ISO31000 and GRC: complementary?
ISO 31000 standard proposes a structured approach for any risk management program to include the vocabulary, principles, framework and process for the management of risk. GRC typically encompasses activities such as corporate governance, risk management and corporate compliance with applicable laws and regulations. What are the differences and what is the added value of each approach?
- Optimizing ERM Through GRC Principles: Collaboration and Integration of Risk with Governance and Compliance
- What are the pains and frustrations organizations are experiencing with risk management and GRC
- How does ERM relate to GRC and vice versa
- How an integrated and collaborative approach drives performance and integrity
- What is the role of a strategy, process, information, and technology architecture approach to risk and GRC