GRC Solutions by Regulation

The GRC regulatory landscape is a complex and ever-changing environment. Professionals and scholars working in this field continue to produce new guidelines and tweak existing ones. This creates a dense, and moving target for the ethics and compliance practitioners charged with guiding their organisations clear of the myriad forms of non-compliance. Most notably are regulations like the Foreign Corrupt Practices Act (FCPA), Sarbanes Oxley Act (SOX), and the U.K. Bribery Act, but additional forms of misconduct are further identified in regulations such as HIPAA and the recently launched General Data Protection Regulation (GDPR). And these are just scratching the surface. Ensure your organisation understands the standards and regulations that apply to its business and implements the proper tools to meet those standards.

GDPR

Meet the General Data Protection Regulation's requirements for data privacy, security and governance.

FCPA

Identify, track and manage risks and liabilities associated with Foreign Corrupt Practices Act (FCPA) requirements.

SOX

Ensure you have the correct security measures in place to meet the data protection requirements of the Sarbanes-Oxley Act (SOX) and proof of compliance in the event of a SOX audit.

HIPAA

We help healthcare providers meet the stringent privacy and security requirements of the Health Insurance Portability and Accountability Act (HIPAA).

CCPA

We help companies that are subject to the CCPA comply with the data privacy law by creating mechanisms that allow California residents to exercise those rights.

OSHA

Compliance with the wide scope of OSHA regulations – from injury reporting systems to whistleblower protections, from limits to beryllium exposure to respirator specs – is complex. Let us help you with a systematic approach.

PCI DSS

We can help you systematise the increasingly complex, high-stakes process of financial data privacy.

DOJ Corporate Guidance

We help compliance professionals address the new DOJ Guidance on corporate compliance programs.

ISO 27001

We enable a more efficient, more effective ISO 27001 program and allow you to continuously monitor and evolve your organisation’s ISMS.

NERC CIP

NERC CIP requirements control cyber assets and infrastructure, such as electronic security perimeters, as well as physical assets. Our platform simplifies NERC CIP compliance.

NIST CSF

This risk-based cybersecurity framework is used internationally to provide a common language and foundation for managing cybersecurity risk.

NYDFS

New York financial services firms must comply with 23 NYCRR 500, a regulation from the New York Department of Financial Services (NYDFS) that places cybersecurity requirements on all covered NY financial institutions.

EU Whistleblower Directive

Ensure your anonymous whistleblowing system and processes meet the new EU Whistleblower Protection Directive.

UK Modern Slavery Act

Meet the stringent transparency requirements of the UK Modern Slavery Act.

UK Bribery Act

Meet UK Bribery Act requirements and avoid the risk and reputational damage that can come with non-compliance.