DATABASE OF RISKY EVENTS
The system has an organized database of risk events with extensive analytical information. Events can be registered fully automatically based on other enterprise information systems.
TAB GRC
what is that?
The program represents a modern system for organizing enterprise risk management, including a set of methodological documents with regulations for risk management procedures, as well as corresponding software tools. The program is a GRC-class system necessary for transitioning to ESG standards. It complies with ISO 31000 27001 22301 and can be supplemented with the COSO 2017 module. Internal audit tools allow for quick and more detailed analysis of the effectiveness of risk management systems. Financial risk calculation mechanisms are built-in.
INTEGRATED Risk Management, Internal Control AND Internal Audit SYSTEM
The system links the main entities of the risk management system within the organization. It establishes a connection between the implemented measures, the organization's processes, internal control procedures, risk reports, and current internal regulatory acts.
DECISION-MAKING SYSTEM
The ability to create flexible analytical reporting (BI) in various dimensions. Dashboards for management.
Why choose TAB GRC?
GRC-class system
Auto registration of risk events and internal control incidents
Entered in the register of domestic software
Support of legislative requirements
Support
ISO 31000 27001 22301
Information security requirements are adhered to, up to the level of "top secret".
Functional features
Risk assessment
Self-assessment questionnaires and self-assessment calculation
Self-assessment questionnaires and self-assessment calculation are provided for more accurate risk assessment in the product. This allows self-assessment to be carried out by types and subtypes of risks among departments or risk owners. The results of the assessment are accumulated through self-assessment calculation.
Risk assessment, risk matrix, risk register
Risk assessment is based on a qualitative approach by type of risk. Based on the results of the assessment, a register of significant risks and a risk matrix are formed.
The maximum amount of risks
Based on the registry generated during the risk assessment, the system has the opportunity to set limits on significant risks depending on the size of the company's own funds and risk appetite, as well as the number of risky events. In addition to the pre-configured calculation of the limit size, it also supports the establishment of control and alarm values for the size of risks through key indicators and performance indicators.
Accounting for internal control procedures
The procedure card records the execution algorithm, the responsible person, the execution schedule and the execution criteria, and also assigns a template for automatically setting tasks according to a given schedule.
Report on the implementation of internal control procedures
You can track the execution of procedures through a report built into the system showing a list of tasks for procedures, due date, date and result of execution.
Accounting for events
The product provides for the management of risk response measures with the fixation of the program of implementation, the parties involved in the measures taken.
Creation of planned events
The functionality of creating an event plan from a template is provided, according to which events for the year are automatically created in the product.
Creating events based on a risky event
The product allows you to quickly create an event based on the risk message data.
Administration
TAB GRC
We are the developers of the GRC Risk Event Management. It serves as a Russian equivalent to products such as IBM OpenPages, SAP GRC, RSA Archer, LogicManager, Riskonnect, SAI360, MetricStream, Enablon, ServiceNow, StandardFusion, Fusion Framework GRC, Pathlock, Navex Global RiskRate, Nasdaq BWise, AuditBoard, LogicGate Risk Cloud, Onspring, ZenGRC, Apptega, and Resolver. Our GRC-class product can replace any foreign counterparts.