What ought to keep you awake at night?
Governance, Risk and Compliance (GRC) is a term that might more accurately be described as “The business issues that ought to keep directors and senior managers awake at night!”
GRC Case Studies
Governance is concerned with the structure, direction and management oversight of the business. It involves establishing the culture of the business, the business plan (strategy and tactics) as well as making sure the business has the resources and expertise to execute the plan.
Risk is concerned with establishing the risk appetite of the business, ensuring adequate risk assessment, mitigating risks identified and monitoring risks.
Compliance is ensuring that the business complies with its legal and regulatory obligations as well as the behaviour standards it has adopted to differentiate itself from competitors.
Danger of Poor GRC Practices
Poor GRC practices are dangerous for larger and smaller business!
Failure to meet legal and regulatory obligations can often lead to public censure, fines or to imprisonment. It is likely to cause reputational damage to the business. In the worst examples, it can cause the business to go bust!
Not always easy to spot, amongst others, the symptoms of poor GRC practices are;
- Repeated error
- Poor productivity
- Lack of monitoring
- Lack of risk appetite
- Lack of risk management
- Poor service
- Poor culture
- Lack of information (MI)
- Lack of risk assessment
- Poor compliance
- Poor manufacturing
- Few management meetings
- Few board meetings
- Lack of risk policy
- Legal or regulatory breaches
Fire-fighting or Proactive Advice and Assistance?
Many businesses don’t recognise they have a problem until it’s too late!
Fire-fighting is very disruptive and expensive.
Many do not survive such a catastrophe – whether self-inflicted or caused by external risk.
Businesses that proactively review their GRC and call in external expertise to review GRC practices and resilience are the firms that are most likely to survive or to avoid catastrophe and prosper.
This is a much more cost-effective approach.
So, what business issues keep you awake at night?