Printable version

Atlanta, GA. – February 3, 2010 – Compliance 360, a leading provider of enterprise governance, risk and compliance (GRC) solutions, has expanded its solution footprint with the addition of a new, integrated application for managing internal audits.

As the market for GRC solutions matures, organizations are increasingly looking for one unified set of GRC applications to fulfill the needs of the Vice President of Internal Audit, General Counsel, Chief Compliance Officer, Chief Risk Officer, Chief Financial Officer and their staffs. The new Internal Audit application was built from the ground up with the same market-leading design concepts and features that support the rest of the applications in Compliance 360’s GRC Suite. Users can easily move from Internal Audit to other applications including Risk Management and Compliance Management, with a consistent user experience.

Key capabilities of Compliance 360 Internal Audit include:

• A centralized repository of all audit plans, workpapers, audit workprograms, findings, reports and follow-ups. The application improves visibility and control by serving as the internal audit system of record.
• Comprehensive audit plan management throughout the life-cycle of each audit, including resource assignments and workplan creation.
• Automatic generation of audit workpapers directly from workplans.
• Complete meeting management with tracking of meeting agendas, attendance and minutes.
• Audit task management with fully automated and customizable workflow.
• Central management and extensive reporting of audit findings.
• Documentation of recommendations, management responses and oversight of remediation projects.
• Sophisticated capabilities for creating, managing and analyzing customizable surveys for any size organization.

Because the application leverages the Compliance 360 GRC platform and was built entirely by Compliance 360‘s development staff, Internal Audit is seamlessly integrated with the rest of Compliance 360’s applications. Highlights of these built-in connections include:

• Integration with Regulatory Compliance and Policy Management. In many organizations, a large percentage of internal audits are focused on regulatory compliance, policies and procedures. With the ability to link internal audits with policies and procedures in Compliance 360, organizations can greatly simplify the work of Internal Auditors and promote more effective collaboration.
• Integration with the Virtual Evidence Room™ linking all audits and findings to specific relevant risks, laws, regulations, policies, surveys and incidents. With minimal overhead, organizations can maintain a constant state of readiness for external reviews and exams.
• Integration with Enterprise Risk Management (ERM) including:
  • Annual risk assessments,
  • Configurable scoring and prioritization using graphical heat maps,
  • Streamlined set-up and execution of assessment questionnaires with reusable questions, response sets and question templates, and
  • Documentation of control tests.

Organizations can leverage this integration to direct internal audits toward the areas of greatest risk, and in turn, feed selected audit findings back into the risk model to maintain up-to-date, comprehensive risk assessments.

“Robust GRC systems contain multiple applications, such as risk management, policy management and audit management. The individual functionality of each GRC application is key to achieving the desired results,” according to Michael Rasmussen, president of Corporate Integrity. “Not all GRC software platforms are created equal. Some are a hodge-podge of technology because of a history of mergers and acquisitions; some are rushed to market without a common application and information architecture. An often overlooked key to GRC success lies in the integration and consistent design of each application. GRC systems lacking a common architecture (backbone), common user interface, and consistent processes and functional behaviors seldom deliver the full value and benefits sought by the organization. In fact, use of a collection of disparate GRC applications has been repeatedly demonstrated – in real-world settings – to actually reduce visibility and increase risk.”

“Our Internal Audit solution has been carefully designed based on hundreds of hours of research with corporate audit managers and industry analysts,” according to Steve McGraw, president and CEO of Compliance 360. “Our customers recognize the value of unified solutions that are designed and built on a common architecture. Because we have not acquired disparate applications to assemble our solution footprint, we can provide our customers with a comprehensive set of solutions that support all constituents with one user interface, one reporting system, one assessment methodology, one security framework and one consistent set of processes and functional behaviors. Our Internal Audit application is another great example of the value sought by our customers. It delivers all the features they expect from a robust Internal Audit application, plus the benefits of seamless integration with the rest of Compliance 360’s GRC applications.”

About Compliance 360 for Healthcare

Compliance 360 is a leading provider of enterprise governance, risk management, audit and compliance solutions for companies that operate in highly regulated industries. The Compliance 360 Software-as-a-Service (SaaS) solution suite helps companies address policies and procedures management, regulatory compliance management, internal and external audits, accreditation, incident management, fraud, waste & abuse, contract management, enterprise risk management, 3rd-party risk management and IT governance.  Customers benefit by reducing risks, improving efficiencies and protecting their brands.  Compliance 360 is headquartered in Atlanta, GA and assists over 150,000 active users in highly regulated, complex business environments including healthcare, insurance, financial services and others. For more information, visit www.compliance360.com.

Editor’s Note: Compliance 360 is a registered trademark of Compliance 360, Inc. Virtual Evidence Room is a registered service mark of Compliance 360, Inc.  Any other trademarks are recognized as proprietary to their owners.