l I I l /[ BASELINE I IORGANIZATIONALX
US 20090265209A1
(19) United States (12) Patent Application Publication (10) Pub. No.: US 2009/0265209 A1 (43) Pub. Date:
Swaminathan et al. (54)
SYSTEM AND METHOD FOR GOVERNANCE, RISK’ AND COMPLIANCE MANAGEMENT
Oct. 22, 2009
(60)
Related US. Application Data Provisional application No. 61/ 125,063, ?led on Apr.
(51)
?led On 1111- 16, 2008. Publication Classi?cation I t Cl
21, 2008, provisional application No. 61/081,291, (75)
Inventors:
Murali Swaminathan, Fremont, CA (Us); David Israel’ San Jose’ CA (US); Poornima T. Ramarao, -
n
Cupemno’ CA (Us)
.
.
G06Q 10/00 (52)
(2006.01)
US. Cl. ............................................... .. 705/9; 705/7
Correspondence Address: BAKER BOTTS LLP 2001 ROSS AVENUE, SUITE 600
(57) ABSTRACT A method for governance, risk, and compliance management
DALLAS, TX 75201-2980 (US)
may include at a user interface, enabling a user to de?ne a
project template including a list of related controls, one or _
_
(73) Asslgnee?
_
more control templates, and a testing project con?guration
Computer Assoclates Thlnk-I Inc” I51and1a,NY (Us)
(“TPC”) ?le for each control of a plurality of controls. The user may initiate a testing project by selecting the project template. The method may further include, in response to
_
selection of the project template, at the one or more proces
(21) Appl' NO"
12/426’036
(22) Filed:
Apr. 17, 2009
sors, automatically generating a list of tasks to be performed to test the related controls and automatically outputting the list of tasks.
INVESTMENT
RISK
(BUSINESS PROCESS)
ASSESSMENT DETERMINES MATERIALITY
RISK
|
EvALuATION DETERMINE
|
EFFECTIVENESS
|
I
\
| DECOMPOSES
I
|
INTO
I 132 |
M'T'GATE
I
REQUIREMENT SPECIFIC f
INTO
1
COMMON
I
l
COPIED INTO
Is ATTESTED BY
_____ _.
ARE
| IIvIPLEIvIENTED I
THROUGH
ARE
Is
FOLLOWED BY
RESPONSIBLE FOR
OBJECTIVE 1
I
I l
|_ _ _ _ _ __ _ J
‘
CONTROL E 1
CONTROL
I30
I
----- --J
I ARE MET BY |
|
|
‘ELTREETITTESTLW
A
---—_#
ARE MAPPED
|
MATURITY
I ASSESSMENT j
METRICS 7——I A
_____ __\
‘
138
/[ BASELINE I IORGANIZATIONALX STANDARD
UNIT
F
PROTECT ARE FOLLOWED BY
150
'8 RESPONSIBLE FOR
INvESTNIENT
INVESTMENT
(ASSET)
(PROJECT)
Patent Application Publication
Oct. 22, 2009 Sheet 2 0f 23
US 2009/0265209 Al
om?
SE2/8
85 2L5 :93E320::53m5?
\ \ / /
52vm96w7a2z35;m8 E5Wmz2M/Q%ga
wzéoi83mg
El/
N3wm9za5mE \?znmza
_ _ _ _ _ _
o3
E DSE28
$8/?/wziwEéQ2D2EK236 WEN.bNK5a: / \
_
{
/
L0N?15%
Patent Application Publication
Oct. 22, 2009 Sheet 4 0f 23
US 2009/0265209 A1
1040 NETWORK
Patent Application Publication
Oct. 22, 2009 Sheet 8 0f 23
US 2009/0265209 A1
G8S:E5620
BMW NM mww mm mu “mm m3who@wmNME522 QQ$a580aszgiczwém? QQ85 5 2352 QQ32 828268 QQweEV292m2wm5cwE
dmememsmn25
(19) United States (12) Patent Application Publication (10) Pub. No.: US 2009/0265209 A1 (43) Pub. Date:
Swaminathan et al. (54)
SYSTEM AND METHOD FOR GOVERNANCE, RISK’ AND COMPLIANCE MANAGEMENT
Oct. 22, 2009
(60)
Related US. Application Data Provisional application No. 61/ 125,063, ?led on Apr.
(51)
?led On 1111- 16, 2008. Publication Classi?cation I t Cl
21, 2008, provisional application No. 61/081,291, (75)
Inventors:
Murali Swaminathan, Fremont, CA (Us); David Israel’ San Jose’ CA (US); Poornima T. Ramarao, -
n
Cupemno’ CA (Us)
.
.
G06Q 10/00 (52)
(2006.01)
US. Cl. ............................................... .. 705/9; 705/7
Correspondence Address: BAKER BOTTS LLP 2001 ROSS AVENUE, SUITE 600
(57) ABSTRACT A method for governance, risk, and compliance management
DALLAS, TX 75201-2980 (US)
may include at a user interface, enabling a user to de?ne a
project template including a list of related controls, one or _
_
(73) Asslgnee?
_
more control templates, and a testing project con?guration
Computer Assoclates Thlnk-I Inc” I51and1a,NY (Us)
(“TPC”) ?le for each control of a plurality of controls. The user may initiate a testing project by selecting the project template. The method may further include, in response to
_
selection of the project template, at the one or more proces
(21) Appl' NO"
12/426’036
(22) Filed:
Apr. 17, 2009
sors, automatically generating a list of tasks to be performed to test the related controls and automatically outputting the list of tasks.
INVESTMENT
RISK
(BUSINESS PROCESS)
ASSESSMENT DETERMINES MATERIALITY
RISK
|
EvALuATION DETERMINE
|
EFFECTIVENESS
|
I
\
| DECOMPOSES
I
|
INTO
I 132 |
M'T'GATE
I
REQUIREMENT SPECIFIC f
INTO
1
COMMON
I
l
COPIED INTO
Is ATTESTED BY
_____ _.
ARE
| IIvIPLEIvIENTED I
THROUGH
ARE
Is
FOLLOWED BY
RESPONSIBLE FOR
OBJECTIVE 1
I
I l
|_ _ _ _ _ __ _ J
‘
CONTROL E 1
CONTROL
I30
I
----- --J
I ARE MET BY |
|
|
‘ELTREETITTESTLW
A
---—_#
ARE MAPPED
|
MATURITY
I ASSESSMENT j
METRICS 7——I A
_____ __\
‘
138
/[ BASELINE I IORGANIZATIONALX STANDARD
UNIT
F
PROTECT ARE FOLLOWED BY
150
'8 RESPONSIBLE FOR
INvESTNIENT
INVESTMENT
(ASSET)
(PROJECT)
Patent Application Publication
Oct. 22, 2009 Sheet 2 0f 23
US 2009/0265209 Al
om?
SE2/8
85 2L5 :93E320::53m5?
\ \ / /
52vm96w7a2z35;m8 E5Wmz2M/Q%ga
wzéoi83mg
El/
N3wm9za5mE \?znmza
_ _ _ _ _ _
o3
E DSE28
$8/?/wziwEéQ2D2EK236 WEN.bNK5a: / \
_
{
/
L0N?15%
Patent Application Publication
Oct. 22, 2009 Sheet 4 0f 23
US 2009/0265209 A1
1040 NETWORK
Patent Application Publication
Oct. 22, 2009 Sheet 8 0f 23
US 2009/0265209 A1
G8S:E5620
BMW NM mww mm mu “mm m3who@wmNME522 QQ$a580aszgiczwém? QQ85 5 2352 QQ32 828268 QQweEV292m2wm5cwE
dmememsmn25
