Common Repository Approach

ControlOrigins was founded on a unique approach to building a logical relationship between a corporation’s control infrastructure including the Risk and Controls Matrix or “RACM” and Policies & Procedures to industry standard frameworks (COSO, Cobit, ISO and ITIL) as well as regulatory requirements (SOX, HIPAA, Basel II, CISP etc.).

The relationship between these different disciplines is complex and multi-dimensional. Often, the relationship is managed in a Microsoft Excel spreadsheet or a software tool that is limited in the ability to effectively cross reference a companies’ Policy & Procedure hierarchy to the industry standard frameworks or regulatory requirements.  These complex data relationships are well suited for a relational repository approach. 

In addition to managing these complex relationships, corporate executives must also deal with the fact that new versions of each of these components are released on a daunting frequency.