Oracle has launched Enterprise Governance, Risk, and Compliance Manager (Enterprise GRC Manager) and the new release of Enterprise Governance, Risk, and Compliance Controls (Enterprise GRC Controls) to offer a closed-loop approach to regulatory compliance, risk management and controls automation.
Oracle said Enterprise GRC Manager and Enterprise GRC Controls are integrated for organisations to align the identification, assessment and prioritisation of risks with the suitable risk treatment through a combination of both manual and automated controls.
The company said that the Enterprise GRC Manager supports cross-enterprise, risk-based modeling, analysis, treatment and decision making, allowing organisations to embed accountabilities for risk management and control across the enterprise. The adaptive application reduces overlapping tasks, allowing separate lines of business to address the risk management requirements faced by their organisation.
In addition, Enterprise GRC Manager provides a single system to manage risk and compliance initiatives and enable organisations to reduce the cost of auditing and governing change management processes on their enterprise controls. The service also provides support for financial compliance (SOX/AS5) with risk-based scoping and a hierarchical certification process.
According to Oracle, the Enterprise GRC Manager is built on Oracle Fusion Middleware 11g, offering a service that is integrated to systems such as the E-Business Suite, JD Edwards EnterpriseOne, PeopleSoft Enterprise and Hyperion Performance Management. It is designed on an open, standards-based architecture that provides support for non-Oracle packaged applications and bespoke applications in heterogeneous multi-vendor environments, the company said.
The GRC Controls continuously monitors automated controls in enterprise applications and helps mitigate exposure to fraud and error. The new release of Enterprise GRC Controls includes new versions of Enterprise Transaction Controls Governor (Enterprise TCG) and Application Access Controls Governor (AACG).
Enterprise TCG introduces statistical logic to uncover suspect and out-of-policy transactions, allowing the reduction of false positives. The AACG offers simulation capabilities to graphically detect segregation of duties conflicts and sensibly advise on issues, remediation plans and potential impact, the company added.
Chris Leone, group vice president of applications development at Oracle, said: For many organisations, the greatest GRC challenge is creating a consolidated view of compliance, risk and internal controls. Oracle Governance, Risk, and Compliance application suite addresses this challenge by providing a complete, open, and integrated platform that provides the flexibility needed to efficiently and intelligently manage GRC programs.”