Blog

How ERM adds Context to Governance, Risk, and Compliance (GRC)

Posted by Steven Minsky on April 16, 2015 at 18:30

8028230496?profile=originalThe Baker/baker complex, as illustrated in Joshua Foer’s Moonwalking with Einstein, states that if you ask one person to remember a baker and another to remember a man named Baker; the person asked to remember the proper noun will struggle far more than the person asked to recall the bread maker.

Same word, two very different outcomes because one provides your memory with context, while the other floats independently, devoid of the connections and methodology that improve our recall.

At LogicManager, we’re often asked how Enterprise Risk Management relates to the broader category of Governance, Risk & Compliance software. Why isn’t ERM just a component of the GRC, rather than the solution itself? The answer is that governance programs can benefit from the context that an Enterprise Risk Management methodology provides.

The GRC Software Challenge...

The challenge that most GRC professionals face is in how to communicate cross functional information between silos. When departments like vendor managementbusiness continuity, or IT governance are operating independently; they are devoid of context and standardization, which impairs decision making. Is it more important to secure additional suppliers, or to sure up IT infrastructure? How does a failed business continuity test effect the priorities of the other two functions? These types of questions go unanswered because the business doesn't have a means of comparing or contextualizing silo specific information.

Enterprise Risk Management is a methodology that provides that context.

... and ERM's Solution

ERM works because risk is the underlying link between GRC functions. If we recognize that each silo’s function – regardless of whether its labeled risk, compliance, or governance – is actually working to mitigate a subset of the organization's enterprise risk, we suddenly begin to see commonalities and realize efficiency that results in bottom line value.

The job of an ERM or GRC software is to provide the tools to execute these types of activities at the tactical level, while ensuring the methodology is in place to aggregate this information and compare it across silos.

To read how an risk based approach can assist another governance area, visit our blog on the relationship between Risk & Compliance, or request a demonstration of LogicManager's all-in-one ERM Platform.

Views: 87
Tags: erm, grc, software
Votes: 0
E-mail me when people leave their comments –
Follow
Posted by Steven Minsky

Steven Minsky, CEO and Founder of LogicManager, is a recognized thought leader in risk management. Steven is well known for his precinct abilities to guide organizations through future risk events. Steven is a frequent speaker in the Energy, Financial Services and Cyber industries. While the first wave of COVID-19 caught many organizations by surprise, Steven predicted the pandemic impacts in January of 2020 and swiftly published action plans to help organizations prepare.

You need to be a member of Global Risk Community to add comments!

Join Global Risk Community

FEATURED BLOG POSTS

LATEST BLOG POSTS

    About Us

    The GlobalRisk Community is a thriving community of risk managers and associated service providers. Our purpose is to foster business, networking and educational explorations among members. Our goal is to be the worlds premier Risk forum and contribute to better understanding of the complex world of risk.

    Business Partners

    For companies wanting to create a greater visibility for their products and services among their prospects in the Risk market: Send your business partnership request by filling in the form here!

lead