D, focusing onrisk intelligence/big data, cloud,Zaplet architecture, and itsComplianceOnline content.Operational Risk Mgmt.MetricStream received highcustomer ratings for the quality andreliability of its sales team.Vendor Risk Mgmt.MetricStream offers visibility intofourth-party relationships, which isbecoming more important toindustry regulators.
Product Leadership: Category Leader in GRC“MetricStream positioned as a Category Leaderfor Enterprise GRC Solutions both in terms ofcompleteness of offerings and marketpotential.”- Chartis RiskTech Quadrant for Enterprise GRCSolutions 2014 MetricStream, Inc. All Rights Reserved.
Thank you
Application for every DepartmentCRO- RiskCAE - AuditCSO - SourcingEnterprise Risk ManagementInternal AuditThird-party ManagementOperational Risk ManagementOperational AuditConflict Minerals ManagementCCO- ComplianceCISO - IT & SecurityQuality Head - QualityPolicy & DocumentIT Risk ManagementSupplier Quality AuditSOX ComplianceIT ComplianceInspections ManagementCompliance ManagementThreat & VulnerabilityNCM & CAPA ManagementReg. Change ManagementVendor Risk ManagementIncident ManagementCase ManagementBusiness Continuity 2014 MetricStream, Inc. All Rights Reserved.
Apps for every GRC ProgramEnterprise GRCCorporate ComplianceIT GRCPolicy & DocumentPolicy & DocumentIT Risk ManagementEnterprise Risk ManagementCompliance ManagementIT ComplianceSOX ComplianceReg. Change ManagementThreat & VulnerabilityCompliance ManagementCase ManagementVendor Risk ManagementInternal AuditTraining ManagementBusiness ContinuitySupplier GovernanceQuality ManagementEHS ManagementThird-party ManagementOperational AuditIncident ManagementSupplier Quality AuditInspections ManagementEnvironment ManagementPolicy & DocumentNCM & CAPA ManagementHealth & Safety ManagementSupplier Quality AuditPolicy & Document 2014 MetricStream, Inc. All Rights Reserved.
Value Proposition of AppsPre-packaged content &Best practicesPackaged Editionsfor Specific needsOffer PersonalizedExperience for all UsersEasyConfigurationAdvanced SecurityCloud On-premise 2014 MetricStream, Inc. All Rights Reserved.Flexibility to Add-onAdditional AppsInstant Value
Why MetricStream– Architected for GRC– Flexible, extensible data model for better management, mapping, reporting– Highly configurable to map business processes to solution– Platform-based architecture, modular deployment, easy integration with current systems– Innovation with Purpose– Cloud Architecture for on premise or Cloud deployments– Mobile: Ubiquitous access to data across devices for employees, customers and partners– Big Data: Big Data aggregation and storage - social media, public databases, unstructured data– GRC Journey Methodology– GRC Maturity and Time to Value – Focusing on the right priorities to achieve Better Performance, Better Decisions– GRC Journey Planning – Building a clear program with key stakeholders– GRC Community, Special Interest Groups, GRC Summit, GRC program plans/artifacts and successes 2014 MetricStream, Inc. All Rights Reserved.
Leader in Gartner Magic Quadrants Business Continuity Mgmt. Highest current product capability scores IT Risk Mgmt. MetricStream has made good investments in R&D, focusing on risk intelligence/big data, cloud, Zaplet architecture, and its ComplianceOnline content. Operational Risk Mgmt. MetricStream received high customer ratings for the .