3Sixty Insights, profile picture
Uploaded by3Sixty Insights
PPTX, PDF3,305 views

GRC Fundamentals

The document discusses the growing need for governance, risk, and compliance (GRC) solutions amidst increasing regulatory complexities and market volatility. It highlights the challenges in implementation, such as conceptualizing ROI and aligning GRC capabilities with organizational needs. Key themes include the transition from point GRC to enterprise GRC and the importance of compliance as a strategic initiative within organizations.

Embed presentation

Downloaded 83 times
Governance, Risk, & Compliance Fundamentals David Houlihan Principal Analyst Blue Hill Research ©2013 Blue Hill Research. All Rights Reserved. ©2013 Blue Hill Research. All Rights Reserved.
Need for GRC Solutions is Growing, But Implementation is Challenging Compliance becomes top risk priority of Directors Increasing market / business volatility Demand for Solutions Regulatory regimes more complex Agencies more aggressive about enforcement The frequency and pain of data breaches is growing Information and function silos results in overlooked opportunities and exposures Sorting out GRC vendors visions and value propositions Challenges to Implementation ©2013 Blue Hill Research. All Rights Reserved. Difficulty conceptualizing ROI Unclear how to prioritize implementation strategies to maximize organizational benefit
Map GRC Capabilities to Organizational Needs GRC is maturing into a enterprise solution, but still suffers from fractured perspectives. Operational ? Users should start by determining functional areas and use cases that stand to benefit most. Financial? Enterprise? Legal? Organizations can then map out where core GRC capabilities can support their business processes. IT Security? Core GRC Capabilities Identify & Analyze Risks Set Controls ©2013 Blue Hill Research. All Rights Reserved. Monitor Identify Vulnerabilities Respond to incidents Report
The “Success Factors” of GRC Minimize exposure Reduce Compliance Cost Recognize Opp./Risk Executive Finance Maintain Data Security Technology Technology Remove Silos Reduce redundancy/complexity Line of Business LOB Reduce time spent on compliance tasks ©2013 Blue Hill Research. All Rights Reserved. Increase profile in organization
Key Themes to Consider Roll-up of “point” GRC to enterprise GRC Compliance as a C-suite initiative Risk agility and intelligence Data privacy and security Social media risk Anti-bribery, anti-laundering, and anti-terror compliance ©2013 Blue Hill Research. All Rights Reserved.
Thank you! To join the conversation, follow us on Phone: +1 (617) 624-3600 ©2013 Blue Hill Research. All Rights Reserved. Contact Sales: sales@bluehillresearch.com Contact Research: research@bluehillresearch.com 1

More Related Content

PPTX
Governance, Risk & Compliance Management Solution
byRishabh Software
 
PPTX
Governance, risk and compliance framework
byCeyeap
 
PDF
Governance, Risk, and Compliance Services
byCapgemini
 
PPTX
Governance risk and compliance
byMagdalena Matell
 
PDF
GRC - Isaca Training 16.9.2014
byPaul Simidi
 
PPTX
Grc governance, risk management & compliance
byHR Globe Consulting
 
PDF
Integrated GRC
byTranscendent Group
 
PPSX
GRC Governance, Risk mgmt. & Compliance Executive
byMax Neira Schliemann
 
Governance, Risk & Compliance Management Solution
byRishabh Software
 
Governance, risk and compliance framework
byCeyeap
 
Governance, Risk, and Compliance Services
byCapgemini
 
Governance risk and compliance
byMagdalena Matell
 
GRC - Isaca Training 16.9.2014
byPaul Simidi
 
Grc governance, risk management & compliance
byHR Globe Consulting
 
Integrated GRC
byTranscendent Group
 
GRC Governance, Risk mgmt. & Compliance Executive
byMax Neira Schliemann
 

What's hot

PDF
Governance Risk Management and Compliance (GRC)
bySeta Wicaksana
 
PDF
Embedding RCSA into Strategic Planning and Business Strategy
byAndrew Smart
 
PDF
Enterprise Risk Management (ERM) Framework 2020
byRichard Swartzbaugh
 
PPTX
KRI (Key Risk Indicators) & IT
byMax Neira Schliemann
 
PPTX
Key risk indicators shareslide
byZakaria Salah, Ph.D,MBA
 
PDF
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
byCorporater
 
PDF
Enterprise Risk Management PowerPoint Presentation Slides
bySlideTeam
 
PPTX
GRC
byMaryam Hidayatallah CPFA,MIPA,MA,CICA
 
PPTX
Risk based auditing
byTunde Elijah Kelani
 
PPTX
Enterprise Risk Management and Sustainability
byJeff B
 
PDF
SOC-2 Compliance Status Report sample v10.0
byMark S. Mahre
 
PPSX
Governance, Risk, Compliance & Trust (OCEG graphics removed)
byAlex Todd
 
PDF
Managing with KPI's and KRI's
byAndrew Smart
 
PPTX
Integrating Risk Appetite With Strategy Feb 14 2011
byAndrew Smart
 
PPTX
Integrating Strategy and Risk Management
byAndrew Smart
 
PDF
Vendor Risk Management
byRahul Bhan (CA, CIA, MBA)
 
PPTX
Coso And Internal Audit
byijazurrehman
 
PPT
Internal Control & Risk Management Framework
byTreasury Consulting LLP
 
PPTX
ISO 27001 Awareness/TRansition.pptx
byDr Madhu Aman Sharma
 
PPTX
Risk indicators
bySravani Varma
 
Governance Risk Management and Compliance (GRC)
bySeta Wicaksana
 
Embedding RCSA into Strategic Planning and Business Strategy
byAndrew Smart
 
Enterprise Risk Management (ERM) Framework 2020
byRichard Swartzbaugh
 
KRI (Key Risk Indicators) & IT
byMax Neira Schliemann
 
Key risk indicators shareslide
byZakaria Salah, Ph.D,MBA
 
Third-Party Risk Management (TPRM) | Risk Assessment Questionnaires
byCorporater
 
Enterprise Risk Management PowerPoint Presentation Slides
bySlideTeam
 
GRC
byMaryam Hidayatallah CPFA,MIPA,MA,CICA
 
Risk based auditing
byTunde Elijah Kelani
 
Enterprise Risk Management and Sustainability
byJeff B
 
SOC-2 Compliance Status Report sample v10.0
byMark S. Mahre
 
Governance, Risk, Compliance & Trust (OCEG graphics removed)
byAlex Todd
 
Managing with KPI's and KRI's
byAndrew Smart
 
Integrating Risk Appetite With Strategy Feb 14 2011
byAndrew Smart
 
Integrating Strategy and Risk Management
byAndrew Smart
 
Vendor Risk Management
byRahul Bhan (CA, CIA, MBA)
 
Coso And Internal Audit
byijazurrehman
 
Internal Control & Risk Management Framework
byTreasury Consulting LLP
 
ISO 27001 Awareness/TRansition.pptx
byDr Madhu Aman Sharma
 
Risk indicators
bySravani Varma
 

Viewers also liked

PPTX
The analytic hero's journey
by3Sixty Insights
 
PPTX
Food Safety Webcast: Allergen Management
byFoodservice Equipment & Supplies Magazine
 
PDF
Shopper insights Tracking
byPedro Antonio García López
 
PDF
Presentation encuesta
byPedro Antonio García López
 
PPT
Ch4 1 v1
bybhagavanprasad
 
PPT
Ch3 5 v1
bybhagavanprasad
 
PPTX
Presentation1 karen-mc-clintock
byMilliCanada
 
PPTX
Library website features (February 2016)
bylis02215
 
PPTX
Blue Hill Research: Managing Mobile Now and in the Future
by3Sixty Insights
 
PPTX
Why AWS's Redshift is a Game Changer
by3Sixty Insights
 
PPTX
The Analytic Hero’s Journey
by3Sixty Insights
 
PDF
CMU Portugal inRes Initiative Presentation April 2014
byCMUPortugal_
 
PDF
Construyendo la reputacion corporativa desde el principio
byPedro Antonio García López
 
PDF
201502 cmu portugal_highlights
byCMUPortugal_
 
PPTX
Hurricane Preparedness for Business Continuity - GRC Learning Series
bypeak10datacentersolutions
 
KEY
Mobile Apps 101
byMotionMobs
 
PPTX
Ourschool
byMaribel Lopez
 
PPTX
Naperville north tech workshop day 1
byjoeewilson
 
PPTX
Research guides tour (February 2016)
bylis02215
 
PPTX
10 Things About the Library Website
bylis02215
 
The analytic hero's journey
by3Sixty Insights
 
Food Safety Webcast: Allergen Management
byFoodservice Equipment & Supplies Magazine
 
Shopper insights Tracking
byPedro Antonio García López
 
Presentation encuesta
byPedro Antonio García López
 
Ch4 1 v1
bybhagavanprasad
 
Ch3 5 v1
bybhagavanprasad
 
Presentation1 karen-mc-clintock
byMilliCanada
 
Library website features (February 2016)
bylis02215
 
Blue Hill Research: Managing Mobile Now and in the Future
by3Sixty Insights
 
Why AWS's Redshift is a Game Changer
by3Sixty Insights
 
The Analytic Hero’s Journey
by3Sixty Insights
 
CMU Portugal inRes Initiative Presentation April 2014
byCMUPortugal_
 
Construyendo la reputacion corporativa desde el principio
byPedro Antonio García López
 
201502 cmu portugal_highlights
byCMUPortugal_
 
Hurricane Preparedness for Business Continuity - GRC Learning Series
bypeak10datacentersolutions
 
Mobile Apps 101
byMotionMobs
 
Ourschool
byMaribel Lopez
 
Naperville north tech workshop day 1
byjoeewilson
 
Research guides tour (February 2016)
bylis02215
 
10 Things About the Library Website
bylis02215
 

Similar to GRC Fundamentals

PPTX
Governance Risk Compliance Framework.pptx
byIsorobot
 
PDF
Crafting an End-to-End Pharma GRC Strategy
byCognizant
 
PPTX
GRC FrameworkLecture for Students First Exposure
bycpgupta10
 
PPTX
Concept of Governance - Management of Operational Risk for IT Officers/Execut...
byAmity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
PDF
GRC Services: Navigating Enterprise Governance, Risk, and Compliance in 2025
bybasilmph
 
PPTX
Strengthening Governance, Risk, and Compliance (GRC) with Compliance Manageme...
byhepburnindia
 
PPTX
The Role of Governance, Risk, and Compliance in Building Stakeholder Trust.pptx
bybidhanbarman2508
 
PPTX
The Growing Importance of Governance, Risk, and Compliance in Modern Business
byhepburnindia
 
PPTX
Common Governance, Risk, and Compliance Challenges and How to Tackle Them.pptx
bybidhanbarman2508
 
PPTX
The Growing Importance of Governance, Risk, and Compliance in Modern Business...
bybidhanbarman2508
 
PPTX
Common governance, risk, and compliance Challenges and How to Overcome Them.pptx
bybidhanbarman2508
 
PDF
Governance, Risk and Compliance Platform.pdf
byGauriKale30
 
PPT
CML Group GRCaaS Dashboard
byJim Robins
 
PDF
GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__
bysusanta subudhi
 
PDF
(CISOPlatform Summit & SACON 2024) GRC.pdf
byPriyanka Aash
 
PDF
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
byEgyptian Engineers Association
 
PDF
Insights on grc grc technology au1488
byAshwin Kumar
 
PDF
Lets understand the GRC market well with Ponemon analysis- FixNix
byFixNix Inc.,
 
PPTX
GRC Tools
byRahulTripathi330262
 
PDF
GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__
bysusanta subudhi
 
Governance Risk Compliance Framework.pptx
byIsorobot
 
Crafting an End-to-End Pharma GRC Strategy
byCognizant
 
GRC FrameworkLecture for Students First Exposure
bycpgupta10
 
Concept of Governance - Management of Operational Risk for IT Officers/Execut...
byAmity University | FMS - DU | IMT | Stratford University | KKMI International Institute | AIMA | DTU
 
GRC Services: Navigating Enterprise Governance, Risk, and Compliance in 2025
bybasilmph
 
Strengthening Governance, Risk, and Compliance (GRC) with Compliance Manageme...
byhepburnindia
 
The Role of Governance, Risk, and Compliance in Building Stakeholder Trust.pptx
bybidhanbarman2508
 
The Growing Importance of Governance, Risk, and Compliance in Modern Business
byhepburnindia
 
Common Governance, Risk, and Compliance Challenges and How to Tackle Them.pptx
bybidhanbarman2508
 
The Growing Importance of Governance, Risk, and Compliance in Modern Business...
bybidhanbarman2508
 
Common governance, risk, and compliance Challenges and How to Overcome Them.pptx
bybidhanbarman2508
 
Governance, Risk and Compliance Platform.pdf
byGauriKale30
 
CML Group GRCaaS Dashboard
byJim Robins
 
GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__
bysusanta subudhi
 
(CISOPlatform Summit & SACON 2024) GRC.pdf
byPriyanka Aash
 
138 مبادرة #تواصل_تطوير المحاضرة ال 138 من المبادرة دكتور مهندس / أكرم حسن اس...
byEgyptian Engineers Association
 
Insights on grc grc technology au1488
byAshwin Kumar
 
Lets understand the GRC market well with Ponemon analysis- FixNix
byFixNix Inc.,
 
GRC Tools
byRahulTripathi330262
 
GRC_Strategic_Agenda__The_Value_Proposition_of_Goverance,_Risk,_and_Compliance__
bysusanta subudhi
 

More from 3Sixty Insights

PPTX
The Foundations of Social Media Risk Management
by3Sixty Insights
 
PPTX
Choosing AirWatch by VMware as a BYOD solution - A Blue Hill Research Case Study
by3Sixty Insights
 
PPTX
Investing in the Front End of Compliance
by3Sixty Insights
 
PPTX
ROI of A Liberated Data Analyst
by3Sixty Insights
 
PPTX
The Future of Finance in a World of Global Digital Transformation
by3Sixty Insights
 
PPTX
Microsoft, Innovation, and its HR Failure
by3Sixty Insights
 
PPTX
Achieving Better Credit and Collections with FinancialForce Accounting & Chatter
by3Sixty Insights
 
PPTX
The Analytic Hero's Journey
by3Sixty Insights
 
PPTX
SMAC talk for the enterprise
by3Sixty Insights
 
The Foundations of Social Media Risk Management
by3Sixty Insights
 
Choosing AirWatch by VMware as a BYOD solution - A Blue Hill Research Case Study
by3Sixty Insights
 
Investing in the Front End of Compliance
by3Sixty Insights
 
ROI of A Liberated Data Analyst
by3Sixty Insights
 
The Future of Finance in a World of Global Digital Transformation
by3Sixty Insights
 
Microsoft, Innovation, and its HR Failure
by3Sixty Insights
 
Achieving Better Credit and Collections with FinancialForce Accounting & Chatter
by3Sixty Insights
 
The Analytic Hero's Journey
by3Sixty Insights
 
SMAC talk for the enterprise
by3Sixty Insights
 

Recently uploaded

PPTX
The Landscape of Computer Software Development Companies
byYash Singh
 
PPTX
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
PDF
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
PDF
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
PDF
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PDF
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
PDF
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
PDF
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PPTX
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
PDF
December Patch Tuesday
byIvanti
 
PPTX
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
PDF
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
The Landscape of Computer Software Development Companies
byYash Singh
 
Basics of Identity Access Management In mordern Infrastructure
byPrinceXavier18
 
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
Empowering Productivity with Clever Prompts and Intelligent Agents
byUni Systems S.M.S.A.
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Zero Trust & Defense-in-Depth: The Future of Critical Infrastructure Security
byYasir Naveed Riaz
 
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
eResource Scheduler Enterprise Resource Management and Scheduling Software.pdf
byeResource Scheduler
 
Unlocking the Power of Salesforce Architecture: Frameworks for Effective Solu...
byvarsha30tiwari
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Ethics in AI - Artificial Intelligence Fundamentals.pptx
byemenyiblessing
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
December Patch Tuesday
byIvanti
 
Combining Induction and Transduction for Abstract Reasoning.pptx
byallen578468
 
Making Sense of Raster: From Bit Depth to Better Workflows
bySafe Software
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
In this document
Powered by AI

Overview of Governance, Risk, and Compliance (GRC) presented by David Houlihan of Blue Hill Research.

Growing need for GRC solutions amid complex regulations; challenges include ROI and prioritizing strategies.

Mapping GRC capabilities like risk identification and monitoring to organizational functional areas for better integration.

Key success factors include minimizing exposure, reducing costs, and improving data security, while removing silos.

Key themes include shift from point to enterprise GRC and C-suite engagement in compliance and risk management.

Thank you and contact details for further engagement and information exchange.

GRC Fundamentals

  • 1.
    Governance, Risk, &Compliance Fundamentals David Houlihan Principal Analyst Blue Hill Research ©2013 Blue Hill Research. All Rights Reserved. ©2013 Blue Hill Research. All Rights Reserved.
  • 2.
    Need for GRCSolutions is Growing, But Implementation is Challenging Compliance becomes top risk priority of Directors Increasing market / business volatility Demand for Solutions Regulatory regimes more complex Agencies more aggressive about enforcement The frequency and pain of data breaches is growing Information and function silos results in overlooked opportunities and exposures Sorting out GRC vendors visions and value propositions Challenges to Implementation ©2013 Blue Hill Research. All Rights Reserved. Difficulty conceptualizing ROI Unclear how to prioritize implementation strategies to maximize organizational benefit
  • 3.
    Map GRC Capabilitiesto Organizational Needs GRC is maturing into a enterprise solution, but still suffers from fractured perspectives. Operational ? Users should start by determining functional areas and use cases that stand to benefit most. Financial? Enterprise? Legal? Organizations can then map out where core GRC capabilities can support their business processes. IT Security? Core GRC Capabilities Identify & Analyze Risks Set Controls ©2013 Blue Hill Research. All Rights Reserved. Monitor Identify Vulnerabilities Respond to incidents Report
  • 4.
    The “Success Factors”of GRC Minimize exposure Reduce Compliance Cost Recognize Opp./Risk Executive Finance Maintain Data Security Technology Technology Remove Silos Reduce redundancy/complexity Line of Business LOB Reduce time spent on compliance tasks ©2013 Blue Hill Research. All Rights Reserved. Increase profile in organization
  • 5.
    Key Themes toConsider Roll-up of “point” GRC to enterprise GRC Compliance as a C-suite initiative Risk agility and intelligence Data privacy and security Social media risk Anti-bribery, anti-laundering, and anti-terror compliance ©2013 Blue Hill Research. All Rights Reserved.
  • 6.
    Thank you! To jointhe conversation, follow us on Phone: +1 (617) 624-3600 ©2013 Blue Hill Research. All Rights Reserved. Contact Sales: sales@bluehillresearch.com Contact Research: research@bluehillresearch.com 1