BearingPoint and Microsoft team to Create Compliance Solution
BearingPoint has joined forces with it's long-standing partner Microsoft to create a compliance and risk management solution based on the SharePoint platform. And you said SharePoint didn't do compliance...

Enterprise Governance, Risk and Compliance

BearingPoint, a management and technology consulting firm, has a little bit of experience in the area of advising and supporting clients in risk management, information management and compliance. Their newest solution, Enterprise Governance, Risk and Compliance (EGRC), has been designed to help an organization identify, understand and manage the relationship between risk and compliance through daily business activities. The EGRC is a combination of strategy, business process and technology bundled together to manage the wealth of regulatory requirements, industry standards, controls and internal policies that organizations face today. The solution requires BearingPoint to come into an organization and help map out a risk and compliance governance program and then put the technical solution in place. "In so many organizations, compliance and risk management are treated as silos of responsibility, supported by costly, reactive point solutions," said J.R. Reagan, vice president and managing director, Global Risk, Compliance and Security, BearingPoint, in a prepared statement. "By merging our deep experience in risk and compliance management with Microsoft's technology, we are delivering a powerful, compelling and cost-effective solution for clients worldwide."

SharePoint as the Technology Base

As interesting as the EGRC solution offering may be, what caught our attention was the fact that their technical solution was based on Microsoft SharePoint 2007 -- MOSS. BearingPoint has built a series of web services that integrate into MOSS collaboration and document management. They created a set of compliance-specific workflows, templates and tools to help store, track, search and manage risk and compliance data. One example given includes the creation of a set of alerts that will be generated if key risk indicators or compliance metrics are exceeded. These alerts trigger email notifications and workflow activities, and are documented and audited. Who knew you could do all that with SharePoint?