GRC : RCSA : BPS Integrated Risk Management RCSA : GRC : BPS INC Governance Risk and Compliance : RCSA : BPS RCSA : GRC : BPS BPS INC : GRC : RCSA GRC : RCSA BPS INC
Products & Solutions

 

The Sarbanes-Oxley (SOX) Act of 2002 aims to enhance corporate governance by establishing internal checks and controls that strengthen corporate accountability. The act gave rise to the Public Company Accounting Oversight Board (PCAOB), a private sector, non-profit corporation to oversee the auditors of public companies.

Another framework previously developed is the Committee of Sponsoring Organizations of the Treadway Commission (COSO). COSO is a private sector initiative extended to include recommendations on how organizations may reduce incidences of fraudulent financial reporting. In order to accomplish this, COSO developed a methodology for the establishment of internal controls, standards and criteria against which a company may evaluate their control systems.

PCAOB combined with COSO provide banks with guidance on how to establish and maintain their internal checks and controls. However, each framework is different in its approach. PCAOB applies a more risk-centric philosophy while COSO maintains a more control-centric approach. BPS’ Compliance application incorporates risk-centric and control-centric philosophies for compliance management, and combines these with compliance planning features, organizational modeling, assessments and certifications, issues and action tracking, and reporting to form a full-service regulatory compliance application.

The BPS Compliance application builds on top of the best practices established in both PCAOB and COSO, providing governance, risk and compliance professionals with a flexible automated tool. The BPS Compliance application is complimented by the BPS Suite’s common library of risks and controls used by all compliance artifacts facilitating continuous improvement and a converged approach to corporate accountability. The BPS Suite also provides an organizational modeling tool that can be used to categorize risks and controls.

Any compliance undertaking is a time consuming and labor intensive process. BPS Compliance blueprints and certification templates help alleviate some of the burden. Blueprints plans for assessments that can be reused are customizable and can be used to generate SOX assessments as well as other artifacts (RCSA, Audit Tests, etc). Likewise, certification templates are used to generate certifications. Both blueprints and certification templates are launched into actual assessments and certifications via intelligent, custom workflows.

One of the most time consuming aspects of compliance is collecting the material evidence to support the effectiveness and adequacy of internal controls. To this end the BPS Suite combined with BPS Compliance allows banks to link documentation to blueprints. The material can be linked to assessments, kick starting the attestation process.