Welcome to Blog EN - Business & IT Transformation

cancel
Showing results for 
Search instead for 
Did you mean: 

Leverage Synergies in the Corporate Governance Framework

0
0
Leverage Synergies in the Corporate Governance Framework

With a common framework, collaboration processes, and some sharing of appropriate information, each department can both contribute to and benefit from synergies.

Synergies from Compliance

  • Internal audit can incorporate known compliance breaches and critical compliance risks into their priorities when building an audit plan
  • Internal control can focus on the controls linked to the highest potential compliance risks
  • Compliance breaches can be used as triggers to re-assess risks or controls

Synergies from Risk Management

  • Internal audit can tailor their audit plan to focus on the highest potential risks
  • Internal control can take into account the criticality of the associated risk when testing or evaluating controls
  • Loss events can be used as triggers for re-assessing controls

Synergies from Internal Control

  • Compliance can focus their resources on policies and regulations linked to controls that have poor testing or assessment results
  • Internal audit can check their findings against the control testing results

Synergies from Internal Audit

  • Any high priority recommendation can turn into a trigger for other departments to re-examine and re-assess risks, controls, or policies

Each of these synergies can ultimately be classified in one of two categories.

  • Either they allow you to be more efficient through prioritizing tasks: By using other department’s work to define their priorities and focus on high risk areas (risk-based approach), GRC departments are able to make better use of their resources and accomplish more with less.
  • Or they allow for increased agility: Triggers and alerts based on one department’s findings can help other departments react more quickly, and make the whole corporate governance more agile and reactive. In a fast-paced business world with tighter budgets and an ever-expanding collection of regulations, rules, and risks, any gain of productivity--any increased ability to react quickly--is a true ace up your sleeve.

GRC departments can and should work together within a common framework. The benefits are too high to be ignored, especially when considering all the potential synergies for and from each individual GRC department.

Comment
New Member

With a common framework, collaboration processes, and some sharing of appropriate information, each department can both contribute to and benefit from synergies.

Synergies from Compliance

  • Internal audit can incorporate known compliance breaches and critical compliance risks into their priorities when building an audit plan
  • Internal control can focus on the controls linked to the highest potential compliance risks
  • Compliance breaches can be used as triggers to re-assess risks or controls

Synergies from Risk Management

  • Internal audit can tailor their audit plan to focus on the highest potential risks
  • Internal control can take into account the criticality of the associated risk when testing or evaluating controls
  • Loss events can be used as triggers for re-assessing controls

Synergies from Internal Control

  • Compliance can focus their resources on policies and regulations linked to controls that have poor testing or assessment results
  • Internal audit can check their findings against the control testing results

Synergies from Internal Audit

  • Any high priority recommendation can turn into a trigger for other departments to re-examine and re-assess risks, controls, or policies

Each of these synergies can ultimately be classified in one of two categories.

  • Either they allow you to be more efficient through prioritizing tasks: By using other department’s work to define their priorities and focus on high risk areas (risk-based approach), GRC departments are able to make better use of their resources and accomplish more with less.
  • Or they allow for increased agility: Triggers and alerts based on one department’s findings can help other departments react more quickly, and make the whole corporate governance more agile and reactive. In a fast-paced business world with tighter budgets and an ever-expanding collection of regulations, rules, and risks, any gain of productivity--any increased ability to react quickly--is a true ace up your sleeve.

GRC departments can and should work together within a common framework. The benefits are too high to be ignored, especially when considering all the potential synergies for and from each individual GRC department.