Developing GRC Risk Management Strategies
The main function of a GRC implementation (Governance, Risk and Compliance) is to control and monitor your business processes and to prevent instances of fraud and negligence occurring. In today’s unstable markets there are stringent rules and regulations in place to control corporate responsibility and accountability, and to ensure transparency with financial reporting.
In recent times there have been numerous documented cases of fraud and gross negligence within big business (The Enron scandal, and The Bearings bank collapse to name but two). Because of this there have been regulations put in place to prevent this from happening in future (Sarbanes Oxley Act, Basel iii and many others), both industry and government regulated. If these rules and regulations are not adhered to the consequences can be harsh, with businesses fined millions of dollars for breaches, be they intentional or accidental.
Adding to the above issues there is the security aspect to GRC implementations that is primarily concerned with access control and risk management.