Oracle Introduces New Governance Risk and Compliance Suite with Policy Oversight and Control Execution Integration

Oracle has extended its Governance, Risk, and Compliance application suite, with the introduction of Oracle Enterprise Governance, Risk, and Compliance Manager (Oracle Enterprise GRC Manager) and the latest release of Oracle Enterprise Governance, Risk, and Compliance Controls (Oracle Enterprise GRC Controls) to deliver a closed-loop approach to regulatory compliance, risk management, and controls automation.

Oracle's Enterprise GRC Manager and Enterprise GRC Controls are tightly integrated so organizations can align the identification, assessment, and prioritization of risks with the correct risk treatment through a combination of both manual and automated controls.  According to Oracle, this integrated approach gives organizations an enterprise understanding of which risks are critical and enables an immediate and coordinated response.

"What is really new is that not only can we document and support multiple GRC initiatives on a single platform-such as financial governance, supplier risk, and IT governance-but we can also integrate those to control automation which helps to lower the cost of GRC initiatives by providing automation within the transactional system," Chris Leone, group vice president, Oracle applications development, tells 5 Minute Briefing.

Enterprise GRC Manager is built on Oracle Fusion Middleware 11g, the #1 application infrastructure foundation, offering a complete and open solution that is easily integrated to systems such as the Oracle E-Business Suite, Oracle's JD Edwards EnterpriseOne, Oracle's PeopleSoft Enterprise and Oracle Hyperion Performance Management, Enterprise GRC Manager is also designed on an open, standards-based architecture which provides support for non-Oracle packaged applications and bespoke applications in heterogeneous multi-vendor environments.

Oracle Enterprise GRC Manager supports cross-enterprise, risk-based modeling, analysis, treatment and decision making, allowing organizations to embed clear accountabilities for risk management and control across the enterprise. Oracle Enterprise GRC Manager provides a single system to manage interdependent risks and compliance initiatives, common enterprise processes help identify correlated risks and consolidate the tracking of results from control testing across multiple GRC initiatives; a single system to manage enterprise-wide risk and compliance initiatives also enables organizations to significantly reduce the cost of auditing and governing change management processes on their enterprise controls; and complete support for financial compliance (SOX/AS5) with top-down, risk-based scoping and a flexible, hierarchical certification process.

Oracle GRC Controls continuously monitors automated controls in enterprise applications and helps mitigate exposure to fraud and error.  With this new release, fraud detection and improved business process integrity and performance is enabled via a business rules engine that programmatically looks for violations and anomalies in transactions. The latest release of the Oracle Enterprise GRC Controls includes new versions of Oracle Enterprise Transaction Controls Governor (Oracle Enterprise TCG) and Oracle Application Access Controls Governor (Oracle AACG).

In the past, many organizations have not only had to document and monitor the controls that they put in place to manage the risk, whether it is financial-oriented risk, or supplier-oriented risk, or people-oriented risk, and they had to have business or process owners sign off that those controls are in place, Leone notes. Now, with the ability to automate many of those processes, he explains, errors are reduced, and it is also more efficient and less costly.

For more on Oracle Enterprise Governance, Risk, and Compliance Manager, go here.