Streamlined Regulatory Compliance and Change Management Solution
RACM integrates C2C Compliance Mapper™ with IBM OpenPages™ GRC platform to streamline compliance and risk functions. RACM was developed to solve compliance management issues currently facing organizations in heavily regulated fields, organizations with global footprints and any organization that must comply with data security and privacy regulatory frameworks.
RACM offers a full menu of compliance capabilities, including custom regulatory libraries and regulatory alerts, as well as a wealth of compliance analytics tools. Many organizations currently manage compliance using diverse and ad hoc solutions and processes that only address small segments overall compliance concerns. Compliance management can now be handled in one GRC platform, that is flexible enough to accommodate any organization’s compliance program and provides increased compliance management assurances.
RACM Custom Regulatory Libraries and Intelligence
No two organizations have the same compliance needs or perspective. RACM utilizes Compliance Mapper’s powerful content capabilities and vast regulatory libraries to develop a Custom Regulatory Library that is tailored to a specific organization’s compliance program, product/service offerings, information/cyber-security framework, … RACM also leverages OpenPages’ intuitive UI, advanced analytics and reporting capabilities.
Compliance/Regulatory Risk can be evaluated using C2C’s MyRiskAssessor application or other risk assessment methodologies. Compliance/Regulatory Risk analysis (formal or informal) is the basis for any organization’s Regulatory Library Inventory. The Inventory is used to build an organization’s custom Regulatory Library in Compliance Mapper.
Regulatory Library data is seamlessly transferred to IBM OpenPages, which provides a full featured GRC platform with a wealth of governance, risk, compliance, reporting and analytics capabilities, and a powerful, intuitive UI. Data transfer to OpenPages can be made using the IBM OP API or separate upload files. Accordingly, there are numerous deployment options to satisfy any organizations security and compliance needs.
The Regulatory Library Inventory is also the starting point for determining an organization’s custom Regulatory Alert Criteria. The organization’s Alert Criteria can include rules that dictate type and frequency of Alerts to be received. C2C has built flexibility into RACM that permits responsible compliance personnel to get only relevant changes, along with change documentation and metadata necessary to chart out compliance plans – changes to controls, policies, procedures, responsibilities, … necessary to obtain compliance by the effective date.
RACM Mappings – Enhancing and Simplifying Compliance Management
RACM incorporates Compliance Mapper’s proprietary mapping/linking technology that provides multi-directional relationships via an easy-to-use interface. This allows organizations to quickly organize and manage mappings between regulatory requirements and the organization.
This also permits the organization to perform gap analysis and provide reporting on how regulatory requirements relate to controls, policies hierarchy, or any other documents or assets.
RACM Mappings provide a wealth of insight regarding compliance obligations, and simplify the regulatory change management process. Using RACM, Compliance Mapper can push mappings into the OpenPages creating associations that can be utilized for compliance assessments/audits and risk analysis, as well as providing immediate feedback on how regulatory changes impact controls, policies and lines of business.
C2C Regulatory Alert and Change Management (RACM)
IBM OpenPages-C2C SmartCompliance Integration Architecture
Regulatory Library Management/Intelligence Overview
Regulatory Alert and Change Management Overview
Compliance and Regulatory Risk Analysis