%202.svg){kind=small}
.jpg?width=500&height=276&name=filter%20group%20of%20people%20at%20desk%20laptop%20laughing%202021-10%20(1).jpg)
-1.jpeg?width=500&height=276&name=Indiana%20Department%20of%20Transportation%20Case%20Study%202023-03%20(3)-1.jpeg)
.jpg?width=500&height=276&name=Multichannel%20pipette%20tips%20reaction%20mixture%20plastic%20wells%202022-05%20(1).jpg)
.jpg?width=500&height=276&name=Servers%20data%20center%20room%20with%20bright%20speed%20light%202022-05%20(3).jpg)
Language:
-1.png?width=600&height=600&name=josh%20with%20dark%20glasses%20looking%20down%202022-02%20(1)-1.png)
-1.png?width=345&height=286&name=josh%20with%20dark%20glasses%20looking%20down%202022-02%20(1)-1.png)
Thirdera Blueprint
IRM Foundations
Roll your Integrated Risk Management (IRM) program into ServiceNow with an offering that accelerates delivery of three core GRC components - Policy & Compliance, Risk Management, and Audit Management.
Engagement Manager
Responsible for providing leadership and direction to achieve growth and transformation.
Business Process Analyst
Analyzes business requirements and provides system design while implementing system solutions.
Technical Team
Comprised of a Technical Lead and Solution Architect, Thirdera's technical resources utilize advanced platform knowledge and best practices to ensure smooth technical operations and client satisfaction.
Project Scope
Thirdera's IRM Foundations Blueprint includes a robust list of deliverables to set your IRM program on course for long-term success. Guided by proven best practices, our team of advisory and technical experts configures and implements a solution best fit for your unique needs while establishing a foundation of knowledge to promote ongoing maturation. Key deliverables include:
- Load core data including Risk and Compliance frameworks, policies, risk statements, control objectives, and audit engagements
- Define initial register of assets, services, and/or functions for which controls and risks can be mapped to (known in ServiceNow as entities).
- Configure policy lifecycle, including ownership, policy acknowledgement campaigns, and policy exception workflow and notifications
- Establish control lifecycle, including ownership, mechanisms for determining compliance status, and issue process for handling non-compliance
- Setup risk lifecycle, including initial risk assessment methodology, risk scoring, and risk response workflows
- Establish audit engagement lifecycle, including audit tasks, initial control test templates, audit templates, and issue process for handling audit findings
- Configure notifications, reports, and dashboards from templates
- Setup of the three relevant Workspace UIs (Compliance, Risk, Audit) to provide concise user experiences
- Provide Functional Overview, Technical Knowledge Transfer, and UAT Support for each release
Outcomes
Clear Ownership
Complete Visibility
Consolidated View
Process Automation
Dedicated Workspaces
Data-Driven Analytics
Let's get started
Connect with our Risk experts for a detailed look at what an assessment would look like at your organization and how to improve your IRM program.
