Home > Library > Risk Management

Risk Management     Browse by:   Featured: Insights Basel II: Building Risk-resilient Banking Systems When Barings Bank declared bankruptcy in 1995, the world was stunned. As Britain's oldest merchant bank, Barings had weathered disasters like the Great Depression and Two World Wars ? only to be later brought down by a single man in a small office in Singapore. By the time Barings uncovered his actions, it was too late. Leeson had cost the bank over $1 billion. Learn More about this.. Insights Audit Management Tools - Food Safety Audits and Inspections As the Federal and State officials are looking at fundamental issues related to food safety in radically different ways, companies are hiring an army of private auditors to monitor the food plants. Next-generation Audit Management tools for managing quality, compliance and risk programs can help companies address these issues and enable them to protect their brands and build trust with customers on a sustained basis..   Demos   White Papers   RFP Templates   Insights   Webinar   Datasheets   Case Studies   Solution Briefs

Complete List

Demos Enterprise Risk Management (ERM) Solution Demo Solution to enable organizations to identify, assess, quantify, monitor, and manage their enterprise risk in an integrated manner. Governance, Risk and Compliance (GRC) Platform Demo A common framework for supporting all compliance and quality processes in a company and driving effective risk management and corporate governance. Governance, Risk and Compliance (GRC) Solutions for Banks and Financial Services Demo MetricStream offers industry's most advanced and comprehensive suite of solutions designed to meet the GRC needs of banks and financial services companies at multiple levels. Operational Risk Management (ORM) Solution Demo The solution that brings together all operational risk related data - a reusable library of risks and their corresponding controls and assessments, results from individual assessments, key risk indicators, events such as losses and near-misses, issues and remediation plans - in a single workflow-based framework. Top

White Papers Integrated Risk and Compliance Management for Banks and Financial Services Organizations: Benefits of a Holistic Approach Banks and financial services organizations of all sizes are now more concerned than ever about risk and compliance management. This white paper discusses the current risk and compliance environment for banks and financial institutions, strategies for successfully implementing Governance, Risk and Compliance (GRC) programs and how technology can be leveraged to adopt a holistic approach to risk and compliance management. Governance, Risk and Compliance Framework Growing regulatory environment, higher business complexity and increased focus on accountability have led enterprises to pursue a broad range of governance, risk and compliance initiatives across the organization. However, these initiatives are uncoordinated and potentially increase the overall business risk for the organization. This is leading organizations to take a unified approach to GRC. This paper details the various steps and benefits of implementing Unified GRC strategy. Top

RFP Templates Enterprise Risk Management (ERM) Solution RFP Template Solution to enable organizations to identify, assess, quantify, monitor, and manage their enterprise risk in an integrated manner. Governance, Risk and Compliance (GRC) Platform RFP Template A common framework for supporting all compliance and quality processes in a company and driving effective risk management and corporate governance. Governance, Risk and Compliance (GRC) Solutions for Banks and Financial Services RFP Template MetricStream offers industry's most advanced and comprehensive suite of solutions designed to meet the GRC needs of banks and financial services companies at multiple levels. Operational Risk Management (ORM) Solution RFP Template The solution that brings together all operational risk related data - a reusable library of risks and their corresponding controls and assessments, results from individual assessments, key risk indicators, events such as losses and near-misses, issues and remediation plans - in a single workflow-based framework. Top

Insights Basel II: Building Risk-resilient Banking Systems When Barings Bank declared bankruptcy in 1995, the world was stunned. As Britain's oldest merchant bank, Barings had weathered disasters like the Great Depression and Two World Wars ? only to be later brought down by a single man in a small office in Singapore. By the time Barings uncovered his actions, it was too late. Leeson had cost the bank over $1 billion. Learn More about this. Audit Management Tools - Food Safety Audits and Inspections As the Federal and State officials are looking at fundamental issues related to food safety in radically different ways, companies are hiring an army of private auditors to monitor the food plants. Next-generation Audit Management tools for managing quality, compliance and risk programs can help companies address these issues and enable them to protect their brands and build trust with customers on a sustained basis. Internal Audit Software Application, Continuous Auditing Systems After making circles in the academic networks for years, continuous auditing is now within reach for businesses looking to derive greater value from their auditing processes. Its implementation is no more complex and the benefits are real. By adopting the right auditing tools, developing a complete system with technological adequacy and an environment conducive to its application, every organization can gain from continuous auditing. ISO 31000: Streamlining Risk Management to Achieve Corporate Goals The new ISO 31000 Risk Management standard provides a universally recognized paradigm for risk professionals to clearly define terminologies, establish formal processes, understand the context of their efforts, and evaluate opportunities vested in taking risks. MetricStream's ERM approach is well aligned with the overall approach and the guidelines of ISO 31000. Audit Performance Measurement While the Internal Audit function is gaining popularity as a guardian of good corporate governance and the leader of business performance, measuring the Internal Audit?s performance can play a critical role. Regulators and investors are demanding increased scrutiny of an organization?s operation, making the Chief Audit Executive?s (CAE) job more complex and challenging. Effective Governance through Internal Auditing Internal Audit supports the Board of Directors (BoD) and its committees by independently assessing the effectiveness of an organization?s system of internal controls as well as compliance with statutory, legal and regulatory requirements. Given the importance the BoD attaches to this role, organizations are making every effort to adopt Internal Audit across the enterprise for better management of risk and effective compliance with regulation. Environment, Health and Safety Audit Systems Environment, Health and Safety (EHnS) management is emerging as a key challenge for large organizations. Site safety and health programs benefit from effective planning, full implementation and careful, ongoing management. Correcting common deficiencies are important not only to protect the health and safety of site workers, but also to maximize the benefit and cost effectiveness of site health and safety programs. Site Inspections: Road Map to On-Time Supplier Quality Assurance Supplier quality issues like non-conformance management, product recalls and product failures are proving fatal for global organizations. World-class manufacturers are realizing the need to maintain a consistent and systematic quality process to gain real time inspections data with analytics of trend analysis. Auditor - Auditee Relationship In one of its reports, Moody's recommends that the Chief Internal Auditor should report to the CEO and the board and not to the CFO, if the auditor is to examine company's books and controls with an objective eye. Interestingly, audit committees face similar issues when evaluating executive management or business line managers. Audit Management in Retail and Grocery Operations Ongoing audits are critical to support quality processes, regulatory compliance and risk management throughout the product life cycle and along the supply chain for retail and grocery operations. Five Trends in Internal Audit Evolved from an objective assurance and consulting activity, IA will address the growing needs of global organizations and meet the new expectations of investors and board members. Based on our engagements with several large organizations, the five key trends we observe are: Integrated Supplier Audits for Better Supply Chain Governance Supplier audits and inspections is a critical process that supports quality and compliance management when dealing with vendors, suppliers and contract manufacturers. World class organizations are looking to incorporate best practices in supplier audit management when implementing supply chain governance and performance management programs. Leveraging Continuous Auditing for GRC Programs The concept of automated audit procedures with real time or near real time has been in picture since early 80?s. However it stayed unnoticed for about a decade due to lack of technical resources and expertise and got attention only after the Sarbanes-Oxley Act brought urgency to the audit function. Perhaps, in the present scenario, the traditional audit model calls for an overhaul. Keeping in mind the imperfections exposed by the current financial crisis, organizations today are not just asking internal audit to take on a more strategic role but also require internal audit groups to refocus their efforts from compliance to better business performance. Advanced Measurement Approach (AMA) AMA's qualifying factors makes a bank?s risk assessments more forward-looking and reflective of the quality of control and operating environments. Directives imply that any Operational Risk Management (ORM) system aiming to qualify for AMA status, must be aware of, and be closely aligned with, the business strategies of the firm and the external factors that could impact its risk profile. Erm Analysis For Credit Ratings Of Nonfinancial Companies: Stepping Up To New Criteria Patterned on the approach already used for sectors like finance, insurance and energy since 2004, SnP's announcement proposes to employ 100 or so different factors to evaluate the quality of ERM operations in nonfinancial institutions and then include that assessment in their final score. Smart Investment Strategies For A Compliance Platform: A Ten Step Guide Government regulations and mandates are on the rise. Most corporate compliance offices are challenged to find compliance solutions that can scale across corporate compliance offices and also manage regulatory and compliance initiatives within respective operational and departmental areas. The Next Generation Of Systems For Compliance Companies are governed by a complex web of regulations, laws, voluntary codes, industry codes, and corporate policies. Compliance with these intricate regulations, mandates and policies is not an easy task. Maintaining ongoing compliance is even more difficult due to continuous changes, amendments and overlaps. The Unexpected Benefits Of A Unified Approach To Governance, Risk, And Compliance (grc) Whether we like it or not, all corporations have to comply with regulations and at the same time establish their credibility with investors, other stakeholders, and the broader public. All these factors, brought together, have fuelled the convergence of distinct, yet entwined disciplines of the Governance, Risk, and Compliance (GRC). Top

Webinar Solvency II: Are Insurance companies ready? This complimentary webinar covers the current stage at which Insurance companies are with respect to Solvency II implementation and the best practices that are required to be deployed going forward. Next Generation Internal Audit: The Chief Auditor's perspective In this panel discussion, Chief auditors for global corporations discuss and debate about the next generation of internal audit that is more adaptable, collaborative, and integrated with corporate goals. Sound Practices in Risk and Control Self-Assessment In this webinar, our panelists provide insights on implementation of RCSA techniques that support a robust risk management framework. It also focuses on how to integrate and co-ordinate risk identification and risk management efforts to improve the understanding, control and oversight of its operational risks Unlocking the Elusive Potential of a Unified GRC Program This webinar showcases how unified GRC program helps organizations in overcoming challenges associated with risk and compliance management dependant on manual or point solutions. GRC systems and processes provide an integrated picture of Governance, Risk, and Compliance information and processes across the business - resulting in agility, efficiency and effectiveness of risk and compliance processes ? as opposed to complexity, redundancy, and failure associated with manual or point solutions. The Changing Face of Internal Audit This panel will discuss the evolving role of Internal Audit and its impact on driving effective risk management program across the enterprise that can address the changing business landscape and enhance the ability to react rapidly to adverse events. Integration of SOX and Operational Audits This webinar details how the shift toward SOX and general compliance related duties demand the rebalancing and seamless integration of SOX and Operational Audits to meet the requirements of the law without it being detrimental to other responsibilities of auditors. Enterprise Risk Management at the Tipping Point This panel discussion will outline an integrated framework for deploying effective risk management program across the enterprise that addresses the changing business landscape and enhances the ability to react rapidly to adverse events Managing Healthcare Privacy, Identity Theft & Information Risk This webinar provides a perspective on trends & developments in managing Healthcare privacy, identity theft & information risk, what companies are currently doing to manage such risks and also how automation can resolve privacy and data protection challenges through an integrated IT GRC approach. Upgrading Internal Audit Infrastructure This webinar on Upgrading Internal Audit Infrastructure provides a complete perspective on identifying key challenges in managing internal audit in today?s environment, describing the scope of upgrade including the impact on organization, and defining the technology infrastructure necessary to support the upgrade. Risk-Based Approach for Building a Solid NERC and FERC Compliance Program This complimentary webcast helps to learn how to use a risk-based compliance approach for building a solid compliance program and also discusses how you can utilize people, processes and technology to respond to compliance enforcement challenges and engage regulators. Implementing Integrated GRC Program in an Organization This session with Chris McClean, Analyst, Forrester Research, looks at the various functions involved in GRC, common areas of differences and divergence and strategies for overcoming these organizational obstacles to arrive at a common language and approach that all business owners agree upon, accept and adopt in their functions. Beyond Basel II Compliance: Integrated Operational Risk Platform as a Competitive Differentiator This MetricStream hosted webinar on "Beyond Basel II Compliance: Integrated Operational Risk Platform as a Competitive Differentiator" highlights how a holistic approach to risk management tied into corporate governance be a competitive advantage. Thriving In The Face of Regulation: How to Accommodate the New Regulatory Regime and Achieve Optimum Business Performance In this on-demand Webcast, our distinguished panel members from their vast real-world regulatory, management and advisory experiences, discusses on what top governance and compliance mistakes to avoid and what essential policies and procedures to implement. Linking Internal Audit Plan with Organizational Strategic Goals In this webinar, Dr. Robert M. Mark, Former CRO of CIBC provides insights on incorporating a risk based policy, methodology and infrastructure benchmark assessment, ensuring risk appetite across the organization, evaluating an organization?s strategies to assess risk, and defining the technology infrastructure necessary to support the new Internal Audit norms. Manage Vendor Risks through Integrated GRC Processes This webinar looks at the various reasons why it is challenging and costly to collect and track risk data from a global network of vendors and partners. Managing Risk and Compliance in Multi-Country Operations Join this MetricStream hosted webinar which provides insight on integrated framework for managing the growing complexity of regulatory requirements and risk in multi-country operations. Breaking Down Silos through Integrated Risk Management Join this MetricStream hosted webinar that will evaluate and exhibit technology for creating foundation to break down the enterprise silos by enabling Integrated Risk Management framework, while supporting incremental adoption and automating risk Management across the enterprise Five Trends in Internal Audits In this webcast, based on our engagements with several large organizations relying on MetricStream solution for managing its audit, risk and compliance processes, we will discuss about the Five key Trends that we observe in Internal Audits. Risk-based Internal Audit Management This MetricStream hosted webinar helps to get a complete perspective on adopting risk-based Internal auditing framework for improving business performance, Creating a risk-centric environment for managing new threats and challenges, and Enabling technology to cope with the changing role of Internal Audit function Risk Governance: How to Improve Business Resilience through Better Risk Management A webcast on effectively mitigating the risks and maximizing the strategic opportunities of the enterprise with former CRO of Washington Mutual. This webinar provides an overview of how MetricStream is helping its customers to adopt an integrated risk governance infrastructure leading to better risk Management, improved decision making, high data quality, reduced task redundancies, etc. Managing Loss and Incidents Across the Enterprise This webinar provides an overview of the Loss Management solution that facilitates capturing data across the enterprise and provides enhanced analytics for analysis Managing Risk and Internal Audit in a Bank This complimentary webinar provides a great opportunity to hear the views of a former chief risk officer of one of the leading financial services organization on improving business performance through an integrated GRC framework, developing risk-based internal audit program for a bank, creating a risk-centric environment for managing new threats and challenges, and enabling technology to cope with the increasing complexity of compliance landscape. Risk, Audit and Compliance Management: GRC Platform and Solutions In this webinar, we discusses what role can integrated Governance, Risk and Compliance (GRC) play in meeting the evolving needs of global corporations and the rising expectations of investors, regulators and the board, as organizations consider new techniques to succeed in managing risks, compliance and controls. Enterprise Risk Management: Getting Closer to the Elusive Goal A complimentary webcast that examines how ERM systems and GRC platforms enable you to accurately assess risks, review controls, highlight hotspots, prevent loss and fraud, resolve issues, increase transparency and ensure compliance. GRC at its Inflection Point: How Risk, Compliance and Internal Audit Will Change Business in 2009 In this online event, Forrester Research Analyst, Chris McClean, discusses key imperatives that have brought GRC to its inflection point such as creating a GRC program that focuses on business value, linking GRC performance metrics to strategic goals, managing increasing scrutiny and oversight of business practices, supporting the role of internal audit and reducing GRC cost and complexity. Run up to the Economic Crisis: Enabling Risk Management For Risk Officers, the events of the past year have challenged all assumptions about what defines the best practices of governance and risk Management. In particular, the appropriateness of the Chief Risk Officer?s dual, and potentially conflicting, roles of working to advance the business and acting as a provider of ?independent? oversight are being questioned. In this webinar, we will discuss an integrated framework for deploying governance and risk Management practices that will lead to higher adaptability for changing business needs and enhancing capabilities that will guard against adversity. Risk, Audit and Compliance Management for Banks and Financial Institutions: GRC Platform and Solutions By adopting a GRC Platform, organizations can see tangible business benefits from consistent and closed-loop processes across sites and functions, real-time visibility and easy access to compliance data. In this webinar, we discuss the GRC drivers and trends. We also cover the best practices around architecting your GRC strategy, planning your GRC roadmap and achieving the GRC goals. GRC Platform Requirements: MetricStream Approach to Federated GRC This webinar covers how organizations can see tangible business benefits from consistent and closed-loop processes across sites and functions, real-time visibility and easy access to compliance data, and a collaborative environment for improved co-ordination between teams. Interactive Panel Discussion with Former CROs of Top Banks - Risk Management in Financial Services Panel discussion with former Chief Risk Officers to outline an integrated framework for deploying best governance and effective risk Management processes that address changing business needs and enhance the ability to react rapidly to adverse events. Assessing The Performance Of GRC Through A Formal Internal Audit An effective internal audit (IA) function is a valuable resource for Management, the board and audit committee to evaluate the performance of GRC practices; due to its understanding of the organization and its culture, operations, and risk profile. The objectivity, skills, and knowledge of competent internal auditors can contribute to the effectiveness of an organization's internal control, risk Management, and related governance processes. Best Of Breed Risk Analysis Techniques For Medical Device Industry This webinar helps medical device companies summarize the differences and relative strengths of risk analysis techniques most commonly used in the medical device industry, hence increasing the effectiveness of the risk analysis process. Compliance 2.0: How Energy And Utility Companies Are Meeting Complex Compliance Regulatory Requirements Cost Effectively This webinar will provide needed information to energy and organization to meet the new FERC compliance realities and will include how energy professionals should review their corporate structure, strategy and internal processes to meet the new demands. Compliance 2.0: How Regional Financial Services Institutions Are Meeting Complex Compliance and Regulatory Requirements Cost Effectively With the recent rise in regulatory oversight, executives and the boards require clear visibility into risk exposure and compliance status to effectively manage the organization's long-term strategies. As a result, companies are looking for a systemic approach to ensure accountability and transparency, to manage and mitigate risks and to build customer and shareholder confidence. This webinar discusses the best practices and the role of technology for regulatory compliace, corporate governance and risk Management. Enterprise Risk Management (ERM) In The Extended Enterprise: Including Planning For New Standard And Poor's Erm Guidelines For Non Financial Companies The webinar covers key ERM principles and components defined in risk standards such as COSO ERM as well as AS/NZS 4360:2004, Standard and Poor's proposed implementation of ERM in companies for their respective debt rating evaluation process and integration of Enterprise Risk Management and Internal Audit standards, methodologies, recommendations and legislation Enterprise-wide Risk Management (ERM) For Energy and Utilities Companies This seminar provides insights into various ERM concepts and tools and their usage and give you an opportunity to refine your current ERM programs/strategy. Integrated Risk And Compliance Management For Energy Companies: Best Practices And Case Studies For Meeting FERC, NERC, SOX And Other Regulatory Requirements This webinar discusses best practices and case studies on centralized documentation of requirements, risks, controls, assessments, and related policies and procedures for systematic compliance Management; integrated, closed loop compliance processes for identification, recording, reporting and remediation of issues, violations and exceptions; compliance monitoring on role-based dashboards, control diagrams, and risk heat maps that provide real-time reporting and analytics; reducing compliance costs through business process automation and efficient resource utilization. Internal Audits and Risk Management For Banks And Financial Services: Best Practices And Role Of Technology This webinar on risk Management and internal audits role of technology in banks and financial services companies where we will discuss centralized risk frameworks that enables risk computations based on configurable methodologies and algorithms, risk heat maps and dashboards for enterprise wide visibility into the risk Management process, streamlining the internal audit cycle, including development of findings, recommendations, action plans and closure cycles and integrated framework for managing compliance requirements for Basel II, Anti Money Laundering, Patriot Act, NASD, SEC, SOX regulations. Linking The SOX Compliance Process To The Pcaob's Audit Standard Number 5 To Maximize Compliance Effectiveness This webinar provides fundamental background on PCAOB's Standard No 5 and focuses on how companies can take advantage of the information provided in the standard to achieve cost-effective and sustainable SOX compliance. Managing Enterprise - Wide Governance, Risk And Compliance With A Common Platform For Better Business Performance This discussion will cover the benefits of an enterprise-wide platform-based approach for policy and procedure Management, risk and control Management, loss and investigations Management, GRC analytics and modeling, financial controls and SOX compliance, frameworks like COSO and COBIT and workplace compliance and company ethics. Operational Risk: Roadmap To Advanced Measurement Approach (AMA) This webinar covers the regulatory landscape for Banking and Financial Institutions with focus on Operational Risk, Basel II and its implications on Operational Risk Management, the need to develop an approach for AMA for effective Management of Operational Risk and ways to meet the qualifying criteria for implementing AMA. Overview Of The Key Components Of A Risk Management Program For FDA Industry Manufacturers As risk cannot be completely eliminated, the risk that remains must be managed. This session provides a comprehensive overview of the key concepts and principles associated with risk Management and identify the use of best practices being used by manufacturers to facilitate this. Role Of Technology As A Driver For Enterprise Wide GRC The role of the CIO is rapidly evolving to move beyond IT to play a critical role in ensuring the optimization of technology for the enterprise wide GRC program with best practices and thought leadership gained from deploying IT GRC solutions. Technology components including strong workflow, communication, document Management and integration to external systems are essential to an enterprise wide initiative and to drive consistency and efficiency across the organization. Streamlining It Audits And Compliance For Effective Risk Management This webinar explores how companies are improving performance and driving down costs of IT compliance by implementing next generation IT-GRC systems. The Unexpected Benefits Of Governance Risk And Compliance The evolution of capital markets, globalization and macroeconomic changes are not just increasing the challenges but also creating unprecedented opportunities for companies. Performance Challenges in Complex Demand and Supply Chains: How to Managing Risks and Operational Compliance This webinar, with AMR Research Vice President and Research Fellow, John Hagerty, outlines a strategic approach to risk Management, operational compliance and quality Management to address these challenges that many forward- Better Business Performance and Improved Bottom-line through an integrated Enterprise wide Risk Management (ERM) program This webinar with Michael Rasmussen, President of Corporate Integrity, outlines best practices and a step by step approach to implementing an enterprise wide risk Management program. A special focus of the webinar will be on leveraging ERM to improve the company debt ratings and developing solutions to managing ERM in the extended enterprise with a global supply chain. GRC assurance program through continuous auditing Organizations are exposed to governance, compliance and operational risks on a continuous basis. Coupled with the current economic, regulatory and social climate, these risks have propelled corporate governance, compliance Management and integrity to a top business priority. An effective internal audit (IA) provides the much needed assurance to the Management, the board and the audit committee. Top

Datasheets Banking and Financial Services Solution Sheet As a result of the growing regulatory environment and a greater focus on enterprise risk management, leading financial institutions are defining governance, risk and compliance (GRC) processes to provide broad oversight and management of risk and compliance activities. The MetricStream Compliance Platform becomes the nucleus of a corporate governance ecosystem, coordinating all governance, risk, compliance and quality management activities throughout the enterprise via a single management system. Compliance Management Datasheet As companies move to meet a variety of compliance deadlines, they often structure one-time projects to meet statutory due dates and internal goals. However, compliance is not a one-time event. MetricStream Compliance Management solution provides a common framework and a federated approach to manage all compliance requirements faced by an organization. Internal Audit Datasheet Effective risk management and compliance with regulations and policies drive the need for ongoing auditing in organizations. MetricStream's Internal Audit Management solution is a comprehensive application designed to help companies manage a wide range of audit-related activities, data and processes. PCI Compliance Solution Sheet MetricStream offers a comprehensive solution for sustainable PCI compliance based on industry best practices. The solution enables identifying key risks across the enterprise, conducting investigation for root cause analysis, defining controls for mitigating risks, and evaluating the effectiveness of controls through assessment plans while lowering the overall cost of compliance. Risk Management Datasheet Gaining visibility and control on the multitude of internal and external risks is one of the top priorities of corporations today. With the recent rise in regulatory mandates and increasingly active shareholders, many organizations have become sensitized to identifying areas of risk in their business: whether it is financial, operational, IT, brand or reputation related risk. MetricStream provides an integrated and flexible framework for documenting and assessing risks, defining controls, managing audits, identifying issues and implementing recommendations and remediation plans. Risk Management in Life Sciences Datasheet Life sciences industry need to adopt a more proactive and structured enterprise risk management (ERM) system. Risk Managers in life sciences industry, today, are assigned the critical role of recognizing and eliminating the inherent risks (endangering the safety or performance), minimizing their effects, evaluating the controls and remedies, documenting the procedures. Top

Case Studies Safety and Operational Audit Solution for an Airline As one of the largest airlines with scheduled jet service to approximately 150 destinations, having effective quality and safety management systems with necessary control framework is critical for the company to ensure safety of the passengers and meeting regulatory compliance requirements. Automating Compliance Management The company embarked on an initiative to fully comply with Sarbanes-Oxley regulations. As the company evaluated its current state of compliance preparedness, it identified a number of inherent challenges. The company managed regulatory changes in silos, focused narrowly on compliance, and used compartmentalized regulatory controls... NAIC MAR Compliance Solution for a Health Insurance Provider NAIC MAR Compliance Solution for Leading provider of health insurance in a mid-western state. The Insurance company is a leading provider of health insurance to large companies, small businesses, families and individuals in a mid-western state in the USA and an affiliate of Blue Cross Blue Shield (BCBS) Association. With a long tradition of healthcare coverage that started in the 1930s, the client provides benefit administration for nearly 717,000 people today. Powering Compliance at an Energy Major One of the largest electric utilities in the US with a generation capacity of about 30,000 MW and has revenues of more than $10 billion: MetricStream is enabling the company to adopt an integrated compliance strategy through an enterprise-level framework for managing all regulatory requirements and ERM programs. The solution provides comprehensive functionality for SOX Compliance and ERM as well as FERC and NERC regulations and corporate policies for standard of conduct. ERM: Aligning Risk Management to Corporate Goals A global organization with a robust product portfolio, multiple distribution channels and a complex regulatory scenario: Legal and regulatory requirements drove the need for a more robust approach to risk management. The recognition of the fact that much of company's risk exposure was not covered led the senior management to look for an innovative comprehensive solution that could help them identify the gaps or inefficiencies in their risk coverage, apply a maturity risk model to help identify current and desired future states and develop plans to help close gaps and overcome inherent inconsistencies. Automating Key Business Processes for Internal Audits and Regulatory Compliance For Banking Institutions, the need of the hour was a centralized audit management framework that could automate and manage entire audit life cycle - from planning and scheduling audits to developing standard audit plans, collecting field data, developing and reviewing audit reports and recommendations, and implementing audit recommendations and remediation. Internal Audit Solution for a Global Bank One of the world's leading global wealth management, a top global investment banking and securities firm, and one of the largest global asset management company having $450 billion in client assets, undertook a comprehensive evaluation of the existing incumbent vendor along with all the leading GRC platform vendors. The systems were examined in detail for integrated capabilities of Internal Audit and Risk Management along with Compliance and Document Management. Leveraging Technology to Rationalize and Streamline Compliance Efforts The largest electronic stock market in the US with over 3, 200 listed companies: MetricStream addressed governance, risk and compliance with a broad, multi-regulatory platform that solved the current business problems as well as delivered the capability to be easily extended to address newer requirements that may arise in the future. Automating Loss Management in a Global Bank Loss prevention is an important aspect of risk management; and endeavors to optimize performance of the bank by understanding, and mitigating the effects of adverse operational losses on its business. Top

Solution Briefs Effective Internal Audit Management The pressure to maintain performance and meet expectations during the economic downturn has necessitated corresponding increase in the knowledge, skills, and expertise of internal audit professionals. The MetricStream solution for Internal Audits provides dependable automation and protection from risk management perspective and regulatory standpoint. Integrated GRC in Financial Services: Improving visibility and increasing effectiveness Recognizing the virtues of centralized GRC models, several forward-thinking institutions have already launched convergence efforts - integrating risk, compliance and control processes. The transition from traditional silo-focused systems to a holistic approach has plentiful benefits. Business Continuity Management: Planning for Cost-effective Recovery and Resiliency In today?s fast-paced, volatile business climate, organizations cannot risk having outdated, incomplete, or inefficient plans. They need to automate the plan building and maintenance processes. For this reason, many organizations are searching for a planning tool developed to meet specific needs and regulatory requirements. This paper outlines and discusses how MetricStream's continuity planning and risk management solution can help organizations meet disaster recovery requirements. Energy Risk Management (ERM): A Front End Process for Compliance Management Activities in Energy and Utility Companies While risk managers in all industries are grappling with the problems of performing real-time risk measurement and mitigation, risk managers in the energy and utilities sector have to tackle additional complexities due to the inherent nature of the business. Optimizing risk and returns in generation plant usage, delivery schedules, natural gas and electricity selling prices, deliveries, oil pipeline usage and cash flows is a formidable task. As a result, companies in this sector are looking to systematically identify, measure, prioritize and respond to all types of risk in the business. Enterprise Risk Management (ERM): A GRC Based Approach to Risk and Reward Management At MetricStream we challenge ourselves and our customers to adopt an approach to risk management that enables us to utilize ERM in the broader context of Governance, Risk and Compliance (GRC) Management: to mitigate risks and also revisit their business processes to capture value generating business opportunities. Concepts and viewpoints herein build upon our experiences with our customers across industry in helping them reengineer their business processes to bring about a change in how they view, mitigate and profit from business risks. Operational Risk Management (ORM): A Roadmap to Better Business Performance in Banks and Financial Institutions The regulators of financial companies and banks are demanding a far greater level of insight and awareness by directors about the risks they manage, and the effectiveness of the controls they have in place to reduce or mitigate these risks. Further, compliance regulations, like Basel II and SOX, mandate a focus on operational risks, forcing financial organizations to identify, measure, evaluate, control and manage this ubiquitous risk. This has led to an increased emphasis on the importance of having a sound operational risk management (ORM) practice in place, especially when dealing with internal capital assessment and allocation process. This makes ORM one of the most complex and fastest growing risk disciplines in financial institutions. Risk Management in Life Sciences The life sciences industry has always been under close scrutiny, leading to rising audit burdens, quality inspections, and fines. Pressure to track consumer usage, continuously monitor the history and life cycle of a drug increases risks in conducting business operations. To overcome these risks, life sciences industry need to adopt a more proactive and structured enterprise risk management (ERM) system. Risk Managers in life sciences industry, today, are assigned the critical role of recognizing and eliminating the inherent risks (endangering the safety or performance), minimizing their effects, evaluating the controls and remedies, documenting the procedures, and so on. Top