Distributed and dynamic business requires the organization to take a strategic approach to issue reporting and case management. Organizations require complete situational and holistic awareness of issues, incidents, investigations, and cases across business operations and processes. This is best approached through structured and accountable processes enabled through an integrated information and technology architecture for issue reporting and case management. The goal is to manage individual issues at the detail level while being able to see the big picture and trends of issues and their impact on overall risk and compliance exposure.
Two essential components for a mature and robust issue reporting and case management program are:
- Structured processes for issue reporting and case management.
- Integrated information and technology architecture for issue reporting and case management.
Issue reporting and case management processes determine the types of information needed, gathered, used, and reported. It is through the integrated information and technology architecture that processes can be properly managed. The architecture defines how organizational processes, information, and technology is structured to make issue reporting and case management effective, efficient, and agile across the organization.
Issue Reporting & Case Management Process Structure
Issue reporting and case management processes are a subset of overall business and GRC processes. Issue reporting and case management identifies where things are going wrong with a goal of containing, addressing, and correcting exposure, loss, and incidents. The issue reporting and case management process is the structural design of tasks and management of how issues are reported, investigated, and resolved.
Structured processes for issue reporting and case management defines responsibilities, workflow, tasks, how issues are reported, cases managed, and how the processes work together as an integrated whole with other GRC and organizational processes. Issues and cases provide objective information that should in turn feed into risk management models as well as compliance reporting. For a mature GRC program, the organization requires the ability to track all issues across the enterprise (e.g. employee issues, customer issues, poor product quality, and supply chain).
There are five foundational process components that organizations should have in place for issue reporting and case management:
- Strategic/operational case planning and administration. This involves the ongoing planning and administration of issues, cases, investigators, workload, and tasks. Core to this is resource and case planning and administration, the ability to measure cycles/seasonality of cases, backlog, resource planning, and costs.
- Issue intake & triage. This is the foundational component where issues are reported. It involves being able to report and process issues coming from hotlines, web forms, management reports, and other inputs. The goal is to eliminate noise, consolidate duplicated issue reports, flesh out non-cases, and focus on what is critical and exposes the organization to the greatest risk. It is critical that the organization has the ability to automate and link between issues being reported, cases, parties, processes, places, and other relationships. From here initial planning and assignment of cases is done.
- Investigation. This is the heart of the process that takes reported issue(s) and manages the process of investigation through to closure. Investigators need structured templates and processes to keep everything organized, document the investigation, manage tasks, provide notifications and escalation, and keep all information in one place for ease of reporting. The more the organization can automatically define the process to investigate an issue/case, the better. Accountability, centralization of information, keeping everything current and up to date, and having a defensible system of record that can stand up in court is critical to this stage of the process.
- Remediation & resolution. History repeats itself because no one was listening the first time. This stage of the issue reporting and case management process ensures that remediation steps are followed to mitigate or eliminate the risk of further issues and incidents. The organization needs to be able to track action items and ensure that things do not slip through cracks to obtain a reduction in repeated and future cases. The organization requires the ability to link issues to policies and procedures to ensure they are updated as resolutions dictate.
- Reporting, analytics & metrics. This is the stage of the process that provides detailed reports on both individual and aggregate cases. The organization should be able to track past due tasks, benchmark timelines of cases, identify where loss can be mitigated, and reduce gaps.
WEBINAR: Case Management
Building a Business Case & Articulating Value to the Organization
Organizations often approach issue reporting and case management in manual processes encumbered by documents, spreadsheets, and emails. This taxes and slows down investigation processes, and makes reporting very time consuming and often inaccurate because of scattered information. GRC 20/20 Research has conducted a detailed study of organizations that moved from manual document centric approaches to i-Sight case management. GRC 20/20 found that organizations that utilize purpose built software for case management make their issue reporting and case management processes more efficient, effective, and agile. This results in a quantifiable return on investment.
On October 5th, 2-3pm, join presenter Michael Rasmussen as he outlines how case management software can make issue reporting and case management more efficient and agile.
In this webinar, organizations will learn how to:
- Avoid the costs of manual document-centric processes in wasted time and resources
- Identify specifics on how software makes issue reporting and case management more efficient, effective, and agile,
- Measure and quantify the value in time and dollars saved with case management software
- Build a business case to justify case management software in your organization
[button link=”https://i-sight.com/resources/case-management-software-building-a-business-case-articulating-value-to-the-organization/?leadsource=GRC2020″]REGISTER[/button]