BWise is an Governance, Risk Management, and Compliance (GRC) platform formerly owned and supported by Nasdaq, acquired by SAI Global in April 2019.
N/A
Ideagen Risk Management
Score 7.3 out of 10
N/A
Ideagen's Enterprise Risk Management (ERM) software solution (formerly known as Pentana Risk) fully integrates risk management processes, from identifying and assessing risk business-wide, to assigning and monitoring mitigation plans, all the way through to reporting and defining a long-term strategy for enhanced performance.
Well suited for general compliance, multiple initiatives, and integration with TeamMate. SAP GRC Process control may be better suited for an SAP environment. Oracle GRC may be better suited for an Oracle environment. Overall, BWise is a very cost effective, and flexible solution.
Pentana is great for monitoring PIs and risks. We find it less helpful for monitoring projects (with the Actions module); it isn't quite flexible enough for our needs, though the support team have been very helpful in adding custom fields for us.
Great reporting tool (uses SAP Business Objects). It is quite flexible on types of reports that can be created and supported. Also the reporting consultants are very competent and nice.
Highly customizable solution: almost everything can be tailored to an organization's needs, assessments, audits, issues, recommendations, tasks, etc. However, there's a trade-off between customization and the integration of different areas of the organization.
Increases visibility and efficiency in the organization. BWise offers centralized repositories (catalogs) that can be easily accessed and used by everyone in the organization (e.g. Process catalog, Policies and Procedures catalog, Risks, Controls, Laws catalogs, etc.). Also, the application allows findings on controls tested by Audit to be automatically reflected in controls monitored by SOX for example, without the need for SOX to retest them. So one area can leverage on the work of other areas increasing operational efficiency.
Increases integration and avoids silos. By choosing the correct design (e.g. Risk Workshops instead of Open Assessments), one area can see and benefit from another areas' work. An example was mentioned above; another would be Operational Risk area considering the results of Business Continuity, Vendor Management, Info Security, etc. assessments when carrying out theirs. Additionally, processes can be integrated: when contracting a new vendor for instance, one can include questions about data confidentiality and usage of models in the Vendor risk assessment. Answers to these could then trigger Info Sec / Model Risk assessments.
Increases accountability. Application provides full audit/change log with the type of change, name of executor, and date of change.
Easier follow-up. BWise sends automatic emails with reminders to the people required to take action on an issue, assessment, etc.
Pentana is excellent for monitoring, recording and reporting on PIs. Very easy to use the PI module.
Pentana is excellent for monitoring risks at various levels (service, strategic etc.). Risks are displayed very clearly in a tree structure and the module is relatively easy to use.
Pentana could improve the free Documents module that comes with Pentana Risk. At the moment documents have to be linked to an action in order to display query results (such as how many documents are due for review) - this can be confusing for users who don't understand why there is an action linked. There is also no easy way for users to see the documents that are assigned to them.
We would like to use the Actions module fully in order to monitor our corporate projects, but it a bit confusing for users and not very flexible when a project doesn't mirror Pentana's way of monitoring actions.
Some modules are more user-friendly than others. It's sometimes not obvious where to click to update the fields (or even that field titles can be clicked on). We have written 'Howdys' to help users. There can also seem to be a lot of steps/clicks to updating risks and actions. The Reports module on Pentana classic is certainly not user-friendly, particularly the Report Layout and Charts modules - we were told these would be integrated into the web version but this hasn't happened yet.
Wasn't personally involved in the vendor selection process. I am aware that one of the main drivers for selecting BWise was cost (I believe BWise total project cost was several times lower than MetricStream's).
We selected Pentana because our neighbouring authorities are users and had spoken highly of the product and given us demonstrations; some of our staff were also familiar with Pentana when it was called Covalent. It seemed to be the best product on the market for monitoring risks, PIs and projects.
Pentana Risk has allowed my team to focus on other areas of work whereas before we would be manually chasing for updates on PIs and risk. Pentana Risk does the chasing for us!
We are able to produce reports for audit purposes very easily, rather than sending spreadsheets which is what we used to do.
New managers can easily inherit risks, projects and PIs and see all of this on a custom portal, saving them time when they start.