Community
Late last week I was at a 1-day conference on "GRC" in I.T.
For the uninitiated; Governance, Risk , and Compliance or "GRC" is a term that reflects a new way in which organizations adopt an integrated approach to these three interrelated areas. However, GRCis often positioned as a single business activity, when in fact, it includes multiple overlapping and related activities within an organization such as internal audit, compliance programs (i.e. SOX, Basel II, AML) enterprise risk management (ERM), operational risk, incident management, etc.
One of the speakers at the GRC conference started on a funny note. He said that we know there was no GRC management in the Garden of Eden. Had there been, The snake wouldn't have gotten as far as he had and we wouldn't be in the mess we are now. I don't know about that, nor would I want to debate the theology of it. What I do know is this. That if back in 2006 we put as much effort into GRC that we put into chasing profits, we wouldn't be in the situation we are today. If we start to treat GRC with the importance it deserves, we'll reduce the next economic down turn in the cycle to managable levels. Where does that start? It starts with all of us learning basic GRC and our personal responsibity towards managing it.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Alex Kreger Founder & CEO at UXDA
16 December
Kajal Kashyap Business Development Executive at Itio Innovex Pvt. Ltd.
13 December
Prashant Bhardwaj Innovation Manager at Crif
12 December
Kathy Stares EVP North America at Provenir
11 December
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.