Nasdaq Bwise: A Holistic Approach to GRC
Adena Friedman, President & CEO“BWise is the underlining foundation of our GRC portfolio, it has earned quite a bit of recognition as a result of the rapid success that customers have seen after their implementation of BWise,” says Adena Friedman, President and CEO of Nasdaq. The BWise eGRC platform is specifically designed to assist organizations in managing and ensuring compliance on a holistic level, empowering stakeholders with more relevant insights into their operations.
BWise, the Cornerstone of GRC
The firm’s eGRC platform offers role-based solutions for organizations to perform internal audit, risk management, compliance and policy management, internal control, information security, and sustainability performance management. This provides greater transparency to organizations, enabling them to have seamless control over financial and reputational risks, as well as giving them oversight of companywide risk mitigation and compliance action plans in one integrated system. With a single repository to effectively manage critical corporate policies, clients can achieve corporate accountability, improved financial, strategic and operational efficiencies, lower risk profiles and incident costs, and improved performance.
It also assists clients to work from one common risk taxonomy and focus on business outcomes with a common language for internal audit, risk, and compliance.
BWise eGRC platform also includes some exclusive features such as sending real-time alerts, automatically attaching emails, and RESTful API enhancement enabling integration of the BWise GRC platform with any third party application for audit planning, incident management or trade surveillance and more. The company keeps track of changing regulations from various sources including StateScape, ERC Portal, FINRA, and UCF, and gives real-time regulatory alerts to assist the compliance team in identifying how changing regulations impact their strategies, processes, and policies. Using BWise, organizations can also review their anti-corruption policies and procedures to comply with all the relevant statutes like FCPA and the UK Bribery Act, the Sarbanes-Oxley Act, European Corporate Governance Codes, ISAE3402/SAS-70, PCI-DSS, Solvency II, Basel II and III, Dodd-Frank, ISO-standards, and many more.
Additionally, information security remains at the forefront of organizational concerns since external forces, such as cyber and third-party relationships are exacerbating the likelihood and impact of unwanted risk events. The consequences of these events can be significant and are challenging risk management programs to stay up to date and codify the range of organizational threats. For example, data breaches at organizations such as Target and Sony can erode loss of customer and stakeholder trust, pose monetary penalties for businesses that fail to comply with data protection legislation and lead to drastic financial losses and depreciation of shareholder value in the hundreds of millions of dollars.
Complimenting the Prerequisites of Compliance
To help companies meet all relevant information security regulations, industry standards, and contractual obligations, BWise has integrated an information security solution—BWise Information Security (InfoSec) within the BWise GRC Platform.
BWise is the underlining foundation of our GRC portfolio, it has earned quite a bit of recognition as a result of the rapid success that customers have seen
Additionally, information security remains at the forefront of organizational concerns since external forces, such as cyber and third-party relationships are exacerbating the likelihood and impact of unwanted risk events. The consequences of these events can be significant and are challenging risk management programs to stay up to date and codify the range of organizational threats. For example, data breaches at organizations such as Target and Sony can erode loss of customer and stakeholder trust, pose monetary penalties for businesses that fail to comply with data protection legislation and lead to drastic financial losses and depreciation of shareholder value in the hundreds of millions of dollars.
Complimenting the Prerequisites of Compliance
To help companies meet all relevant information security regulations, industry standards, and contractual obligations, BWise has integrated an information security solution—BWise Information Security (InfoSec) within the BWise GRC Platform.
“By integrating information security within the BWise GRC Platform we can take a risk-based approach to providing CISOs with a holistic view of IT risks, including cyber risk,” says Adena. BWise InfoSec also helps users execute treatment plans for remediation and ensure appropriate follow up of non-conformities. Its strong reporting capabilities allow users to generate a Statement of Applicability, as defined by ISO 27001, and a security assessment report–directly from the application with a single click.
The information security solution also integrates with vulnerability scanners, security incident and event monitoring tools, baseline analyzers, and IT incident ticketing tools to help organizations protect privacy and provide confidentiality, integrity, and availability of critical information assets. It offers real-time insights into the threats and vulnerabilities that may affect an organization’s information security management system and enables users to respond immediately in case of any security breaches. The firm differentiates for its unique IT security services that aim to improve the agility, flexibility, and cost-effectiveness of the next generation needs of information security and compliance programs worldwide.
The latest version of the platform is built upon proven technology with a new user interface designed to support GRC professionals in their missions, better than ever before. The firm intends to embrace new technologies and address critical industry requisites in the coming years. It aims to unveil innovative products that will set benchmarks of excellence in helping companies achieve their business goals, build trust, and be transparent, whether it is driven by GRC, board and leadership communications or trade risk management and surveillance efforts.
As the years ahead look promising for Nasdaq BWise, it will focus on providing stronger security, accessibility, performance, and exemplary customer service. With ethos rooted in constant innovation for customer success, the firm will continue to take its holistic risk-driven approach for enabling organizations to identify potential pitfalls in areas of data protection, risk, and compliance, significantly providing a framework to effectively manage them.
The information security solution also integrates with vulnerability scanners, security incident and event monitoring tools, baseline analyzers, and IT incident ticketing tools to help organizations protect privacy and provide confidentiality, integrity, and availability of critical information assets. It offers real-time insights into the threats and vulnerabilities that may affect an organization’s information security management system and enables users to respond immediately in case of any security breaches. The firm differentiates for its unique IT security services that aim to improve the agility, flexibility, and cost-effectiveness of the next generation needs of information security and compliance programs worldwide. The latest version of the platform is built upon proven technology with a new user interface designed to support GRC professionals in their missions, better than ever before. The firm intends to embrace new technologies and address critical industry requisites in the coming years. It aims to unveil innovative products that will set benchmarks of excellence in helping companies achieve their business goals, build trust, and be transparent, whether it is driven by GRC, board and leadership communications or trade risk management and surveillance efforts.
As the years ahead look promising for Nasdaq BWise, it will focus on providing stronger security, accessibility, performance, and exemplary customer service. With ethos rooted in constant innovation for customer success, the firm will continue to take its holistic risk-driven approach for enabling organizations to identify potential pitfalls in areas of data protection, risk, and compliance, significantly providing a framework to effectively manage them.
July 04, 2018
