Governance, risk and compliance
For all other enquiries please contact email@example.com.
GRC is a term used to describe an integrated approach to activities related to governance, risk management and compliance. Increased corporate failures and enhanced regulatory requirements have heightened corporate awareness about the value and importance of making sure these key activities are effectively designed, integrated and managed.
Whilst the GRC approach has been in existence for over a decade, a recent survey from the Open Compliance and Ethics Group (OCEG) suggests that only 13% of respondents were able to claim they had harmonised or successfully achieved this level of integration. However, 93% of respondents that had successfully integrated these areas reported meeting or exceeding their original expectations.
Group aims and objectives
The purpose of the group is to explore what GRC really is, and how it can be used across all functional areas of an enterprise.
Based on feedback received from the member feedback questionnaire, specific areas of interest for the SIG will include:
- Explore what GRC really is and agree a common (or assumed) definition, with focus on understanding purpose, scope and boundaries of each individual element and then how these come together to provide integrated GRC
- Share experiences, both good and bad, of our attempts so far to implement GRC
- Identify possible international best practice GRC guidelines
- Prove/demonstrate benefits of/from GRC implementations
- Develop GRC training and communication programmes
- Facilitate GRC benchmarking between organisations
- Investigate use of financial and other GRC related metrics
Take part in the latest discussions on the group's discussion forum.
Visit MyIRM for more information and to download presentations from previous meetings.