.png?width=500&height=276&name=MicrosoftTeams-image%20(396).png)
.jpg?width=500&height=276&name=filter%20group%20of%20people%20at%20desk%20laptop%20laughing%202021-10%20(1).jpg)
.png?width=500&height=276&name=MicrosoftTeams-image%20(638).png)
Language:
Thirdera Blueprint
IRM Foundations
Jumpstart your Integrated Risk Management (IRM) journey with IRM Foundations! Designed for clients who want to fully roll their IRM program into ServiceNow, this two-release offering aims to stand-up three core GRC components - Policy & Compliance, Risk Management, and Audit Management - in our most accelerated timeline yet. Take advantage of our learned efficiency, best-practice guidance, and technical expertise to give your Risk and Compliance program the foundation it needs for continued success.
Engagement Manager
Responsible for providing leadership and direction to achieve growth and transformation.
Business Process Analyst
Analyses business requirements and provides system design while implementing system solutions.
Technical Team
Comprised of a Technical Lead and Solution Architect, Thirdera's technical resources utilise advanced platform knowledge and best practices to ensure smooth technical operations and client satisfaction.
Project Scope
Thirdera's IRM Foundations Blueprint includes a robust list of deliverables to set your IRM program on course for long-term success. Guided by proven best practices, our team of advisory and technical experts configures and implements a solution best fit for your unique needs while establishing a foundation of knowledge to promote ongoing maturation. Key deliverables include:
Key deliverables include:
- Load core data including Risk and Compliance frameworks, policies, risk statements, control objectives, and audit engagements
- Define initial register of assets, services, and/or functions for which controls and risks can be mapped to (known in ServiceNow as entities).
- Configure policy lifecycle, including ownership, policy acknowledgement campaigns, and policy exception workflow and notifications
- Establish control lifecycle, including ownership, mechanisms for determining compliance status, and issue process for handling non-compliance
- Setup risk lifecycle, including initial risk assessment methodology, risk scoring, and risk response workflows
- Establish audit engagement lifecycle, including audit tasks, initial control test templates, audit templates, and issue process for handling audit findings
- Configure notifications, reports, and dashboards from templates
- Setup of the three relevant Workspace UIs (Compliance, Risk, Audit) to provide concise user experiences
- Provide Functional Overview, Technical Knowledge Transfer, and UAT Support for each release
Outcomes
Clear Ownership
Complete Visibility
Consolidated View
Process Automation
Dedicated Workspaces
Data-Driven Analytics
Let's get started
Connect with our Risk experts for a detailed look at what an assessment would look like at your organisation and how to improve your IRM program.
