TrustRadius: an HG Insights company

BWise

Score7.5 out of 10

6 Reviews and Ratings

Get a Demo

What is BWise?

BWise is an Governance, Risk Management, and Compliance (GRC) platform formerly owned and supported by Nasdaq, acquired by SAI Global in April 2019.

Categories & Use Cases

Key Features

Learn about the best (and worst!) features BWise has to offer, as determined by TrustRadius' reviewers.
Based on 6 ratings of BWise's features
View all features

Top Performing Features

  • Incident management

    System captures risk-related incidents, including cause and result

    Category average: 7.8

  • Common repository of GRC items

    A common repository linking all GRC elements such as policies, risks, regulations, etc.) to give a 360 degree view

    Category average: 7.8

  • GRC policy management

    Support for policy lifestyle changes including creation, approval, communication etc.

    Category average: 7.7

Areas for Improvement

  • Risk management

    Risk management capabilities including alert engine to warn of trending risk exposure and risk visualizations like heat maps, dashboards, etc.

    Category average: 7.4

  • Integration with Corporate Performance Management (CPM) systems

    Ability to integrate with external CPM software

    Category average: 7

Reviews

What users are saying about BWise.
View all reviews

BWise GRC Implementation Review

Incentivized
Verified User
Team Lead in Finance and Accounting (10,001+ employees employees)

Pros

  • Bwise is very customizable to accommodate multiple compliance initiatives, across the enterprise.
  • Integration with TeamMate, made tracking audit testing and results easy to stay on top of.
  • Being able to map controls, and test once, and report control effectiveness for multiple initiatives was important.

Cons

  • Integration with SAP for continuous control monitoring.
  • Control mapping to standards: ISO; COSO; COBIT; HIPAA; SP800_53 (NIST); FedRAMP; PCI_DSS; BITS; GAAP; AICPA; BSI; CCM; COPPA; CSA
  • Surveys.

Return on Investment

  • BWise was the most cost effective, and flexible solution evaluated, and eventually implemented.
  • BWise is a great repository for controls, and for managing GRC compliance.
  • BWise handled mapping multiple compliance initiatives to the master controls very well.
  • BWise integrated with TeamMate for testing controls very well.

Other Software Used

SAP Business Warehouse, Oracle BPM Suite, Microsoft SQL Server

Usability

BWise - The peaks and valleys of our GRC journey

Incentivized
Verified User
Analyst (5001-10,000 employees employees)

Pros

  • Great reporting tool (uses SAP Business Objects). It is quite flexible on types of reports that can be created and supported. Also the reporting consultants are very competent and nice.
  • Highly customizable solution: almost everything can be tailored to an organization's needs, assessments, audits, issues, recommendations, tasks, etc. However, there's a trade-off between customization and the integration of different areas of the organization.
  • Increases visibility and efficiency in the organization. BWise offers centralized repositories (catalogs) that can be easily accessed and used by everyone in the organization (e.g. Process catalog, Policies and Procedures catalog, Risks, Controls, Laws catalogs, etc.). Also, the application allows findings on controls tested by Audit to be automatically reflected in controls monitored by SOX for example, without the need for SOX to retest them. So one area can leverage on the work of other areas increasing operational efficiency.
  • Increases integration and avoids silos. By choosing the correct design (e.g. Risk Workshops instead of Open Assessments), one area can see and benefit from another areas' work. An example was mentioned above; another would be Operational Risk area considering the results of Business Continuity, Vendor Management, Info Security, etc. assessments when carrying out theirs. Additionally, processes can be integrated: when contracting a new vendor for instance, one can include questions about data confidentiality and usage of models in the Vendor risk assessment. Answers to these could then trigger Info Sec / Model Risk assessments.
  • Increases accountability. Application provides full audit/change log with the type of change, name of executor, and date of change.
  • Easier follow-up. BWise sends automatic emails with reminders to the people required to take action on an issue, assessment, etc.

Cons

  • Internal Quality Check. I think this is the most prominent area BWise should improve on. Currently they lack internal Quality Check/Review.
  • Internal dialogue among employees. When various consultants are involved in the same project, their communication and updating each-other could be a bit stronger.
  • Inclusion of content. The application could benefit considerably from including some out-of-the-box content (e.g. COSO principles, Risk catalogs, etc.).
  • Risk Workshop functionality. This is one of the main functionalities that allows integration among different areas of an organization. However, it comes pretty much "take it or leave it"; it's almost not customizable.
  • Consultants' transparency. When an organization requests a particular design of the application or solicits changes to such design, it would be great if BWise consultants could always and more thoroughly advise on the implications of these changes, design to the organization's strategic objectives and ultimate target.
  • Product features. Application has room for improving its programming, e.g. providing internal checks when creating/answering an issue/finding (for instance, remedy implementation date cannot be before the recommendation response date or the recommendation creation date). Another example would be the possibility of automatic periodic followup (e.g. every 1 month until completion).

Return on Investment

  • Increased employee efficiency especially considering incident management and follow up.
  • Increased visibility and senior management information/awareness.
  • Increased employee accountability.
  • Reduction of silos.

Other Software Used

SAP Business Objects