Key Questions Regarding Integrated GRC

Key Questions Regarding Integrated GRC

GRC means different things to different people. One perception is that integrated GRC is nothing more than enterprise risk management (ERM) repackaged by solution providers to drive a new market. Others consider ERM and GRC as distinct subsets of each other. ERM practices have traditionally focused on strategic, financial and operational risks, with some emphasis on compliance risks, whereas GRC derives its origins largely from a compliance focus. GRC practices have evolved over a long period of time, and place greater emphasis on integrating various risk and compliance functions. The impetus of the argument for an integrated approach to GRC is the lack of transparency in the performance of these varied risk and compliance silos, which makes them distinctively different from the core operating processes of the business.

 

Ready to work with us?