Governance, Risk, and Compliance or “GRC” is an increasingly recognized term that reflects a new way in which organizations are adopting an integrated approach to these aspects of their business. Organizations leveraging GRC processes desire to establish a regulatory or internal framework for satisfying governance requirements, evaluate risk across their enterprise and track how the organization complies with the established governance requirements.
Governance, Risk Management, and Compliance or GRC is the umbrella term covering an organization’s approach across these three areas as increased regulatory requirements, the need for transparency and the desire to better manage and mitigate risks have combined to make GRC top of mind for both business and Information Technology executives.
The rising complexity of business which is undergoing constant change often make executives feel as if they are steering the ship while “fixing” it at the same time so that the question every company must answer is the following: Will we do the bare minimum to make sure that we stay out of trouble, or can GRC become an opportunity for us to find new ways of running our business better?
Governance describes the overall management approach through which senior executives direct and control the entire organization. Governance activities ensure that critical management information reaching the executive team is sufficiently complete, accurate and timely to enable appropriate management decision making.
Risk management is the set of processes through which management identifies, analyzes, and, where necessary, responds appropriately to risks that might adversely affect realization of the organization’s business objectives. The response to risks typically depends on their perceived gravity, and involves controlling, avoiding, accepting or transferring them to a third party.
Compliance means conforming with stated requirements. At an organizational level, it is achieved through management processes which identify the applicable requirements.
About $2 billion revenue which yearly enters Nigeria earns from activities at Africa’s largest Information and Communications Technology (ICT) centre, Computer Village, Lagos, is currently under threat from counterfeiters. Counterfeiting has increased by almost 50 per cent within three years of a major raid by the Standards Organisation of Nigeria (SON) on the market, located […]
When electricity was first popularized at the beginning of the 20th century, there was a huge wave of factories that replaced their steam engines with electrical engines in an effort to increase productivity and modernize operations. However, the initial productivity gains from the electrification were barely noticeable – a phenomenon known in the economics literature as the […]
The PRINCE2 and PMP certifications involve two different project management frameworks. Both offer a body of knowledge and a proven approach to managing projects effectively. Picking one over the other is a decision that is a function of various factors. The ideal choice should be based on the industry or company you are aiming to build a career in, and the type […]