If you don't know where your Governance, Risk Management and Compliance
(GRC) processes are headed, any path may take you there. However we suggest
developing your own roadmap to reach your desired destination
There is a conflict of interest issue within the organization, when management
focuses is on overcoming idle operational practices throughout the organization
but the underlying divisions and business units have a different interest
than the corporate.
Putting in place the right level and combination of GRC policies and processes,
may often require management to rethinking the company's strategic- and
financial-planning structure.
After attending the Copenhagen Compliance Conference you probably will identify
the components and find that the rewards will make the effort worthwhile.
Several of the Key Note speeches will focus on how to escape the tyranny
of idle operational practices of check the box controls into creating more
dynamic portfolios out of the box.
When you want to develop a Governance, Risk Management and Compliance agenda,
it's helpful to have an achievement objective and a time frame in mind with
milestones and thresholds. Where to place the GRC bar, what is the risk
appetite, do we have an IT platform that can handle the GRC processes are
a few of the questions that should not be answered in clear terms. The right
answers may change or improve the business environment without creating
additional burdens or bureaucratic processes in the organization.
Further you will get detailed information to inspire you to structure your
responses to your GRC processes based on a roadmap. Several experts will
define how to move beyond generic GRC statements, such as strengthen our
internal controls or continue to mitigate our risks. In order to identify
dangerous business processes and create a foundation for prudent GRC, Bribery,
Fraud and Corruption potholes, you need to ensure adequate commitment, talent,
and other resources to achieve the goals.
After setting the GRC targets the organizations and companies need to define
the mechanisms for monitoring, revisiting and adjusting them over time.
We suggest a quarterly review of GRC process based on our checklist that
examines the performance of the pre defined core GRC processes against the
matrix and measures:
- Allocate GRC resources with agility. Business units must not be overburdened
with new demands that diminish the impact of corporate GRC policies
and strategies.
- Do not adopt a mind-set of “more controls are better, but on evidence
that prompt questions yielding strategic GRC insights.
- In broad terms do not oversimplify the GRC choices.
- Focus on the four fundamental GRC activities related to seeding,
nurturing, pruning, and harvesting. Seeding is implementing new GRC
controls. Nurturing involves building up the existing controls to
fit the changes business environment, Pruning takes the resources
and controls away from redundant processes or double controls thru
a holistic approach, and finally, harvesting is reaping the rewards
of the GRC undertaking.
- Implement processes to mitigate idle GRC operational practices.
- A systematic GRC processes can strengthen the planning and management
processes that generate a rough view of the GRC opportunities. When
senior management does not take the helicopter view you are unable
to prioritize and benchmark your GRC controls.
One of the many panel or round table discussion during the Copenhagen Compliance
Conference are:
Discussion. Is Good Governance is Good Business?
A common GRC challenge all over the world, is in finding fresh ways to make
enterprise GRC Strategies That Increase Efficiencies Across the Organization
- How to reduce redundancy and repetition, improve efficiency and consistency,
and keep everyone aware of what's going on across risk, compliance,
and audit functions.
- How do we address and unify GRC initiatives that deliver an integrated
program that empowers decision making and enables cross collaboration
across different business units as they tackle diverse key initiatives
to gain stronger insights, and make all elements of GRC relevant for
the global workforce.
Panelists: Mr. Rob van Straten, Jens Røder, Hege Sjø, Simon Collins, Luka
Lu Moderator, Lady Olga Maitland. Co-chair Mariano Davies