Did you know…?

  • ELM Solutions is a business of Wolters Kluwer, a market-leading global information services company
  • We have 14 offices across North America, Europe, and Asia-Pacific
  • Each year, over $18 billion dollars’ worth of invoices are processed through our e-billing network
  • Our LegalVIEW® data warehouse is the world’s largest repository of legal performance data
ELM Solutions Snapshot
 

Did you know?

  • 130+ of our clients are Fortune® /Fortune Global 500 companies
  • 100% of Am Law 200 and Am Law Global 100 firms are ELM Solutions customers
  • ELM Solutions has customers in 190+ countries

Client Testimonials

 

Partner Spotlight - Technology Partners

With the Passport® Connector Library, it’s easy to integrate Passport with best-in-class solutions from our Technology Partners

Learn more »

ELM Solutions has a global network for more than 70 partners
 

Did you know?

ELM Solutions:

  • Has completed 700+ software implementations worldwide
  • Is a member of the Technology Services Industry Association (TSIA)
  • Is Safe Harbor certified

Protecting our Clients Data

Passport® GRC is a modular, scalable, and integrated governance, risk, and compliance (GRC) management solution that gives corporations the tools that they need to:

  • Track regulatory obligations and prove compliance
  • Assess and mitigate regulatory, third-party, and other operational risk
  • Manage and audit policies and controls
  • Manage incidents and investigations
  • Minimize and avoid penalties

Passport GRC is comprised of six integrated components that can also function in a standalone context. This enables companies to address their immediate GRC needs and evolve the system as their needs grow. Passport GRC is built on our patented Passport technology platform, which acts as the “plumbing” to integrate the components with each other, with other ELM Solutions applications, and with external systems in support of an enterprise GRC architecture. The solution connects data silos and enables transparency across GRC functions; drives efficiency and consistency across GRC processes; and simplifies the work of compliance, risk, and audit staff.

In addition, Passport GRC integrates seamlessly with Passport Legal Matter Management and Passport Legal Spend Management, which helps companies drive efficient collaboration between their legal and GRC functions. This close integration of legal and GRC solutions streamlines communication, information-sharing, and cost management (e.g., for compliance issues that become legal matters, for regulatory interpretation, for policy development, third-party contract management, etc.), and creates a closed-loop process that provides visibility into the true cost of compliance versus non-compliance.


Passport GRC Components

Compliance Management
Seamlessly manage and monitor updates to global regulations, as well as information on business risks, to help ensure compliance, mitigate regulatory fines, and increase competitiveness and agility in existing and new markets

Policy Management
Proactively manage and monitor corporate policies and procedures in order to accommodate changing laws and regulations, compliance mandates, business objectives, and strategies

Risk Management
Monitor and manage any type of risk across all industries, geographies, and business functions and streamline the risk management process with a central place to identify and categorize risks, conduct assessments, and manage corrective actions

Third-Party Risk Management
Identify, assess, and monitor third-party risks across the business and prioritize evaluation, due diligence, and mitigation efforts according to that risk

Internal Controls and Audit Management
Centrally manage controls, control assessments, audits, audit plans, and timekeeping, as well as identify potential compliance gaps and provide a history of compliance

Incident and Inquiry Management
Centrally intake and triage incidents, inquiries, issues, and losses, plus manage investigations, and implement corrective action plans to mitigate future incidents or losses

Passport GRC


Built on our patented Passport technology platform, Passport GRC is a modular, yet integrated solution that allows companies to take a scalable approach to GRC.

Build a GRC program to address unique business requirements.

  • The solution’s modular, yet integrated architecture allows companies to take a scalable approach to GRC: its six components can be used individually or together, which allows organizations to select the components needed to address their most pressing GRC requirements and add on other components as needs grow
  • Using Passport® toolkits, organizations can configure and evolve the system to respond to changing mandates, risks, controls, strategies, etc. and to ensure alignment with their current regulatory, risk, and business environment

Facilitate the integration of legal, risk, and compliance.

  • Seamless integration with Passport Legal Matter Management and Passport Legal Spend Management helps companies drive efficient collaboration between their legal and GRC functions
  • The integration of Passport legal and GRC solutions streamlines communication, information-sharing, and cost management between the legal and GRC functions, which creates a closed-loop process that provides visibility into the true cost of proactive and reactive GRC efforts
  • Support for the UTBMS GRC code set enables companies to track internal and external time spent on specific GRC activities, which helps them to understand costs and accurately budget for critical GRC programs

Improve visibility into risk exposure and compliance.

  • The flexibility to monitor and manage regulatory, third-party, or any other type of enterprise or operational risk, across all industries, geographies, and business functions helps organizations to more effectively manage compliance and risk exposure
  • Passport’s ability to integrate with any external system that houses data/metrics regarding business performance against controls (e.g., HR, CRM, AP, etc.) gives companies real-time visibility into enterprise-wide compliance and risks

Respond effectively to compliance incidents and avoid future losses.

  • The ability to integrate with both internal and external intake sources consolidates all incidents, losses, issues, and inquiries into a single triage queue, which helps to simplify categorization and prioritization efforts and to ensure that nothing slips through the cracks
  • The system provides a central place for internal investigators to create, assign, prioritize, and escalate punitive and/or remedial actions (e.g., recommended policy revisions, training programs, etc.), which streamlines efforts to mitigate future incidents or losses

Provide a defensible history of compliance.

  • Passport GRC allows companies to easily show that all relevant external and internal obligations (e.g., laws, regulations, contracts, standards, etc.) are tracked, are addressed by defined policies, have related control objectives and procedures, and have been communicated to relevant parties (employees, third parties, etc.)
  • The system maintains an auditable history of “point-in-time” regulations and their related policies and controls, which allows auditors to validate historical compliance
  • The system enables proactive management of corporate policies, policy attestations, procedures, and controls to accommodate changing business needs, while creating an auditable history to prove compliance
 

 

 

Passport GRC Components

 

  • Compliance and Policy Management - Proactively and seamlessly manage and monitor updates to global regulations, policies, and controls to ensure compliance and increase competitiveness in existing and new markets.
  • Risk Management - Monitor and manage any type of risk across all industries, geographies, and functional domains and streamline the risk management process with a central place to identify and categorize risks, conduct assessments, and manage corrective actions.
  • Internal Audit Management - Centrally manage audits and controls assessments, identify potential compliance gaps, and provide a history of compliance.
  • Incident and Inquiry Management - Centrally intake and triage incidents, inquiries, issues, and losses, manage investigations, and implement corrective action plans to mitigate future incidents or losses.

 

Passport GRC Third-Party Risk Management Module

Many companies are increasing their reliance on third parties to facilitate growth and contend with changing economic conditions, globalization, and cost considerations. At the same time, companies are forced to increase their focus on third-party due diligence efforts in order to protect their brand, interests, and reputations due to stringent regulations related to:

  • Anti-corruption (e.g., Foreign Corrupt Practices Act and UKBA)
  • Conflict minerals
  • Social accountability initiatives
  • Anti-money laundering (AML)
  • Health information privacy (HIPAA)
  • Financial services accountability (e.g., Dodd-Frank Act)

 

Third-Party Risk Management, a module of Passport GRC, helps companies to:

  • Identify and assess third-party risks across the business
  • Prioritize evaluation and mitigation efforts according to risk
  • Monitor and track existing relationships

 

Passport® Product Collateral


Experts' Corner Content