GRC & Enterprise Risk Management (ERM) Best Practices 2018-02-15T12:01:10+00:00

ERM and GRC Resource Center

erm vs grc

This article discusses the differences between the traditional understandings of ERM and GRC softwares.

root cause risk identification erm

The most effective way to collect risk data is to identify risk by root cause, which tells us why an event occurs.

Presenting ERM to the Board

Subjectivity prevents risk assessments from being used across business silos and hinders verification by audit or compliance review.

Risk appetite

The challenge with risk appetite is implementing and enforcing it, making it relevant to departments on a day-to-day basis.

erm reporting risk metrics

Risk managers must monitor key risk indicators (KRIs) at the business-process level and be able to escalate as necessary.

business process improvement

The foundation for effective ERM is the identification of an organization’s business processes and recognition of process owners.

resource allocation

To make simplify ERM, you need to break down data, and making it highly accessible. This also applies to resource allocation.

performance management with erm

The board of directors must ensure the on-time completion of the organization’s strategic imperatives. How does it achieve this?