Home
Governance, Risk & Compliance Analytics Platform
Empowering risk officers and stakeholders with real-time analytics for informed decision-making.
Mission
I partnered with the 1st & 2nd Line of Defense, and functions to generate Key Risk/Performance Indicators & Reporting analytics to help Risk Officers & stakeholders make real-time risk decisions to protect AIG's Economic value
Vision
My vision is to provide an exceptional GRC analytics platform that helps to prioritize & mitigate AIGs risks and vulnerabilities to help support financial growth
Goals
Comprehensive Platform
Develop and implement a comprehensive & interactive analytics platform in alignment with regulatory requirements and existing AIG policy & standards
Ongoing Support
Partner with businesses and functions to provide ongoing support around the monitoring and testing of GRC key metrics
Purpose and Solution
Purpose
To provide comprehensive reporting capabilities for all GRC data sources and customized views to meet needs of 1st & 2nd Line Stakeholders
What It Solves
Easy to use / Self-Service reporting and data access
Dashboard Coverage

1

1
TPRM

2

2
Risk Events

3

3
RCSA

4

4
Issues Management

5

5
Risk Acceptances & Acknowledgements

6

6
Model Risk

7

7
BCM
Direct Consumers of GRC Data Warehouse
Compliance
TRC
ISO
IAG
GS&PS
A&H Operations
Third Party Management - Australia
Customer Challenges
Siloed Reports
AIG has multiple siloed GRC reports across the enterprise, limiting management's ability to analyze, aggregate, and report on governance, risk, compliance, control, and assurance programs on an integrated basis.
Integrated Reporting Need
Through the GRC Analytics Platform, AIG will be able to efficiently and effectively aggregate and report risk and control issues across the company, and track remediation plans to address those issues via a common lexicon and taxonomy at the hub of the platform.
Wide User Base
The analytics platform will be utilized by Senior Management, 1st & 2nd Line of Defense, including assurance functions like Compliance, Information Technology Security, ORM, TPRM and Internal Audit.
Solution
GRC_RPT Data Warehouse
Develop GRC_RPT data warehouse using MS SQL RDBMS which will create daily snapshots based on feeds from Archer, CBRA (TPRM) and other GRC tools.
Interactive Analytics Dashboards
Develop interactive analytics dashboards using MS Power BI to visualize the risk data from our GRC_RPT data warehouse to make intelligence-driven business decisions.
Objectives & Scope
1
Consistent Reporting
Establish a GRC Reporting Solution that achieves a globally consistent risk reporting integrating disparate applications
2
Process Optimization
Drive efficiency through optimization of processes and common hierarchies/ data structures by sharing data across a centralized risk framework
3
Scalable Platform
Create a scalable platform for future growth with synchronization of future stare initiatives & established infrastructure
4
Enhanced Reporting
Enhance management-level reporting capabilities
5
Integrated Risk Reporting
Institute integrated risk reporting across business units and assurance functions to streamline and improve management information
Customer Persona
Our GRC Analytics Platform serves diverse stakeholders across AIG, each with unique reporting and analytics needs. These key users represent different organizational functions that rely on integrated risk and compliance data to make informed decisions.

1

1
Business Units
Front-line teams requiring operational risk insights and compliance monitoring

2

2
ERM
Enterprise Risk Management team needing consolidated risk views across the organization

3

3
Legal
Legal department tracking regulatory obligations and compliance requirements

4

4
Compliance
Compliance teams monitoring adherence to policies and regulations

5

5
Regulatory
Teams managing regulatory reporting and supervisory requirements

6

6
Global Accident & Health
Specialized division requiring risk analytics for health insurance operations

7

7
Australia Third Party Governance
Regional team overseeing vendor risk management and compliance

8

8
Audit
Internal audit teams requiring comprehensive risk and control data
Each of these stakeholders requires different views and levels of detail from the GRC Analytics Platform, driving our need for flexible and comprehensive reporting capabilities.
Customer Journey Map
1
Awareness
Customer becomes aware of the GRC Analytics Platform and its benefits
2
Consideration
Evaluation of the platform's features and how it addresses their specific needs
3
Decision
Choice to implement the GRC Analytics Platform
4
Onboarding
Integration and training on the new platform
5
Usage
Regular use of the platform for risk management and decision-making
6
Support
Ongoing assistance and updates to ensure optimal performance
Product Roadmap
1
Phase 1: Foundation
Develop core GRC_RPT data warehouse and basic reporting capabilities
2
Phase 2: Enhanced Visualization
Implement MS Power BI dashboards for interactive data exploration
3
Phase 3: Integration
Connect additional data sources and expand coverage of GRC domains
4
Phase 4: Advanced Analytics
Incorporate predictive analytics and machine learning capabilities
5
Phase 5: Continuous Improvement
Ongoing updates and enhancements based on user feedback and emerging needs
User Stories and Acceptance Criteria
User Stories
1
Risk Officer
As a risk officer, I want to access real-time risk indicators so that I can make informed decisions to protect AIG's economic value.
2
Compliance Manager
As a compliance manager, I want to generate customized reports on regulatory requirements so that I can ensure AIG's adherence to industry standards.
3
Business Unit Leader
As a business unit leader, I want to view aggregated risk data across my department so that I can identify and address potential vulnerabilities.
4
Auditor
As an auditor, I want to access comprehensive GRC data so that I can conduct thorough and efficient audits across the organization.
Acceptance Criteria
  • The GRC Analytics Platform successfully integrates data from all specified GRC tools and sources
  • Users can generate custom reports and visualizations without IT support
  • The platform provides real-time updates of key risk indicators and performance metrics
  • Data access is secure and compliant with AIG's information security policies
  • Dashboards are responsive and load within 3 seconds on standard corporate devices
  • The platform supports all specified customer personas and their unique reporting needs
System Architecture
MS SQL Server Data Warehouse
Enterprise-grade data warehousing solution providing secure and robust storage for GRC data
Power BI Analytics
Advanced analytics and visualization capabilities enabling comprehensive GRC insights
RESTful API Integration
Seamless integration with existing GRC tools through standardized APIs
Built on enterprise-grade cloud infrastructure, our platform ensures high availability, scalability, and real-time data processing capabilities across all components.

1

2

3

4

1
User Interface
MS Power BI Dashboards
2
Analytics Layer
Data Processing and Visualization
3
Data Warehouse
GRC_RPT (MS SQL RDBMS)
4
Data Sources
Archer, CBRA (TPRM), Other GRC Tools
The GRC Analytics Platform's system architecture is designed to efficiently collect, process, and present data from various sources. At the foundation are the diverse data sources, including Archer, CBRA (TPRM), and other GRC tools. This data is consolidated into the GRC_RPT data warehouse, built on MS SQL RDBMS. The analytics layer processes this data, enabling advanced visualizations and insights. Finally, the user interface, powered by MS Power BI dashboards, provides an intuitive and interactive experience for end-users to access and analyze the GRC data.