GRC Needs Improvement

.


That doesn’t sound terribly effective or efficient.

The post-Sarbanes need was for a more disciplined, efficient, effective, and, in most cases, centralized approach to managing these corporate functions.

The need still exists today: 73 percent of respondents to an Ernst & Young risk survey indicate that their enterprises maintain seven or more risk functions. Sixty-seven percent of these respondents report that they have overlapping coverage among two or more risk functions; additionally, half of the respondents acknowledge that there are gaps in their organization’s risk coverage.


“Risk management functions within an organization often exist in silos that are disconnected from one another and the wider business strategy,” reports Gerry Dixon Big Fat Finance, Ernst & Young global risk leader. “As a result Big Fat Finance, risks identified in one area may not be communicated or recognized by another. Moreover, different areas within an organization may have different views on the severity or importance of certain risks.”


The term “governance risk management and compliance (GRC)” entered the business vernacular as a result of a specific need in the wake of the “most sweeping U.S. regulatory reform since the formation of the Securities and Exchange Commission.”

For a clearer view on the severity of “silo-ed GRC,” here are additional survey results. ###


Related:

0 comments:

Post a Comment