Ten Slides in Ten Minutes - Company Realities - GRC

198
-1

Published on

Brief look at Governance, Risk and Compliance (GRC) for a sustainable business

Published in: Business, Economy & Finance
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
198
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
7
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Ten Slides in Ten Minutes - Company Realities - GRC

  1. 1. SS Ten Slides in Ten Minutes: Company Realities – Governance, Risk & Compliance [Capturing the Hearts and Minds of Prospects & Clients] Presented by: Bill Graham APM.APMP bill.graham@sales-synthesis.co.za December, 2013 1
  2. 2. Sustainable Business Issues • Governance • Risk • Legislative • Security: o Internal o External o Physical 2
  3. 3. Establishment of a Sustainable Business centric GRC Framework Governance describes the overall management approach through which senior executives direct and control the entire organisation. Governance activities ensure that critical management information reaching the executive team is sufficiently complete, accurate and timely to enable appropriate management decision making and actions Risk Management is the set of processes through which management identifies, analyses, and, where necessary, responds appropriately to risks that might adversely affect realisation of the organisation's business objectives Compliance means conforming with stated requirements through management processes that identify the applicable requirements (e.g. laws, regulations, contracts, strategies and policies) and prioritise, fund and initiate any corrective actions deemed necessary. Source: Various 3
  4. 4. Establishment of a Sustainable Business centric GRC Framework Some companies use independent 3rd parties to undertake a first-level framework definition G R Source: Various C 4
  5. 5. Establishment of a Sustainable Business centric GRC Framework Governance Board Level • Regulations establish board responsibilities Executive Management • Ensure that the strategies support business aspirations Governance is not a spectator sport Leadership Structure • Delivery of value to the business • Mitigation of identified risks Processes Source: Sales Synthesis 5
  6. 6. Establishment of a Sustainable Business centric GRC Framework Risk Management Risk Propensity Reporting Risk ID & Quantify Compliance Statutory $ economic Social Environs P() Fragility Analysis Source: Melrose Atteridge Action GRC Frameworks are well documented and supported 6
  7. 7. Establishment of a Sustainable Business centric GRC Framework Compliance Major Shifts in the Global Compliance Landscape: • Standards bodies are tightening enforcement • International breach notification laws • More regulations = more (prescriptive) rules • “Check list” approach not working any more • Increased costs and risk i.e. litigation for compromised data; brand reputation • More transparency = greater consequences • Compliance is being forced to the “next level” • Compliance is now a management issue Source: Consult to Comply GRC Frameworks are well documented and supported 7
  8. 8. Establishment of a Sustainable Business centric GRC Framework Compliance Compliance at the Next Level: • Have you developed a sustainable business-centric compliance strategy? • Do you have a consistent controls framework? • Do you have the appropriate level of controls specific to your business? • Can you easily articulate and defend your controls to auditors? • Can you produce multiple reports for different purposes? • Can you reduce repetitive manual tasks and redundant controls? • Is compliance fully embedded in your business process? • Are you prepared for the next round of upcoming regulations? Source: Consult to Comply GRC Frameworks are well documented and supported 8
  9. 9. Compliance Mapping Risk Propensity Reporting Risk ID & Quantify Compliance Statutory $ Compliance Mapping economic Social Environs P() Fragility Analysis GRC Frameworks Source: Melrose Atteridge & Consult to Comply Action are well documented and supported 9
  10. 10. The Governance, Risk & Compliance (GRC) Landscape GRC permeates across the Business - an example of IT GRC Source: Unknown 10

×