Governance, Risk, Compliance & Trust (OCEG graphics removed)


Published on

The presentation unifies business value creation and preservation objectives within one framework suitable for use by, and accessible to, all departments of all organizations in all industry sectors. GRC still focuses too much on preserving trust and social capital and not enough on developing them. The entire premise of OCEG's GRC initiative is too narrowly focused and is therefore incomplete. To use a sports analogy, you can't win a football game with defense alone. Offensive business practices develop trust and build social capital, encourage risk taking, facilitate collaboration, and stimulate innovation. These elements remain inadequately addressed by the GRC approach to achieving its Principled Performance objectives.

Published in: Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Governance, Risk, Compliance & Trust (OCEG graphics removed)

  1. 1. Governance, Risk, Compliance & Trust<br />Presentation to KPMG<br />May 20, 2009<br />By Alex Todd<br /><br />
  2. 2. Agenda<br />GRC & Systemic Risk<br />Risk-Reward & Uncertainty-Opportunity<br />Trust Enablement & Risk Management 2.0<br />Applications<br />Opportunities<br />
  3. 3. Governance Risk & Compliance<br />Drives Principled Performance®by enhancing corporate culture and integrating governance, risk management, and compliance processes.<br />Governance<br /><ul><li>set and evaluate performance against objectives
  4. 4. power to authorize a business strategy and model to achieve objectives</li></ul>Culture<br /><ul><li>establish an organizational climate and mind-sets of individuals that promote ethical behavior, trust, integrity and accountability </li></ul>OCEG graphicremovedfromthis location<br />Risk Management <br /><ul><li>proactively identify and rigorously assess and address potential obstacles to achieving objectives
  5. 5. identify and address risks that the organization will step outside of mandated and voluntary boundaries </li></ul>Compliance<br /><ul><li>proactively encourage and require compliance with established policies and
  6. 6. detect noncompliance and respond accordingly</li></ul>Source: The termPrincipled Performance is a registeredtrademark of the non-profit thinktank OCEG and isdefined in their position paper, Red Book (see<br />
  7. 7. OCEG Business Case<br />Governance<br />OCEG graphicremovedfromthis location<br />Compliance & Ethics Programs<br />Risk Management<br />Culture<br />ERM<br />Social Responsibility<br />Compliance Programs<br />IT Governance<br />Ethics Programs<br />Source: OCEG<br />
  8. 8. OCEG Objectives<br />OCEG graphicremovedfromthis location<br />“Ensure business is conducted within boundaries and that obstacles and uncertainty are appropriately addressed” - OCEG<br />Source: OCEG<br />
  9. 9. OCEG Objectives<br />
  10. 10. OCEG Business Case<br />OCEG graphicremovedfromthis location<br />Customers<br />Society<br />Regulators<br />Investors<br />
  11. 11. What does the world look like?<br />
  12. 12. Systemic Risk<br />
  13. 13. Agenda<br />GRC & Systemic Risk<br />Risk-Reward & Uncertainty-Opportunity<br />Trust Enablement & Risk Management 2.0<br />Applications<br />Opportunities<br />
  14. 14. Maturity Model<br />Golden Rule<br />BUSINESS<br />Sustainability<br />Uncertainty<br />Leadership<br />Collaboration<br />Risk Management<br />Profit<br />
  15. 15. Uncertainty<br />Risk Management<br />Innovation<br />
  16. 16. Risks & Uncertainties<br />Risk<br />Uncertainty<br />Reward<br />Possibility<br />
  17. 17. Risk-Reward & Uncertainty-Possibility<br />Risk<br />Reward<br />Tactical Risk<br />Price gouging<br />Strategic Risk<br />Premium brand<br />Systemic Risk<br />Externalizing risk<br />Profiteering<br />High profit margins<br />Economic bubble<br />Uncertainty<br />Possibility<br /><ul><li>Tactical Uncertainty
  18. 18. New market
  19. 19. Strategic Uncertainty
  20. 20. New offering
  21. 21. Systemic Uncertainty
  22. 22. New business model
  23. 23. Revenue growth
  24. 24. Competitive advantage
  25. 25. New value</li></li></ul><li>Agenda<br />GRC & Systemic risk<br />Risk-Reward & Uncertainty-Opportunity<br />Trust Enablement & Risk Management 2.0<br />Applications<br />Opportunities<br />
  26. 26. Trust Definitions<br />Trust = Acceptable Uncertainty<br />Trust is a person's willingness to accept and/or increase their vulnerability by relying on implicit or explicit information.<br />
  27. 27. Certainty<br />Acceptability<br />Develop Trust<br />Protect Trust<br />Interpretive Sources of Trust<br />Subjective assertions of the source of the information or third parties.<br />Empowerment<br />Relying party’s ability to choose.<br />Trust Enablement®Framework<br />Experiential Sources of Trust<br />Personal experiences of the relying party or those of objective witnesses.<br />Motive Forces<br />Factors influencing the actions of the beneficiary (trusted party).<br />Risk Management 2.0<br />Risk Management<br />Proficiencies<br />Aptitude, knowledge, behaviour and disciplines employed to consistently deliver expected value (people, processes & technology).<br />Risk Transference<br />Mechanisms and processes that transfer risk away from the relying party.<br />
  28. 28. A Management Innovation<br />Trust Enablement® is both a management philosophy and a technology for business best practices. It fills a business practices void by counterbalancing risk management based control mechanisms that preserve trust, with those that develop trust, and thereby provides a complementary, foundational, new management competency. It serves to fundamentally change the leadership mindset from an inside-out to an outside-in orientation.<br />
  29. 29. Agenda<br />GRC & Systemic risk<br />Risk-Reward & Uncertainty-Opportunity<br />Trust Enablement & Risk Management 2.0<br />Applications<br />Opportunities<br />
  30. 30.
  31. 31.<br />
  32. 32. Offerings<br />
  33. 33. Public Policy & Economic Development<br />
  34. 34. Corporate Governance & Investment<br />
  35. 35. Policy & Strategy<br />
  36. 36. Risk Management<br />
  37. 37. Information Technology & Security<br />
  38. 38. Online Transactions & Web 2.0<br />
  39. 39. Organizational Development & Change Management<br />
  40. 40. Leadership, Collaboration & Innovation<br />
  41. 41. Marketing & Sales<br />
  42. 42. Supply Chain Management<br />
  43. 43. Other Initiatives<br />
  44. 44. Agenda<br />GRC & Systemic risk<br />Risk-Reward & Uncertainty-Opportunity<br />Trust Enablement & Risk Management 2.0<br />Applications<br />Opportunities<br />
  45. 45. Opportunity<br />
  46. 46. How are we the cause in the matter?<br />Alex Todd<br />Trust Enabling Strategies<br /><br />