Requires
Haley Application Foundation
Powered by Haley Application Foundation, Haley's flexible and powerful web application management environment.
Haley Risk and Compliance
Overview
Haley's Governance, Risk and Compliance (GRC) software is revolutionizing the management of governance, operational risk and compliance by strengthening control performance, quality monitoring and delivery of transparent real-time reporting.
Haley Risk and Compliance enables identification, analysis and management of operational risk on an integrated, company-wide basis. It reduces the time and costs associated with ongoing compliance by combining powerful document management, business process management and flexible reporting capabilities, enabling companies to document controls and automate end-to-end compliance processes.
Features
- Risk management developed in accordance with AS/NZ 4360. Forrester's Michael Rasmussen writes, "The Australia/New Zealand 4360:2004 Risk Management Standard (AS/NZ 4360) is . mature, straightforward, and flexible with a wealth of implementation resources for different risk scenarios. "
- Provides risk register interfaces that are organized, simple and flexible - every drop-down option in the system is able to be customized with your unique data values
- Keeps management up-to-date with dashboards that collate statistics in real time on the current state of the organization, for example risk heat maps, and customizable reports.
- Allows risk records to be classified into various structural taxonomies to deliver dynamic reports of risk profile and heat maps, with user-defined SOX process links, business unit impacts, risk causal impacts analyses and KRI links
- Provides a control library to mitigate risks by allowing the business units to customize their control purpose - instances of control application are tracked and continually informed of any changes that may be happening, and risk control assessments are triggered off business rules, requesting risk owners to conduct effectiveness assessments
- Tracks incidents that have occurred and actions that may be required to manage the incidents or mitigate the risk of similar incidents.
- Quickly post alerts or any other regulatory notice across the organization, complete with any dependencies to other information sources the recipient may be required to know about.
- Track emerging risk profiles by linking business rules and alert techniques to classify risks using scoring techniques that are flexible and meet the qualitative and quantitative requirements of AS/NZS 4360