Patent application number | Description | Published |
20110251930 | DATA MANAGEMENT FOR TOP-DOWN RISK BASED AUDIT APPROACH - Particular embodiments generally relate to providing risk management. In one embodiment, a first risk is linked to an account group assertion in a data structure. A second risk is linked to a control objective in the data structure. Access to the first risk is granted through the account group's assertion. Access to the second risk is granted through the control objective. Risk management is then performed using the accessed first risk and second risk. | 10-13-2011 |
20120016802 | AUTOMATIC EVENT MANAGEMENT FOR REGULATION COMPLIANCE - In one embodiment, a method includes determining a plurality of event types where each event type associated with event metadata. An event is received and an event type in the plurality of event types for the received event is determined. The method determines event metadata for the determined event type and event data from the event based on the event metadata. A rule associated with the event type is determined where the rule includes a criterion based on a regulatory compliance issue. A computing device evaluates the event data with the criterion to determine if the event is non-compliant or compliant with the regulatory compliance issue. | 01-19-2012 |
20120310850 | Method and System for Evaluating Events - In one embodiment, a method includes determining a plurality of event types where each event type being stored in association with event metadata. One or more events are received and an event type in the plurality of event types for each received event is determined. The method determines event metadata for each determined event type and event data from the event based on the event metadata. One or more control data objects are determined stored in association with the determined event type; one or more rules stored in associated with each of the control data objects is determined where the rule comprises one or more criteria being evaluated against one of the data values of said event; and evaluating the event data with the criterion to determine if each of the events is non-compliant or compliant with a low-level system requirement of said rule. | 12-06-2012 |
20130090977 | Collaboration Tool for Compliance Processing - A computer system is described which facilitates the collaboration of participants involved in regulation/policy compliance. The system comprises two systems: a central regulation compliance system; and a collaboration forum. The central regulation compliance system is integrated with the collaboration forum to facilitate the assessment/survey process in order to attend to issues relating to actual or potential occurrences of non-compliance with regulatory/policy requirements. | 04-11-2013 |
20130091066 | Compliance Survey on Mobile Device - Survey processing for compliance assessment includes providing the survey to a mobile device. A survey application executing on the mobile device performs survey processing to obtain responses to survey questions comprising the survey. The survey application provides context-sensitive help information. The survey application provides for contacting individuals in a compliance management organization of a business enterprise for which compliance to regulations and policies by the business is required. | 04-11-2013 |
20130282425 | Intelligent Whistleblower Support System - A system for anonymously receiving information relating to suspected dishonest or illegal activity relating to an organization includes several interfaces that facilitate the anonymity. An automated analyzer analyses the received information to identify relevant governing documents (e.g., laws, regulations, etc.) and relevant personnel. A remediation workflow may then be generated based on the identified relevant information to address the report of suspected dishonest or illegal activity. | 10-24-2013 |
20130282600 | Pattern Based Audit Issue Reporting - A computer system receives an audit report from an audit proceeding. Predefined patterns are recognized in the audit report. One or more audit issues may be associated with each recognized pattern. Suitable remedial action may be generated for each identified audit issue, and dispatched to one or more actors who are then responsible for attending to the remedial action. | 10-24-2013 |
20140019183 | Automated Impact Assessment and Updates of Compliance Response Plans Pursuant to Policy Changes - A compliance management system is disclosed, including an analysis engine to analyze received compliance requirements. Stakeholders and relevant surveys are identified using results of the analysis. An assessment engine initiates and manages a process to assess the received compliance requirements. Results of the assessment are used to determine changes to existing policies and procedures. A workflow engine initiates and manages workflows to effect changes the policies and procedures. | 01-16-2014 |