The GRC regulatory landscape is a complex and ever-changing environment. Professionals and scholars working in this field continue to produce new guidelines and tweak existing ones. This creates a dense, and moving target for the ethics and compliance practitioners charged with guiding their organisations clear of the myriad forms of non-compliance. Most notably are regulations like the Foreign Corrupt Practices Act (FCPA), Sarbanes Oxley Act (SOX), and the U.K. Bribery Act, but additional forms of misconduct are further identified in regulations such as HIPAA and the recently launched General Data Protection Regulation (GDPR). And these are just scratching the surface. Ensure your organisation understands the standards and regulations that apply to its business and implements the proper tools to meet those standards.
GRC Solutions by Regulation
Ensure your anonymous whistleblowing system and processes meet the new EU Whistleblower Protection Directive.
Meet the stringent transparency requirements of the UK Modern Slavery Act.
Meet UK Bribery Act requirements and avoid the risk and reputational damage that can come with non-compliance.
Build an Anti-Bribery and Corruption Programme that aligns with the French anti-corruption and whistleblower protection law, Sapin II.
Meet the General Data Protection Regulation’s requirements for data privacy, security and governance.
Identify, track and manage risks and liabilities associated with Foreign Corrupt Practices Act (FCPA) requirements.
Ensure you have the correct security measures in place to meet the data protection requirements of the Sarbanes-Oxley Act (SOX) and proof of compliance in the event of a SOX audit.
We help healthcare providers meet the stringent privacy and security requirements of the Health Insurance Portability and Accountability Act (HIPAA).
We enable a more efficient, more effective ISO 27001 programme and allow you to continuously monitor and evolve your organisation’s ISMS.
NERC CIP requirements control cyber assets and infrastructure, such as electronic security perimeters, as well as physical assets. Our platform simplifies NERC CIP compliance.
This risk-based cybersecurity framework is used internationally to provide a common language and foundation for managing cybersecurity risk.
New York financial services firms must comply with 23 NYCRR 500, a regulation from the New York Department of Financial Services (NYDFS) that places cybersecurity requirements on all covered NY financial institutions.
We help companies that are subject to the CCPA comply with the data privacy law by creating mechanisms that allow California residents to exercise those rights.
Compliance with the wide scope of OSHA regulations – from injury reporting systems to whistleblower protections, from limits to beryllium exposure to respirator specs – is complex. Let us help you with a systematic approach.
We can help you systematise the increasingly complex, high-stakes process of financial data privacy.
We help compliance professionals address the new DOJ Guidance on corporate compliance programmes.