Operational Risk & Regulation - June issue 2011
Governance, risk & compliance (GRC) programmes are continuously evolving to keep pace with changes in business conditions, market opportunities and regulatory requirements. Companies use GRC programmes to meet new challenges and deliver improved and sustainable results. MEGA introduces how operational governance can be key to GRC initiatives in helping enterprises meet their goals and protect them from potential risks.
Governance, risk & compliance (GRC) programmes were initially regarded as added, unnecessary expenses that didn’t drive real business value. These original GRC efforts were primarily focused on financial objectives and often exposed a ‘just to pass’ culture towards regulatory compliance. Since those early days, organisations have realised that identifying and controlling risks makes the company stronger. Corporations recognise that increasing transparency of operational processes and risks is a responsible approach to protecting them from costly hazards and creating added value.
GRC, when treated as a holistic endeavour, helps govern companies by reconciling financial objectives and business strategy with operational tactics and execution. It provides reasonable assurance that risks are fully identified, monitored and managed so they are controlled in the way that best meets corporate goals and policies.
This new approach to GRC reinforces operational governance as a complement to financial governance. Combining the two is the best way to improve decision-making in the risk environment and ensure better long-term performance.
This article discusses how operational governance strengthens GRC programmes in a sustainable way. It focuses on three steps to implementing a programme to create true visibility into a company’s infrastructure and effective operational risk management (ORM). [...]