How does GRC Pro work with my existing compliance, risk management program?

GRC Pro enables an institution to evaluate its system of internal control (EIC) against the FFIEC’s safety & soundness standards (Best Practices), which include standards that focus on compliance and risk management requirements.  The safety & soundness standards are fundamental to establishing effective compliance and risk management programs.  GRC Pro ensures established policies, practices and procedures relating to compliance and risk management programs are design adequately and are operationally effective from a Management Level Control perspective.  Finally, GRC Pro includes an independent review of the EIC process providing further assurance the control environment supports an institution’s compliance and risk management activities.

How will GRC Pro benefit individual’s in my organization?

Directors
Directors of financial institutions are tasked by regulators with fostering a strong, consistent approach toward sound corporate governance practices.  Directors must ensure that their institution has established an adequate system for identifying and managing risks and monitor their institution’s adherence to accepted safety & soundness standards.  GRC Pro enables directors to fulfill their responsibilities by providing them with comprehensive reports that identify and prioritize risks and document the institution’s remediation efforts.

Executive Officers
Executive officers are charged with developing and implementing policies and procedures designed to identify, measure, monitor and control risks. Executive officers must ensure those policies and procedures are consistently followed and provide risk-based board reports that clearly identify all risks and explain the actions being undertaken to control or mitigate those risks.  GRC Pro enables executive officers to easily monitor their institution’s compliance with internal policies and procedures and produce Board reports that facilitate sound decision-making at the board level.

Risk Managers
GRC Pro’s central repository of information enables the risk manager to easily identify areas of concern and monitor remediation across the entire institution.  Our modular approach allows front- and business-line managers to evaluate their areas of responsibility, with oversight provided by the risk manager.  The risk manager benefits from easy access to detailed information about each area of the institution, which facilitates monitoring of targeted risks, as well as higher-level information regarding management practices.  This facilitates monitoring of enterprise risks.

Business Line Managers
Because GRC Pro features individual modules for each category of business, business line managers can become more integrally involved in managing risk and compliance for their lines of business.  They no longer have to depend on outside resources to evaluate their operations, which means they can isolate risks and remediate them before they grow into enterprise-level issues.

IT/Operations Managers
GRC Pro enables IT/operations managers to monitor risk and compliance within the back-office and information technology areas of the institution.  Our IT module focuses on IT management practices that include the following IT-related risks areas: strategic planning, quality assurance, project management, risk assessment, infrastructure and architecture, end-user computing, contract administration of third-party service providers, BCP/DR and regulatory and legal compliance.

Compliance Officers/Internal Auditors
GRC Pro gives auditors and compliance officers a systematic way to A.U.D.I.T.™ (Assess, Understand, Develop, Implement and Test) their institution’s system of internal controls – so they can address control deficiencies in a timely manner and ensure corrective measures are effective.  GRC Pro also eases the burden of regulatory exams by fully documenting the institution’s internal controls, areas of risk and remediation efforts. When compliance officers and Internal Auditors can quickly and easily satisfy regulators, the scope and frequency of regulatory exams may be reduced.

 How does GRC Pro work?

 GRC Pro is very easy to use and follows the Turbo Tax® model for collecting information and walking you through the assessment process.  GRC Pro incorporates a built-in survey tool that allows you to send out surveys to collect the information you need for each assessment and policy evaluation.  It generates reports automatically and identifies risk ratings based on industry standards.

 Do I need to download any software to run GRC Pro?

 There is no software to download.  To use GRC Pro all you need is access to the Internet.

 How long will it take to complete the assessment and policy evaluation?

 The core assessment can take anywhere from a few weeks to a few months depending on how much time is dedicated to the process.  The benefit of using GRC Pro is that you can delegate modules or assessments to anyone in your organization through GRC Pro’s send survey feature.  E-mails are automatically sent to others and contain unique links that allow others to answer questions and then send them back to GRC Pro for the administrator to review.

 Who needs to be involved in the assessments? 

 Depending on which modules are being answered you will want to send specific modules out to those that have the subject matter expertise in the particular module that is being worked on  That’s the beauty of GRC Pro.  As the administrator you can decide who gets what information and GRC Pro will send it out to the required people.

 Are there other versions of GRC Pro?

 GRC Pro comes in two subscription types, Standard and Premium.  The differences between these versions can be found by clicking here.  The main components that are not included in the Standard version are the supplemental modules and remediation tools.  

 What additional services are available?

 For GRC Pro standard users, you will be able to have an FICS advisor conduct an independent, third-party review of your assessment results.  The independent review is also available on a subscription basis and can be included in your monthly subscription fees if you choose to continue using GRC Pro.  The independent, third-party review is automatically included with the Premium subscription at no additional cost.  For the Premium subscription, additional supplemental modules are available individually or in bundles.  A bundle of three is included with each Premium subscription.  The supplemental modules include:   AML/BSA, Information Technology, E-Banking, Securities, Other Assets, Mortgage Banking, Credit Card activities, Related Organization, E-Funds, International Banking, Non-deposit investments, Trust, Retail Insurance and Securitization.  

 What is the cost if I choose to continue using GRC Pro?

 There are several options if you choose to continue with your subscription.  You can continue with the standard version of GRC Pro or upgrade to the premium version.  If you are interested in pricing, please contact one of our account representatives at 610-265-1002 or via e-mail at info@ficsas.com

 How will you use the information collected from your registration page? Is my data safe?

 Safeguarding your data is one of our top priorities.  Our privacy policy can be reviewed at http://www.ficsas.com/privacy.php.