System and method for compliance management
First Claim
Patent Images
1. A computer implemented method for use in compliance management in a business wherein the computer implemented method is conducted at a server, the method comprising the steps of:
- (a) identifying a plurality of business processes subject to compliance requirements by a server identifying means;
(b) determining compliance ownership of each of said plurality of business processes by identifying an individual or entity responsible for compliance requirements for a particular business by a server determining means;
(c) determining compliance requirements for each of said plurality of business processes by a server compliance requirement determining means;
(d) identifying compliance issues based on said compliance requirements wherein the compliance issues are identified by a self-assessment questionnaire wherein at least some answers to the self-assessment questionnaire are translated into a risk score which is computed by multiplying a severity score, an occurrence score and a detection score for identifying at least one area of concern, by a server compliance issue identifying means;
(e) creating at least one action plan based on identified compliance issues by a server creating means; and
(f) forwarding said at least one action plan to an appropriate identified individual or entity based on determined compliance ownership by a server forwarding means.
3 Assignments
0 Petitions
Accused Products
Abstract
A system and method for use in compliance management is disclosed. Various compliance requirements and issues may be identified for business process and products. The individuals or entities responsible for the business processes and products are identified. Action plans based on compliance requirements and issues may be created. The action plans may be forward to the appropriate individuals or entities, and the results of the action plans monitored to determine whether compliance requirements and issues are being appropriately addressed.
230 Citations
34 Claims
-
1. A computer implemented method for use in compliance management in a business wherein the computer implemented method is conducted at a server, the method comprising the steps of:
-
(a) identifying a plurality of business processes subject to compliance requirements by a server identifying means;
(b) determining compliance ownership of each of said plurality of business processes by identifying an individual or entity responsible for compliance requirements for a particular business by a server determining means;
(c) determining compliance requirements for each of said plurality of business processes by a server compliance requirement determining means;
(d) identifying compliance issues based on said compliance requirements wherein the compliance issues are identified by a self-assessment questionnaire wherein at least some answers to the self-assessment questionnaire are translated into a risk score which is computed by multiplying a severity score, an occurrence score and a detection score for identifying at least one area of concern, by a server compliance issue identifying means;
(e) creating at least one action plan based on identified compliance issues by a server creating means; and
(f) forwarding said at least one action plan to an appropriate identified individual or entity based on determined compliance ownership by a server forwarding means. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system for use in compliance management in a business comprising:
-
(a) a means for identifying a plurality of business processes subject to compliance requirements;
(b) a means for determining compliance ownership of each of said plurality of business processes by identifying an individual or entity responsible for compliance requirements for a particular business;
(c) a means for determining compliance requirements for each of said plurality of business processes;
(d) a means for identifying compliance issues based on said compliance requirements wherein the compliance issues are identified by a self-assessment questionnaire wherein at least some answers to the self-assessment questionnaire are translated into a risk score which is computed by multiplying a severity score, an occurrence score and a detection score for identifying at least one area of concern, by a server compliance issue identification means;
(e) a means for creating at least one action plan based on identified compliance issues; and
(f) a means for forwarding said at least one action plan to an appropriate identified individual or entity based on determined compliance ownership. - View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer implemented method for assessing risk in compliance management wherein the computer implemented method is conducted at a server, the method comprising the steps of:
-
(a) forming a self-assessment questionnaire for identifying potential high risk areas within a business wherein the self-assessment questionnaire comprises sections addressing different aspects of a business by a server forming means;
(b) identifying a leadership team or a functional leader to answer appropriate sections of the self-assessment questionnaire by a server identifying means;
(c) conducting one or more interviews with the identified leadership team or functional leader to gather answers to the questionnaire by a server conducting means;
(d) translating the answers to the questionnaire into a numeric risk score for each section by a server translation means;
(e) interpreting the results and highlighting high risk areas relative to each other by a server interpreting means; and
(f) reporting the results of the questionnaire by a server reporting means;
wherein the numeric risk score comprises a combination of a severity score, an occurrence score, and a detection score. - View Dependent Claims (18, 19)
-
-
20. A computer implemented method for assessing risk in compliance management wherein the computer implemented method is conducted at a server, the method comprising the steps of:
-
(a) forming a self-assessment questionnaire for identifying potential high risk areas within a business wherein the self-assessment questionnaire comprises sections addressing different aspects of a business by a server forming means;
(b) identifying a leadership team or a functional leader to answer appropriate sections of the self-assessment questionnaire by a server identifying means;
(c) conducting one or more interviews with the identified leadership team or functional leader to gather answers to the questionnaire by a server conducting means;
(d) translating the answers to the questionnaire into a numeric risk score for each section by a server translating means;
(e) interpreting the results and highlighting high risk areas relative to each other by a server interpreting means; and
(f) reporting the results of the questionnaire by a server reporting means;
wherein the numeric risk score is computed by multiplying a severity score, an occurrence score, and a detection score. - View Dependent Claims (21, 22, 23, 24)
-
-
25. A computer implemented method for assessing risk in compliance management wherein the computer implemented method is conducted at a server, the method comprising the steps of:
-
(a) forming a self-assessment questionnaire for identifying potential high risk areas within a business wherein the self-assessment questionnaire comprises sections addressing different aspects of a business by a server forming means;
(b) identifying a leadership team or a functional leader to answer appropriate sections of the self-assessment questionnaire by a server identifying means;
(c) conducting one or more interviews with the identified leadership team or functional leader to gather answers to the questionnaire by a server conducting means;
(d) translating the answers to the questionnaire into a numeric risk score for each section by a server translating means;
(e) interpreting the results and highlighting high risk areas relative to each other by a server interpreting means; and
(f) reporting the results of the questionnaire by a server reporting means;
wherein a high risk score relative to other risk scores is an indication of further analysis and resolution and wherein the numeric risk score comprises a combination of a severity score, an occurrence score and a detection score.
-
-
26. A system for assessing risk associated with compliance management comprising:
-
(a) a means for forming a self-assessment questionnaire for identifying potential high risk areas within a business wherein the self-assessment questionnaire comprises sections addressing different aspects of a business;
(b) a means for identifying a leadership team or a functional leader to answer appropriate sections of the self-assessment questionnaire;
(c) a means for conducting one or more interviews with the identified leadership team or functional leader to gather answers to the questionnaire;
(d) a means for translating the answers into a numeric risk score for each section;
(e) a means for interpreting the results and highlighting high risk areas relative to each other; and
(f) a means for reporting the results of the questionnaire wherein the numeric risk score comprises a combination of a severity score, an occurrence score, and a detection score. - View Dependent Claims (27, 28)
-
-
29. A system for assessing risk associated with compliance management comprising:
-
(a) a means for forming a self-assessment questionnaire for identifying potential high risk areas within a business wherein the self-assessment questionnaire comprises sections addressing different aspects of a business;
(b) a means for identifying a leadership team or a functional leader to answer appropriate sections of the self-assessment questionnaire;
(c) a means for conducting one or more interviews with the identified leadership team or functional leader to gather answers to the questionnaire;
(d) a means for translating the answers into a numeric risk score for each section;
(e) a means for interpreting the results and highlighting high risk areas relative to each other; and
(f) a means for reporting the results of the questionnaire;
wherein the numeric risk score is computed by multiplying a severity score, an occurrence score, and a detection score. - View Dependent Claims (30, 31, 32, 33)
-
-
34. A system for assessing risk associated with compliance management comprising:
-
(a) a means for forming a self-assessment questionnaire for identifying potential high risk areas within a business wherein the self-assessment questionnaire comprises sections addressing different aspects of a business;
(b) a means for identifying a leadership team or a functional leader to answer appropriate sections of the self-assessment questionnaire;
(c) a means for conducting one or more interviews with the identified leadership team or functional leader to gather answers to the questionnaire;
(d) a means for translating the answers into a numeric risk score for each section;
(e) a means for interpreting the results and highlighting high risk areas relative to each other; and
(f) a means for reporting the results of the questionnaire;
wherein a high risk score relative to other risk scores is an indication of further analysis and resolution and wherein the numeric risk score comprises a combination of a severity score, an occurrence score and a detection score.
-
Specification