GRC Platform

MetricStream GRC Platform is the underlying infrastructure for all MetricStream solutions. Built on the J2EE architecture, the platform provides core services that enable rapid development and deployment of web-based applications that drive enterprise process management for governance, risk, compliance and quality programs.

Business processes within companies are increasingly being driven by the need to ensure compliance with various regulatory mandates, risk assurance policies and quality standards. MetricStream GRC Platform provides a common framework for supporting all risk, compliance and quality management processes in a company and driving effective risk management and corporate governance. Solutions built and deployed on the platform tightly integrate together to give the users and management a seamless environment which functions as a single system for managing risk, regulatory and compliance related processes, issues, and data.

By adopting MetricStream GRC Platform, customers see tangible business benefits from consistent and closed-loop processes across sites and functions, real-time visibility and easy access to risk and compliance data, and a collaborative environment for improved co-ordination between teams.

New in Version 6
MetricStream GRC Platform Version 6 is packed with features and enhancements for greater ROI for customers.

Flexible and Extensible GRC Data Model: MetricStream GRC Platform 6 now includes the GRC Foundation - an extensive set of libraries for risks, controls, processes, policies, assets, organizations, regulations and other GRC elements. These entities are highly configurable, and can have attributes, relationships and workflows defined centrally and leveraged across the enterprise.

The platform architecture enables organizations to model functions such as Internal Audit, Operational Risk and Corporate Compliance in a comprehensive manner. It also enables the design of multi-disciplinary and integrated GRC ecosystems spanning a range of control and assurance processes such as Policy Management, Quality Management, Supplier Risks and Performance, IT Risks and Compliance, and Environment, Health and Safety (EHS).

The platform is equipped with enhanced adaptive capabilities, enabling customers to swiftly respond to changes in risks and regulatory requirements. These changes could occur from developments in business environments, entrance into new markets, the launch of new products, or acquisitions and restructures. New GRC data entities and objects can be built and seamlessly assimilated with the application environment, in adherence to specific customer requirements.

Intuitive User Experience and Collaboration: MetricStream GRC Platform 6 introduces a new level of simplicity and ease-of-use to enable successful adoption of GRC applications among users across the enterprise. The platform includes new usability standards for improved navigation and easy access to contextual information. It also enables highly intuitive visualization of relationships between organizations, processes, risks, controls and regulations.

The platform facilitates active GRC project management and efficient utilization of staff in large and globally dispersed teams. Advanced resource pool management, assignment tracking, milestones, distribution lists and shared calendars enable greater collaboration across the organization, and better prioritization of GRC activities.

Enhanced Security and Access Management: The platform contains a highly configurable and flexible security model for administering access and security to application users. Security administrators can enable or restrict access to various GRC library objects with a strong two-step definition process.

The system contains robust capabilities for security, access controls, identity management, audit trails, electronic signatures, encryption, authorization and authentication. These capabilities ensure compliance with various international, national and regional regulations on record keeping, privacy, and protection of the quality and integrity of data (such as HIPAA, PCI and 21 CFR Part 11).

Linking GRC with Business Performance: The platform enables performance management and decision making through business intelligence and analytics based on GRC information and data. This capability is designed to generate insights that business line managers can use to identify risks as well as opportunities in their day-to-day operations.