![josh with dark glasses looking down 2022-02 (1)-1](https://22769.fs1.hubspotusercontent-na1.net/hub/22769/hubfs/josh%20with%20dark%20glasses%20looking%20down%202022-02%20(1)-1.png?width=600&height=600&name=josh%20with%20dark%20glasses%20looking%20down%202022-02%20(1)-1.png)
![josh with dark glasses looking down 2022-02 (1)-1](https://22769.fs1.hubspotusercontent-na1.net/hub/22769/hubfs/josh%20with%20dark%20glasses%20looking%20down%202022-02%20(1)-1.png?width=345&height=286&name=josh%20with%20dark%20glasses%20looking%20down%202022-02%20(1)-1.png)
Thirdera Blueprint
IRM Foundations
Roll your Integrated Risk Management (IRM) program into ServiceNow with an offering that accelerates delivery of three core GRC components - Policy & Compliance, Risk Management, and Audit Management.
Release 1 - Risk & Policy
Initiate & Plan
Execute
Deliver
Go-Live & Beyond
Initiate & Plan
3 WEEKSConduct workshops for Risk & Policy, demo functionality, approve execution plan
Execute
5 WEEKSConfigure Risk & Policy functionality per best practice and customer requirements; continually show progress back to the customer and collect new requirements.
Deliver
2 WEEKSProvide functional and technical knowledge transfer and support customer acceptance testers
Go-Live & Beyond
2 WEEKSPromote code to production and provide support.
Release 2- Compliance & Audit
Initiate & Plan
Execute
Deliver
Go-Live & Beyond
Initiate & Plan
3 WEEKSConduct workshops for Compliance & Audit, demo functionality, approve execution plan
Execute
5 WEEKSConfigure Compliance & Audit functionality per best practice and customer requirements; continually show progress back to the customer and collect new requirements.
Deliver
2 WEEKSProvide functional and technical knowledge transfer and support customer acceptance testers
Go-Live & Beyond
2 WEEKSPromote code to production and provide support.
Thirdera Staffing
![role icon](https://www.thirdera.com/hubfs/team%20connected%20resources%20icon%20thirdera%20pink-1.png)
Engagement Manager
Responsible for providing leadership and direction to achieve growth and transformation.
![role icon](https://www.thirdera.com/hubfs/team%20people%20icon%20thirdera%20pink-1-1.png)
Business Process Analyst
Analyzes business requirements and provides system design while implementing system solutions.
![role icon](https://www.thirdera.com/hubfs/laptop%20person%20thirdera%20icon%20pink.png)
Technical Team
Comprised of a Technical Lead and Solution Architect, Thirdera's technical resources utilize advanced platform knowledge and best practices to ensure smooth technical operations and client satisfaction.
![James arms folded glasses purple-2](https://22769.fs1.hubspotusercontent-na1.net/hub/22769/hubfs/James%20arms%20folded%20glasses%20purple-2.png?width=457&height=600&name=James%20arms%20folded%20glasses%20purple-2.png)
![James arms folded glasses purple-2](https://22769.fs1.hubspotusercontent-na1.net/hub/22769/hubfs/James%20arms%20folded%20glasses%20purple-2.png?width=286&height=375&name=James%20arms%20folded%20glasses%20purple-2.png)
Project Scope
Thirdera's IRM Foundations Blueprint includes a robust list of deliverables to set your IRM program on course for long-term success. Guided by proven best practices, our team of advisory and technical experts configures and implements a solution best fit for your unique needs while establishing a foundation of knowledge to promote ongoing maturation. Key deliverables include:
- Load core data including Risk and Compliance frameworks, policies, risk statements, control objectives, and audit engagements
- Define initial register of assets, services, and/or functions for which controls and risks can be mapped to (known in ServiceNow as entities).
- Configure policy lifecycle, including ownership, policy acknowledgement campaigns, and policy exception workflow and notifications
- Establish control lifecycle, including ownership, mechanisms for determining compliance status, and issue process for handling non-compliance
- Setup risk lifecycle, including initial risk assessment methodology, risk scoring, and risk response workflows
- Establish audit engagement lifecycle, including audit tasks, initial control test templates, audit templates, and issue process for handling audit findings
- Configure notifications, reports, and dashboards from templates
- Setup of the three relevant Workspace UIs (Compliance, Risk, Audit) to provide concise user experiences
- Provide Functional Overview, Technical Knowledge Transfer, and UAT Support for each release
Outcomes
Clear Ownership
Complete Visibility
Consolidated View
Process Automation
Dedicated Workspaces
Data-Driven Analytics
Let's get started
Connect with our Risk experts for a detailed look at what an assessment would look like at your organization and how to improve your IRM program.