Term
what is the underlying principle of GRC? |
|
Definition
a company has a duty to deploy its assets in a way that furthers its business goals and objectives. GRC is a means to fulfilling that obligation. |
|
|
Term
|
Definition
it broadly describes the role of a company's board of directors, which is primarily responsible for acting on behalf of those who provide capital (shareholders) to oversee those who use the capital (managers ) in order to achieve business objectives. |
|
|
Term
|
Definition
it consists of recognizing, assessing, and mitigating threats to the value of a company. it also encompasses recognizing, assessing, and seizing opportunities that add to the value of a company.
3 facets of RM: strategic planning, operations management, and internal control. |
|
|
Term
|
Definition
companies must comply with myriad laws and regulations, from employment laws to safety regulations to zoning laws. many require reporting and accountability that encompass virtually every facet of an organization. |
|
|
Term
what are some of the activities that fall within the "umbrella term" of GRC? |
|
Definition
the composition of a board of directors, the establishment of internal financial controls, the wording in employee handbooks, procedures for backing up computerized data. |
|
|
Term
what are the two ways in which an organization's stance to GRC can be categorized? |
|
Definition
(1) GRC is viewed as an "add-on" to normal business activities. (2) GRC principles and processes are infused into its culture and operations. |
|
|
Term
how might companies take a reactive approach to GRC? why is reactive application of GRC a problem? |
|
Definition
they might employ myriad discrete programs and systems in an attempt to meet stakeholder and regulatory obligations.
then, GRC becomes a circus of duplicated efforts, uncontrolled costs, and marginal effectiveness. |
|
|
Term
why is a proactive, integrative GRC system more beneficial to a corporation? |
|
Definition
it leverages commonalities across regulations and stakeholder interests in maximize performance and minimize risk. |
|
|
Term
what is an example of an integrated approach to governance? |
|
Definition
it extends beyond the boardroom and establishes a corporate culture whereby the board and senior management lead by example and set a high bar for the behavior and attitudes for the entire organization. |
|
|
Term
what is an example of an intergrated approach to risk management? |
|
Definition
setting up hotlines for reporting misconduct to identifying and correcting gaps in internal accounting control systems. |
|
|
Term
what is an example of an integrated approach to compliance? |
|
Definition
utilizing a top-down, risk-based approach, finding synergies across regulations, and implementing sustainable processes. as a result, costs are reduced, risks are minimized, and operations are streamlined for enhanced performance and value. |
|
|
Term
when used together, what can governance, risk, and compliance achieve? |
|
Definition
in concern, the 3 can become a valuable strategic tool to ensure that companies transparently use their assets to achieve their business goals. |
|
|