What 4C Strategies can offer organsations subject to the EBA Guidelines on outsourcing agreements
4C Strategies, with longstanding business relationships with organisations in both the private and public sector as well as within the military sphere where security and continuity is of the utmost importance, can offer the following through the Exonaut Software Suite:
- Management decision support
- Risk assessment capability
- Due diligence support
- EBA compliant outsourcing register
- Notifications on contractual changes
- Outsourcing approval process support
Exonaut & Compliance Management
Compliance management is at the heart of Exonaut’s data collection and tracking capabilities, ensuring that full compliance with the EBA guidelines. The Exonaut Software Suite has been developed together with our customers through an iterative and collaborative process, giving rise to one of the most secure and trusted Software Suites currently at market. Your organization should consider using Exonaut for reasons of its simplicity and user friendliness developed with the end user in mind, its optimisation for quick and intuitive use on a daily basis, its cost effectiveness where the outsourcing tool is one of many applications, and for its security, highlighted by being the preferred software of financial organisations as well as armed forces globally.
WANT TO LEARN MORE?
Discover how you can take control of your regulatory compliance with our Compliance Management software solution.
To reduce costs and improve flexibility and efficiency, financial institutions have increasingly been interested in outsourcing their business activities.
With the aim of establishing a more harmonized framework within all financial institutions, the EBA is updating the Committee of European Banking Supervisors (CEBS) guidelines on outsourcing, which were first issued in 2006.
The updated guidelines require that each financial institution’s management body remains responsible for that institutions’ and all of its activities at all times, including overseeing all risks and managing the outsourcing requirements.
What is Exonaut?
It is a software suite designed and built by 4C Strategies to provide all the tools you need to build, verify and track your organisational readiness (risk, compliance, incident, crisis, continuity and exercise management).
Who is Exonaut built for?
Exonaut® is designed to be used by risk managers, compliance officers, CSO:s, CISO:s and exercise managers to support them in their day to day operations. The reports and dashboards are meant to give senior level management an overview of the current readiness levels (risk exposure, compliance, training status, risks etc). Data capture interfaces are designed to support first line operators with limited or no domain knowledge, by using simple and clear interfaces. Second and thirds line assurance on the other hand has access to intuitive interfaces to slice and dice the data as appropriate for analytical purposes and to drive performance. All activities are supported by workflows and configurable notification rules to ensure that work is performed as intended.
How long does it take to implement Exonaut?
Most organisations that select Exonaut® have a clear idea on what they want to achieve. When all framework and policy questions have been taken care of (risk criteria model, control catalogue, types of incidents etc.), an implementation project can be as short as four to six weeks. Typically, in sizeable organisations, three to six months from project start to go live is normal.
Who needs to be involved from our side when buying Exonaut?
A typical implementation requires coordination between the main sponsor, usually a security, risk or compliance manager, with approval from senior management and supported by the internal IT department. This setup ensures a smooth implementation.
Is Exonaut a cloud solution or an on premise solution?
Both. Exonaut® is offered as both Software as a Service (cloud based) or as an installed solution. The pricing is the same, and the solution is the same, and it is simply a matter of adapting to your IT security requirements.
Is Exonaut available on mobile devices?
Yes. Exonaut® is fully supported with its native app for iOS, Android and Windows, called Observer. Observer allows users to access documents (on or offline), submit data via custom templates (eg. compliance checklists, evaluation criteria), use the interactive map function for geotagging information, and communicate in a secure, encrypted environment. The data submitted through the Observer app populates Exonaut dashboards in real-time, providing an accurate status overview for risk, compliance, incident and exercise management.
How secure is the information that you enter into Exonaut?
Exonaut® has its origins within the military domain, so information and IT-security has been the top priority since the start. The Suite has a number of accreditation including for use in NATO Secret and Unclassified networks. Within the system itself, each information item is governed by a granular permission model, ensuring that a logged in user will see exactly what he or she is supposed to, and no more or less. Outside the system, each customer can apply their own chosen level of security, such as specialised encryption solutions and VPN-tunnels. Finally, for extreme security requirements, the entire system can be run in a primary/secondary configuration, enabling a primary server to be kept separated from any attack vectors (internet, airwaves, radio, signals), while selected parts of the configuration can be used in a more open environment for a limited time period. When the required data has been collected, it is then merged with the primary server again, without exposing the aggregated data to the outside world at any point in time. The capabilities this provides while maintaining strict information security is found in no other systems in operation today.
How does Exonaut allow for compliance with the General Data Protection Regulation (GDPR)?
We are committed to protecting our customer’s data. This includes working hard to ensure that processing activities undertaken in Exonaut® comply with applicable data protection laws, such as the General Data Protection Regulation (GDPR).
Most of our customers choose to limit the personal information they process in the system to basic user identification data (such as names, e-mails and passwords) and can rely on our standard solutions for secure processing. Customers who wish to process other categories or types of personal data may need additional layers of security. We work closely with each customer to determine their specific needs with respect to data security, whether they choose our On-premises or SaaS solution. Please refer to “How secure is the information that you enter into Exonaut®?” for further information.
Exonaut®’s administrative tool-set allows for compliance with legal obligations relating to the rights of individuals (data subjects), such as deletion of and access to data.
Does Exonaut come with GIS support?
Yes. An important function in Exonaut® is the ability to work with interactive maps and geographic information, especially when dealing with exercises, incidents and crises management. Exonaut® is delivered with multiple map server interfaces to provide for the integration of advance GIS-support both in desktop and mobile applications (for both on- and off-line). Usually our clients with need for GIS functionality already host their own map servers. Thus, instead of creating a parallel GIS system, Exonaut® provides a greater ROI to any investment in a bundled geographic information system.
Can I integrate Exonaut with my current system?
Exonaut® has an API which can be used to feed or collect data from other systems. There are a number of standard integrations available for the most common user management (AD) tools, as well as business intelligence tools, military simulators and emergency dispatcher tools to name a few. In addition, if there is a need, unique integration plug-ins can easily be designed and deployed using our extensive integration framework.
What dashboards are available in Exonaut?
Each Exonaut® module comes with its own basic dashboard. However, if required, Exonaut® provides an integrated dashboard solution, enabling users to mix Exonaut® data from all modules in any way they request. It also provides intuitive drag-and-drop interfaces for designing any dashboard necessary. This is an optional extension. If you already have a BI strategy and tools in place, these can of course be used to extract data and create Readiness dashboards, via the Exonaut® API.
Does Exonaut come with an Emergency Roll Call function?
Exonaut’s “I Am Safe” Emergency Roll Call Solution enables organisations to notify their employees and monitor their safety status during an emergency, wherever they are located. Alerts are delivered as SMS or push notifications, with safety status displayed in live dashboards, maps and our native mobile application.