Oracle Press Release

Oracle Delivers New Governance Risk and Compliance Suite with Vital Policy Oversight and Control Execution Integration

Oracle Enterprise GRC Application Suite is the Industry’s First Integrated GRC Platform

Redwood Shores, Calif. – December 7, 2009

News Facts

Continuing its leadership in enterprise governance, risk and compliance (GRC) platforms, Oracle has extended its Governance, Risk, and Compliance application suite, offering a complete, end-to-end, integrated answer to GRC needs.
Oracle has introduced Oracle® Enterprise Governance, Risk, and Compliance Manager (Oracle Enterprise GRC Manager) and the latest release of Oracle Enterprise Governance, Risk, and Compliance Controls (Oracle Enterprise GRC Controls) to deliver a unique, closed-loop approach to regulatory compliance, risk management, and controls automation.
Oracle’s Enterprise GRC Manager and Enterprise GRC Controls are tightly integrated so organizations can align the identification, assessment, and prioritization of risks with the ideal risk treatment through a combination of both manual and automated controls. This integrated approach gives organizations an enterprise understanding of which risks are critical and enables an immediate and coordinated response.

Oracle Enterprise GRC Manager Features and Benefits

Oracle Enterprise GRC Manager supports cross-enterprise, risk-based modeling, analysis, treatment and decision making, allowing organizations to embed clear accountabilities for risk management and control across the enterprise.
The adaptive application reduces tedious and overlapping tasks, while allowing separate lines of business to address the distinct risk management requirements faced by their organization.
Oracle Enterprise GRC Manager provides:
A single system to manage interdependent risks and compliance initiatives. Common enterprise processes help identify correlated risks and consolidate the tracking of results from control testing across multiple GRC initiatives.
A single system to manage enterprise-wide risk and compliance initiatives also enables organizations to significantly reduce the cost of auditing and governing change management processes on their enterprise controls.
Complete support for financial compliance (SOX/AS5) with top-down, risk-based scoping and a flexible, hierarchical certification process.
Integrated support for enterprise risk management that promotes risk awareness, conducts assessments, simplifies measurement, identifies effective controls and helps organizations remove unnecessary business risk.
Enterprise GRC Manager is built on Oracle Fusion Middleware 11g, the #1 application infrastructure foundation, offering a complete and open solution that is easily integrated to systems such as the Oracle E-Business Suite, Oracle’s JD Edwards EnterpriseOne, Oracle’s PeopleSoft Enterprise and Oracle Hyperion Performance Management, Enterprise GRC Manager is also designed on an open, standards-based architecture which provides support for non-Oracle packaged applications and bespoke applications in heterogeneous multi-vendor environments.

Oracle Enterprise GRC Controls Features and Benefits

Oracle GRC Controls continuously monitors automated controls in enterprise applications and helps mitigate exposure to fraud and error. With this new release, fraud detection and improved business process integrity and performance is enabled via a business rules engine that programmatically looks for violations and anomalies in transactions.
The latest release of Oracle Enterprise GRC Controls includes new versions of Oracle Enterprise Transaction Controls Governor (Oracle Enterprise TCG) and Oracle Application Access Controls Governor (Oracle AACG).
Oracle Enterprise TCG introduces statistical logic to uncover suspect and out-of-policy transactions, allowing the reduction of false positives. By spotting anomalies before they incur large losses and limiting exposure to fraud and wastage, Oracle Enterprise TCG can reduce the time and cost from errors and remediation, prevent the escalation of risk, and optimize business performance. Business-users can also intuitively author sophisticated access, master data, and transaction controls.
Oracle AACG delivers advanced simulation capabilities to graphically detect segregation of duties conflicts and sensibly advise on issues, remediation plans and potential impact.

Supporting Quotes

According to Gartner, "The Enterprise GRC platform market derives from the need for many entities to improve the oversight of corporate governance — including financial reporting compliance, enterprise risk management and related audits. Many organizations also want to consolidate other GRC activities into a common platform. Therefore, an EGRC platform must solve immediate GRCM needs associated with corporate governance and also enable an enterprise to pursue future consolidation and integration of GRC activities."1
The recent financial climate has companies looking for ways to drive cost out of the compliance process, without sacrificing the quality of internal controls and the various regulatory reporting processes," said Joseph DeVita, Oracle Governance, Risk and Compliance leader at PricewaterhouseCoopers. "The new capabilities offered by Oracle Enterprise GRC Manager and the Enterprise GRC Controls can help protect customers’ business processes by enabling tighter controls and expose suspect transactions and other emerging risks. The capabilities include real-time controls monitoring and enforcement, combined with proactive risk management, which can help companies realize compliance cost and time savings."
“For many organizations, the greatest GRC challenge is creating a consolidated view of compliance, risk and internal controls,” said Chris Leone, group vice president, Oracle applications development. “Oracle Governance, Risk, and Compliance application suite addresses this challenge by providing a complete, open, and integrated platform that provides the flexibility needed to efficiently and intelligently manage GRC programs. By coupling visibility across business functions with advanced risk analysis and fraud prevention, it not only helps organizations put the process in place to facilitate GRC initiatives, it can also improve the predictability of their business results.”

Supporting Resources

About Oracle

Oracle (NASDAQ: ORCL) is the world's largest business software company. For more information about Oracle, please visit our Web site at http://www.oracle.com.

Trademarks

Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners.

Contact Info

Danielle Cormier
Oracle
+1.610.766.3463
danielle.cormier@oracle.com

Simon Jones
Blanc & Otus
+1.415.856.5115
sjones@blancandotus.com

1 French Caldwell, Tom Eid, Carsten Casper, Gartner Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms, August 12, 2009.