GRC And Cyber Security Disconnects Are Driving the Need for Enterprise Risk Management
Why Practice Areas Must Operate Separately and TogetherAdd bookmark
Organizations are adopting intelligent ERM and integrated risk management (IRM) solutions that help facilitate more effective risk management between and across the disparate functional areas. Those solutions also help risk professionals identify new opportunities for innovation.
This report focuses on:
- The importance of both narrow and broad GRC veiws
- The obstacles to acheivng true enterprise risk management (ERM)
- Evolving GRC Tools
- A renewed focus on business continuity
As quoted in the report, Kreg Weigand, Partner, Internal Audit & Enterprise Risk, KPMG noted “Board members come to us and they say, ‘When compliance, cyber, internal audit, and risk management talk to me, they all give me a different top risk. Why can’t they coordinate and make sure I understand what are the top three to five risks facing the organization, not just within the silos?”
But it's not just Kreg that sees that incongruity. Enterprise cyber security executives see it too. Welgand's colleague Rik Parker, Principal, Cyber Security Services, KPMG notes “The maturity of risk management, as a function and as a profession, has come to the point that there’s an awareness that everything is connected and the dependency isn’t just about upstream or downstream business functions, technology, or how we work with third parties. Every piece plays a role and that three-dimensional connectivity is complex.”
As organizations become increasingly digital, new and dynamic types of risks must be dealt with swiftly and intelligently. Download this Report.