Term
| what is the underlying principle of GRC? |
|
Definition
| a company has a duty to deploy its assets in a way that furthers its business goals and objectives. GRC is a means to fulfilling that obligation. |
|
|
Term
|
Definition
| it broadly describes the role of a company's board of directors, which is primarily responsible for acting on behalf of those who provide capital (shareholders) to oversee those who use the capital (managers ) in order to achieve business objectives. |
|
|
Term
|
Definition
it consists of recognizing, assessing, and mitigating threats to the value of a company. it also encompasses recognizing, assessing, and seizing opportunities that add to the value of a company.
3 facets of RM: strategic planning, operations management, and internal control. |
|
|
Term
|
Definition
| companies must comply with myriad laws and regulations, from employment laws to safety regulations to zoning laws. many require reporting and accountability that encompass virtually every facet of an organization. |
|
|
Term
| what are some of the activities that fall within the "umbrella term" of GRC? |
|
Definition
| the composition of a board of directors, the establishment of internal financial controls, the wording in employee handbooks, procedures for backing up computerized data. |
|
|
Term
| what are the two ways in which an organization's stance to GRC can be categorized? |
|
Definition
(1) GRC is viewed as an "add-on" to normal business activities.
(2) GRC principles and processes are infused into its culture and operations. |
|
|
Term
| how might companies take a reactive approach to GRC? why is reactive application of GRC a problem? |
|
Definition
they might employ myriad discrete programs and systems in an attempt to meet stakeholder and regulatory obligations.
then, GRC becomes a circus of duplicated efforts, uncontrolled costs, and marginal effectiveness. |
|
|
Term
| why is a proactive, integrative GRC system more beneficial to a corporation? |
|
Definition
| it leverages commonalities across regulations and stakeholder interests in maximize performance and minimize risk. |
|
|
Term
| what is an example of an integrated approach to governance? |
|
Definition
| it extends beyond the boardroom and establishes a corporate culture whereby the board and senior management lead by example and set a high bar for the behavior and attitudes for the entire organization. |
|
|
Term
| what is an example of an intergrated approach to risk management? |
|
Definition
| setting up hotlines for reporting misconduct to identifying and correcting gaps in internal accounting control systems. |
|
|
Term
| what is an example of an integrated approach to compliance? |
|
Definition
| utilizing a top-down, risk-based approach, finding synergies across regulations, and implementing sustainable processes. as a result, costs are reduced, risks are minimized, and operations are streamlined for enhanced performance and value. |
|
|
Term
| when used together, what can governance, risk, and compliance achieve? |
|
Definition
| in concern, the 3 can become a valuable strategic tool to ensure that companies transparently use their assets to achieve their business goals. |
|
|
