What is the Anti-Bribery Healthcheck Tool?

The Anti-Bribery Healthcheck provides a standardised process for performing compliance assurance on the core requirements of the anti-bribery program to assist organisations in designing, implementing and maintaining robust policies, procedures, systems and controls to reduce these risks and build strong lasting relationships among employees, customers, business partners and other stakeholders.

Why is tracking Anti-Bribery compliance important?

Many organisations, large and small, across a diverse range of industry sectors and jurisdictions are required to develop an anti-bribery program to identifymitigate and manage bribery and corruption risks, when doing business in increasingly complex and global market places.

However, simply having an anti-bribery program is not enough – their effectiveness must be continually monitored to identify gaps and address areas of vulnerability.

Organisations are increasingly expected by internal and external stakeholders, to be completely transparent on their efforts to counter bribery and corruption and performing independent assurance as to the effectiveness of these efforts lends credibility that organisations are doing everything they can to avoid becoming implicated in corruption scandals.

What types of organisations are required to comply with Anti-Bribery legislation?

Anti-Bribery legislation applies to a diverse range of industry sectors (which can vary by jurisdiction) including:

Industry-Coverage

 

 

 

 

 

 

 

 

 

 

 

 

 

What types of users is the Anti-Bribery Healthcheck aimed at?

The Anti-Bribery Healthcheck has been designed to be used primarily by risk and compliance staff with responsibilities for compliance with bribery and corruption legislation, but can also be used by any staff that have been assigned ownership of any actions, issues or risks during the process of conducting the risk assessment.

The typical user base and audience for the Anti-Bribery Healthcheck includes:

  • Anti-Bribery and Corruption Compliance Officers
  • Board Members and Senior Executive Management
  • Risk and Compliance staff
  • Internal and External Auditors
  • Regulatory Relationship Management Teams
  • General Management

What deployment methods are available to access the Anti-Bribery Healthcheck Tool?

We offer two main deployment methods:

  • Cloud-based – software-as-a-service (SaaS)
  • Non-Hosted – installed behind your organisations firewalls (Platinum clients only)

What are the benefits of the cloud-based model?

The Anti-Bribery Healthcheck Tool is thin client – meaning that most processing and storage occurs on our servers which are hosted in a Tier One data centre which offers outstanding physical and virtual security, with 24 x 7 guards and biometric security access to the physical hardware assets and locked cabinets within the data centre. The applications are monitored on a 24 x 7 basis with full alerting to the technical consultants responsible for managing our applications.

The servers we use are best of breed Process Area Network (PAN) managed, meaning that we can increase server resources – particularly processing, memory and networking assets in real time. Performance is closely monitored, so if any hosting resources become a constraint, our consultants are alerted and resources can be added to ensure satisfactory performance.

Our application systems and client data are stored on commercial grade SAN solutions which offer snap-shotting of data for better recovery time objectives and the ability to “roll forward and roll-back” in time for dedicated client instances of our applications.

We offer 500MB of storage per user, which means that most plans that we offer allow more than adequate storage for the use of our solutions. Beyond this level, we reserve the right to charge AUD$50 per GB per month for storage, and will not guarantee recovery of any documents stored beyond this level. For client accounts that are not renewed within 90 days of expiration, we do not guarantee restoration or access of any data.

What is the cloud-based hosting technical architecture?

Screen Shot 2014-06-09 at 12.15.09 pm

 

Where is the cloud-based model hosted?

We host our cloud-based model through a Sydney, based hosting services provider called Sententia Pty Ltd, which has been providing hosting and mission critical services for government, financial services, telecommunications companies and other organisations since 1989. Among other things, Sententia is known for data centre architecture and Payment Card Industry (“PCI”) standard hosting solutions. It is this expertise that Sententia has brought to the hosting of our application and product / solutions.

How secure is the cloud-based hosting model?

Our solutions are hosted in a Tier One data centre which offers outstanding physical and virtual security, with 24 x 7 guards and biometric security access to the physical hardware assets and locked cabinets within the data centre. The applications are monitored on a 24 x 7 basis with full alerting to the technical consultants responsible for managing our applications.

Servers used are best of breed Process Area Network managed, meaning that we can increase server resources – particularly processing, memory and networking assets in real time. Of course performance is monitored, so if any hosting resources become a constraint, our consultants are alerted and resources can be added to ensure satisfactory performance.

How is data stored in the data centre?

Our application systems and client data are stored on commercial grade SAN solutions which offer snap-shotting of data for better recovery time objectives and the ability to “roll forward and roll-back” in time for dedicated client instances of our applications.

How frequently is data backed-up?

In addition we offer sophisticated daily backup, weekly and monthly archive facilities where application and user data are stored on tape, which is taken off site.

How is disaster recovery managed?

With the offsite tape storage and sophisticated provisioning of server and user access, we offer very responsive data recovery time frames.

How does the non-hosted model work?

We recognise that cloud-computing is not for everyone and that internal IT protocols determine application deployment in many organisations.  To meet this need we offer a non-hosted deployment model which is tiered and priced in the same manner as the cloud-based model but is only available to Platinum clients.

There is an additional premium of 30% added as a maintenance and support fee, which is designed to cover the initial installation, software upgrades and base level technical support (which can be scaled as required).

What is the technical architecture for the non-hosted model?

Screen Shot 2014-06-09 at 12.15.51 pm

What system requirements exist for the non-hosted model?

The system requirements for a non-hosted solution include:

  • Server platforms – Windows Server 2008/2012 R2
  • Database platforms – SQL Server 2008/2012 R2 Express (or higher)
  • Web-server platforms – IIS 7.0 64 bit
  • Client browsers – Chrome, Internet Explorer, Firefox and Safari (current versions +)