San Jose, California, October 12, 2011-- EnterpriseGRC Solutions Inc. CEO, Robin Basham, today announced that the firm will introduce Facilitated Compliance Management™  4Point GRC methods developed under Phoenix Business and Systems Process, Inc. to Bay Area markets demanding both cloud-enabled and sustainable enterprise governance risk and compliance strategy.

index meeting

Leveraging products, templates, and approach born out of Ms. Basham’s graduate teaching in education and information 

technology, EnterpriseGRC Solutions uses Facilitated Compliance Management programs, including object modeling and open source languages, as well as more common applications such as Microsoft Word, Access, Project, Visio, SQL, SharePoint, and  Adobe Presenter enabled testing, assessment and training programs, in the form of applications that align with each customer’s unique business strategy, learning styles and organizational maturity.  Additionally, EnterpriseGRC Solutions partners with numerous technology providers, offering end to end architectural solutions. A highly regarded expert in IT governance, risk, and compliance, Basham sees EnterpriseGRC Solutions as a natural progression from Phoenix Business and Systems Process, which she founded in 2003 and served as president and chief executive officer.

When asked if she would now sell Facilitated Compliance Management, as opposed to offering it for free, and if it was meant to replace other products in the GRC space, Ms. Basham stated, “No. We don’t compete with or replace any of the major industry platforms. Audit Planning and Assessment, Process Asset Library, Risk Management, Controlled Servers CMDB, RunBook, and Policy Mapping modules are used to establish a baseline in content and prepare companies for any type of major GRC initiative. All teams have multiple certifications such as RSA Archer, Oracle GRC, IBM OpenPages, and SAP GRC, and are graduate master level architects and auditors, familiar with application delivery and external regulatory requirements.  We approach GRC problems knowing our clients haven’t tried all the products, been exposed to all the regulations, and may be unaware of frameworks that will ultimately be required.  Maturities vary. For example, some companies are approaching Initial Public Offering (IPO) and don’t even have routine trouble ticketing and change management built. Others have a functioning compliance framework in place and just need a regulatory tuneup.  Businesses expect us to have the map and products ready, and we do.

Facilitated compliance is about implementing real business and systems process, so it’s done right and done well.  Each industry has to solve a universal set of risk and control problems.  We build the methods and prototypes that ensure integration and ongoing operations during complex and critical periods of project implementation.   In fact, we are usually called in during periods of demanding intense upward business growth.  Not too surprisingly, compliance is the last thing on their minds. “

(See current bio on Management Professionals Page)

Recent past Senior Director, Enterprise GRC, and Director IT Regulatory & Compliance, Ms. Basham left her privately held firm to spend a half-decade consulting in High Tech, Finance, Publishing, Education, Government, and Banking. Returning to her roots as owner and creator of services and products (Including RunBooks, Process Asset Library, Control Self-Assessment, RiskWatch and Policy Map),  Ms. Basham  introduces a new business model aimed at leveraging collaborative and cooperative consultation, a blended approach including most major standards bodies and professional associations and a mandate to delivering rapid affordable risk mitigation and management.  “We see the client’s vision and support both mission and intent.  We’re not afraid to recommend changes in course when we know the right people, products, and technologies are deployed in making our client’s dreams become reality.”

Basham has participated in various advisory capacities for national organizations including the Organization for the Advancement of Structured Information Standards (OASIS), the Information Systems Audit and Control Association (ISACA), the Institute of Internal Auditors (IIA), the Object Management Group (OMG) and the Open Compliance and Ethics Group (OCEG). She was recently named to the advisory board for OMG, a software consortium responsible for establishing distributed computing specifications, and ORCA, the OMG Regulatory Compliance Alliance and served as director of the Association of Certified Green Technology Audit.  Basham has authored and collaborated on a number of publications including ISACA’s recent SAP ECC 6.0 Controls Guidelines, ISACA 2007 CISA Review Manual, IT Governance Institute (ITGI) standards and harmonization efforts, OCEG's Internal Audit Guide, ITIL and Sarbanes-Oxley Compliance 2005 from the IT Service Management Forum (ITSMF), and Procedure Guidelines and Controls Documentation (a model process architecture available for enterprise process implementation).  She is also a frequent speaker at ITSMF and ISACA conferences and various other industry trade groups and universities. Her novel The Perils of Mount Must Read is distributed in universities throughout the world.