Likelihood to Recommend MindBridge [Platform] is an excellent tool to use to gain additional comfort over client's data. The key areas it helps with are analytical procedure risk and inherent risk, but depending on the data you have, it can also be able to assess control risk to a degree. It's a very malleable tool that can be made to fit your client, however, it does require upfront work (as the implementation of any new technology would). The tool may not be scalable for audit work that is very low-risk and requires little hour input in the first place as it may add more hours in the long-run than the normal audit would incur. Our team has used these low-risk audits in our implementation, however, to corroborate the results we get, which we felt has helped us achieve our successes with the tool.
Read full review Oracle EBS R12 requires a unique user skillset to understand how it handles user access and functions. Accordingly, ServiceNow has this high level of sophistication to manage this information and apply it to Sensitive Access and Segregation of Duties rules to identify exceptions. This depth of configuration is critical to accurately identify when Oracle Responsibilities (access) truly allows access and thus could be a violation. ERPs with less complexity may not require this customization of ServiceNow GRC, but you would be wise to raise these questions and examples in the demo to ensure it will work for you. In the past, we have found that risks of under-reporting exceptions or false positives become so voluminous that users don't always get to the accurate violations for timely remediation. Proper configuration up front will improve your effectiveness and ROI down the road.
Read full review Pros Using the output from MB AI we have been able to reduce the inherent risk and analytical procedures risk assessments in our audits which have reduced our substantive testing sample sizes. The output from MB AI allows us to focus on the medium risk and high risk transactions that were recorded in the general ledger during the year. Our younger, more technologically advanced team members really enjoy working with MB AI. Read full review Finding reported by the auditor. GRC helps us identify, assign, and track the resolution of this. Exception to information security policy. These require quarterly reviews and setting up reminders to revisit these. Building out new projects and baking security and compliance into the project and tracking it in GRC to ensure we deliver a compliant product on day one Read full review Cons It needs to have a deliverable Risk Analysis report, something that can be exported to a PDF and delivered to clients. Accounts receivable and payable analysis needs to be able to handle tiered customers and vendors. Exporting to PDF should be a feature. Works great for Excel. Needs forecasting capability in order for us to use for review engagements. Needs the ability to compare client to industry ratings. Read full review Delivering more out of the box functionality that rivals other GRC platforms. The bare bones approach may not help companies that do not have expertise or capabilities to build effective GRC processes. Easier way to implement workflow. Offering better metrics without buying add-on tools. Read full review Usability The only reason I do not give this a 10 is that I would like a deliverable risk report. This would enable me to offer additional services to my non-audit clients.
Read full review I'm satisfied with our experience. The configuration was the biggest challenge, but we have moved onto the stage of user training and usability. We would appreciate having better user training documentation and possibly videos and/or computer-based training to help our international users adopt this software for their GRC needs.
Read full review Support Rating My experience with customer support may different since I started using the application early on. I am also providing continuous recommendations for improvement or additional features. They have always been available when I needed them and they actually listen and value my opinion. They have implemented many of our recommendations and asked for our input on possible new features.
Read full review It's a good system, but I am awaiting key features in the new release. We hear that ServiceNow is continually adding new features and we look for improved reporting, better Oracle Integration, and user training opportunities. To the extent these materialize, we expect further improvements in our experience with ServiceNow GRC. Until that time, though, we believe we are meeting our objectives expected at the beginning of this project.
Read full review Alternatives Considered We did not consider any other similar products.
Read full review We just recently started using
TrustArc for data privacy requests and I can already speak to the fact that
TrustArc is a more confusing platform once there. The positives of ServiceNow would be that a majority of our URL's drive to owned websites which our employees are very comfortable with using versus pushing them to another website that feels unsafe.
Read full review Return on Investment Increased efficiency Better quality audits performed Coming to more reasoned conclusions that are supported by data Read full review Effective Enterprise Risk Management Holistic Real-time Monitoring of your technology and Risk Negative - Asset Management has some issues and Ghost / Shadow IT is big issue Read full review ScreenShots MindBridge Platform Screenshots