FierceFinanceFierceFinanceITFierceCompliance IT   FierceCIO

Top 10 ERM-GRC myths

July 28, 2008 — 12:59pm ET | By Jim Kim
Tools
Tags
Procurement
governance risk and compliance solutions (GRC)
governance
enterprise risk management (ERM)
compliance
automation
audit committee
sarbox

A lot of companies have moved to augment enterprise risk management platforms with dedicated governance, risk and compliance (GRC) solutions. That trend isn't going to disappear anytime soon, but some companies will likely come away disappointed with the results. It's fair to say that automation can seem like anything but in a lot of cases. Newsfactor.com offers a list of 10 ERM-GRC myths. I'll mention a couple here. Myth No. 9: CIOs embrace GRC--while this is literally true, it's also true that many parts of the organization were standardized on a common GRC platform, leaving piecemeal approaches intact. Myth No. 5: Traditional audit planning is good enough--you can't afford to scrutinize everything. "Is it worth tying up valuable stakeholders in management and on the audit committee to assess the risk inherent in the coffee procurement process for a remote sales office?" Fortunately, AS5 sets a good tone on this issue.    

For more:
- here's the entire top 10

Related Articles:
Tools and tips for enterprise risk management
Best practices for boards and ERM
CFOs: Sarbox benefits plentiful, but risks still high

Click here to get the FierceComplianceIT email newsletter for FREE!


Be the first to comment

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.

More information about formatting options

What is 3 + 29?
To combat spam, please solve the math question above.