Newsletter | Volume 1

Issue I
Issue II
Issue III
Issue IV
Issue V
Issue VI
Issue VII
Issue VIII
Issue IX
Issue X
Issue XI
Issue XII
Issue XIII
Issue XIV
Issue XV
Issue XVI
Issue XVII
Issue XVIII
Issue XIX
Issue XX
Issue XXI
Issue XXII
Issue XXIII
Issue XXIV
Issue XXV
Issue XXVI
Issue XXVII
Issue XXVIII
Issue XXIX
Issue XXX
Issue XXXI
Issue XXXII
Issue XXXIII
Issue XXXIV
Issue XXXV
Issue XXXVI
Issue XXXVII
Issue XXXVIII

click here to

Subscribe to our newsletter



To Unsubscribe click here

The Continued storyline of the 7th annual European GRC Summit Part III


Scene: The Chairman of Global Mining has called for a meeting with the senior management and GRC officers together with the chairman of the Audit Committee.

Participants:
Mr. GEORGE RISKIN, Chairman of the board
Mr. ROBERTO M. ICOMPLI, CEO
Mrs. Caroline Moneypenny, CFO in charge of Compliance
Ms. ITA, IT Manager
Mr. I.M. Auditson, Chairman of the Audit Committee
Mr. Joe Doe, Independent member of the Board

Large Conference Office - Desk

GEORGE RISKIN, Chairman of the board of Global Mining, around 50, dressed immaculately in a blue pin striped suit, sits at his desk reading his company spread sheet. A pained look of concern is across his face.

GEORGE:
I have been thru the minutes of the past board meeting and made a list the important areas where we need to focus on in 2014 and have made a prioritized list:
  1. 3rd party Risk & Compliance (vendor/supplier/agent)
  2. Business Continuity Management
  3. Integrating GRC Management to IT Risk and Security
  4. Financial Controls & Compliance
  5. Issue & Investigations Management
  6. Corporate Social Responsibility
  7. GRC Policy & Training Management
Now I want you all to give me your general thoughts on these issues and how we are going to address these issues:
Mr. I.M. Auditson:
Enterprise Risk Management (ERM) is one of the biggest challenges facing our business. ERM should have been able to manage the unsuccessful reorganization because we did not have control of all risks and governance and IT security issues in place.

ROBERTO:
We have to ensure that managing Third Party and Counterparty Relationship Risks regularly to ensure that our third party transactions do not pass through the cracks. Our current business environment is unfortunately in a limited growth mode, so we need to address the key concern is how to integrate operational GRC structures to make them usable for the long term reorganization. Remember we need to focus on accountability, transparency and GRC engagement.

CAROLINE:
We also need to learn how to connect all stakeholders because accountability and transparency across functions in our complex global operations provides challenges on how we are prepared to deal with them. It is such a joy to work with integrated risk management system that I learnt from the Copenhagen conference several years ago.

ITA:
New IT tools come with a new breed of applications can be used on iPads and Tablets using graphics, minimizing text, making navigation intuitive, using social technologies, engaging employees with e-learning tools. I believe that at the conference, there are some IT tools that are navigable, simple user friendly experiences with the ability to drag and drop to our mainframe.

GEORGE:
We have to recruit knowledable employees at all levels of the business. GRC is not only about managers and GRC professionals and executives.

Our GRC platform needs to change to correspond to the complex compliance and oversight demands we face. We need to focus on embedding and integrating our GRC design and platform

We also need to integrate with other systems, business processes, applications and data. We need to redefine the core principles that are the focal point of all GRC processes. We are missing the train due to the multiple platforms we support. Let's learn more about the Copenhagen Compliance Principles and Practices.

ROBERTO:
what our organizations needs is guidance on how to improve GRC solutions that deliver better communications on what we do and how we do it more effectively, to all stakeholders

CAROLINE:
What our organization requires is a comprehensive review of our holistic GRC awareness across operations, processes, relationships, systems, and data. We need a scenario that combines the moving vision of risk and its impact on performance and strategy. How can we realize that is another issue that will be covered at the conference?

ITA
The IT Business is difficult. Sometimes I think about the years of simplicity in our business operations. The overreach, growth and changes in GRC regulations, globalization issues, distributed 3rd party issues, changing processes, the speed in with dynamic business relationships are altering our outdated and disruptive legacy technology, and business intelligence provides significant challenges to so many of us

GEORGE
Now that we have senior management at this meeting let me ask you that during the last meeting we talked on governance issues like transparency and accountability to improve operations. Another problem I have is on IT Security, Data protection and Operations Risks that I as a chairman must know about

ROBERTO
I believe that we have identified the risks that you and the boards need to be aware of. Included in the report will also our approach to confirm how we are making the most of the Cloud while protecting the company's assets at the same time.

AUDITSON
Issue & Investigations Management
Have we taken into consideration that the transition to the cloud will increase our data-security risks? I understand from another company where I also sit on the IT committee that due to The Cloud, they more vulnerable to service interruptions.

ITA
I have read the conference program and they have devoted several presentations and a parallel sessions on CSR issues.

CAROLINE
I would like to learn more on how to plan strategically for the GRC and financial risks and at the same time evaluate the costs of addressing all business risks. We have to learn from other companies that have successfully navigated through the crisis.

GEORGE
There seems to be an end to the current crisis and crunch therefore is a need for us to raise money from non-bank sources. While we on one hand hope that policymakers will pay more attention to the needs of companies seeking to access the capital markets. We have to ensure that we have our business is in control and that all GRC issues are taken care of so that we have continued stakeholder confidence. That is extremely essential for our progress.

AUDITSON
Let us make sure that we attend this year's GRC conference. There are so many GRC issues that the conference covers and we need to get that inspiration. Last year there were individual case studies that addressed all the latest and best practices related to Risk Management, Governance issues and Compliance processes and programs.

ROBERTO
I believe that at the conference there is talk on compliance interactions, process relationships and risk management across strategy, process, transactions, information, and technology.

At the 7th annual GRC Summit we will allow the GRC processes into IT structure that effectively unites our strategy, process, and IT technology into an integrated GRC model, instead of the disparate systems, processes, and information we currently have. See you on the 23rd and the 24th September in Copenhagen.

The verdict was unanimous:
We all have to attend the European GRC SUMMIT in Copenhagen, on September 23rd -24th 2013 so that we learn how to manage our Third Party and Counterparty Relationship Risks to ensure your third party transactions do not slip through the cracks.

Let us also find out:
  • What management can learn from other companies that have transitioned to the cloud or implemented integrated GRC processes successfully?
  • Do we have the right tools from the Copenhagen Compliance conference for spotting red flags in high risk regions before they turn into violations?
Please review the conference agenda here: http://www.copenhagencompliance.com/annual/agenda.htm

Good Governance Is Good Business, Accounting and Audit Functions and Issues are vital, How to Start a Compliance Function from ground Zero, Business cases on Fraud and Corruption with reference to BA and FCPA can cost a bundle, Regulating Internal Controls can also safeguard employee interests, 3rd Party Compliance Issues means that you cannot outsource your responsibilities and liabilities, Oversight Reporting Updates because the authorities are being criticized for not taking a tough stand on the culprits so we all have to pay, Managing Internal GRC Investigations as part of the recovery is essentially added profits, How to Improve Your GRC Handling Process, Fraud and Detection, Integrating Risk Appetite and Risk Management are 2 sides of the same coin, regular workshops on Ethics and Culture are training that you cannot avoid, Do you really know where your Anti-Corruption Program is Heading? Integrate the Cloud Computing into Your Data Security Program if you want to recover all files on time, ITA recommends using IT to make Governance, risk Management and Compliance easier, She also uses IT and Risk Metrics to Measure Compliance Effectiveness, What's Mandatory & What's Common Sense in your GRC Processes, Enterprise Risk Management Programs must be revisited regularly.