How to avoid the general assessments that only focus on current and
arbitrary GRC issues. Instead organise a GRC day that involves the entire
organisation to achieve sustainable improvement
Conducting a couple of GRC annual days is a good way
to cleaning up the mess that is collected 'under the bed'. We have so often
experienced that countless organizations continue to struggle with the time-intensive
requirements of managing GRC issues that are often a result of inefficient
and frequently neglected monitoring and fixing the problems when they are
manageable.
Therefore, we suggest that by focussing
on one or two major issues by declaring e.g. The IT-Security Day, you
clean up the mess that has accumulated and afterwards offer the management
and employee a fresh approach to this long-ignored issue. During the IT-Security
Day (or another GRC component) we examine:
The root of a problem-we review the weak points from organizational complexity
with an expanded global footprint to increased competition or greater
regulatory scrutiny;
- During the Day, we take a collaborative approach involving all key
stakeholders: accounting, tax, and treasury.v
- We will address the challenges of performing effective and efficient
processes as a substantial, holistic and preventive approach, in which
all key stakeholders work hand in hand during the workshop to create
a vision for the future, can help streamline the particular GRC process
from governance to reporting.
- At the end of the 'Day', we have a roadmap and a framework that
helps visualise The GRC component as an interconnected, independent,
end-to-end GRC process.
The new world's corporate order calls for continuous GRC management improvements.
We examine the latest research and best practices and learn how to measure
and monitor the company's GRC risk levels.
During the GRC Day, we will discuss how to enhance your skills to reassess
your approach to risk and compliance management.
- How to achieve an appropriate balance between innovation and risk
- How to protect your company from the consequences of unexpected
GRC events.
- How to manage threats from uncontrollable external events
- How to respond to reputational and brand risks.
Also, you will learn how to turn risks into opportunities by building
processes that anticipate, prioritize, and mitigate threats to the enterprise.
The GRC day uses a mix of presentations and practical breakout exercises.
As part of the program, the participants will be encouraged electronically
to submit a short-term maturity GRC risk management self-assessment before
the GRC Day. At the GRC Day, an analysis of all the received self-assessments
will be benchmarked against best practice and discussed during sessions.
All individual submitted self-assessments will be kept confidential. However,
each participant will be able to benchmark own self-assessment against
all self-assessments received and other relevant parameters.