Methods and systems for compliance program assessment
First Claim
Patent Images
1. A method for conducting a consistent, documented and yet repeatable compliance risk assessment and mitigation process, using a network-based system including a server system coupled to a centralized database and at least one client system, said method comprising the steps of:
- conducting a compliance program assessment;
conducting a prioritization of compliance risks;
identifying, for each compliance risk area, potential compliance failures and potential causes and effects of such compliance failures; and
ensuring that risk monitoring and control mechanisms are in place to mitigate compliance risks.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for identifying and quantifying compliance issues are described. In one embodiment, a system is configured to implement a method which comprises assessing at least one compliance program to identify potential risks and prioritizing the potential risks. The issues relating to the potential risks, for example, failure modes and root causes are identified and are mitigated and controlled.
-
Citations
118 Claims
-
1. A method for conducting a consistent, documented and yet repeatable compliance risk assessment and mitigation process, using a network-based system including a server system coupled to a centralized database and at least one client system, said method comprising the steps of:
-
conducting a compliance program assessment;
conducting a prioritization of compliance risks;
identifying, for each compliance risk area, potential compliance failures and potential causes and effects of such compliance failures; and
ensuring that risk monitoring and control mechanisms are in place to mitigate compliance risks. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. A system for identifying and quantifying compliance comprising:
-
at least one computer;
a server configured to read input information relating to identifying and quantifying compliance, assess at least one compliance program, prioritize risk, identify issues relating to the risk and mitigate and control to resolve the issues;
a network connecting said computer to said server; and
a user interface allowing a user to input information relating to identifying and quantifying compliance. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62)
-
-
63. A computer programmed to:
-
prompt a user to identify potential risks and failure modes and root causes associated with the risks within a compliance program;
prioritize the risks; and
prompt the user with at least one mitigation plan to deal with at least one of the identified risks, failure modes, and root causes. - View Dependent Claims (64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75)
-
-
76. A computer program embodied on a computer readable medium for managing compliance risk assessment to enable businesses to develop broader and deeper coverage of compliance risks, using a network based system including a server system coupled to a centralized database and at least one client system, said computer program comprising a code segment that:
-
develops a questionnaire based on list of compliance requirements and stores the questionnaire into a centralized database;
records and processes qualitative responses against each of the questions identified in the questionnaire;
converts the qualitative responses to quantitative results based on predetermined criteria and develops compliance risk assessment output to enable businesses to reduce risks and improve profits. - View Dependent Claims (77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89)
-
-
90. A database comprising:
-
data corresponding to identified potential risks;
data corresponding to prioritization of the risks; and
data corresponding to a mitigation and control plan. - View Dependent Claims (91, 92, 93, 94, 95, 96, 97, 98)
-
-
99. A method for compliance assessment comprising the steps of:
-
entering, into an electronic interface, identified compliance risks and failure modes and root causes associated with the compliance risks;
entering, into the electronic interface, compliance requirements; and
requesting, from the electronic interface, a mitigation and control plan. - View Dependent Claims (100, 101, 102, 103, 104, 105, 106, 107, 108, 109, 110)
-
-
111. A system configured for compliance assessment comprising:
-
at least one computer;
a server configured to provide a questionnaire which includes a plurality of binary questions relating to a compliance program and a definition of what constitutes an affirmative answer to the questions to identified process owners, compile answers received from the process owners, and summarize the questions and answers as an assessment of the compliance program;
a network connecting said computer to said server; and
a user interface allowing process owners and members of a cross functional team to enter information relating to a compliance assessment. - View Dependent Claims (112, 113, 114, 116, 117, 118)
-
-
115. A method for assessing a compliance program, said method comprising the steps of:
-
assembling a cross-functional team for determining what constitutes compliance;
creating a questionnaire including a plurality of binary questions relating to compliance and defining what constitutes an affirmative answer to the questions;
identifying and interviewing process owners for compliance with the compliance program;
compiling interview results; and
summarizing the results as an assessment of the compliance program.
-
Specification