Call us Today +44 (0)1536 711 999

Marval logo

Break down silos for a cohesive view of Governance, Risk and Compliance across the organisation

Governance, Risk and Compliance (GRC) is not new and has been in existence for many decades. However, increasing legislation, more stringent guidelines and growing stakeholder pressure to prove sustainability and value is elevating the importance of GRC, making it imperative for any organisation.

However, leveraging the business benefits of GRC initiatives can prove a challenging task. One of the biggest issues facing organisations is that they are fragmented and broken into silos of information and measurement, preventing a holistic view of activities across the organisation.

The lack of a common framework results in information that is of little to no value in driving performance. To realise the business benefits of GRC, it is vital to break these silos down, creating an integrated view of GRC activities which delivers actionable intelligence, allowing for greater control and enhanced performance.

Risk and risk management are components within GRC activities. Addressing risk is sound governance and compliance is adherence to various laws and regulations. Most businesses understand this, however, the problem remains that organisations are fragmented and operate in silos such as finance, IT, operations and so on. Each of these departments has their own risk and associated measurements and processes. This creates a fragmented view of the organisation, since no two areas are measured against the same criteria. It also creates a challenge for organisations to understand the correlations between risks in different areas. Put simply, if there is a threat or risk in one area, it can affect other aspects of the business. This lack of cohesion lowers the effectiveness of risk management and as a result, of governance and compliance too.

The challenge is to develop an integrated view of risk across the entire organisation, which requires these silos to be broken down. GRC as a practice needs to be driven and accountable from a board level and filter down throughout the organisation to ensure that the entire business is; managing risk effectively, producing the right value to stakeholders, delivering a sustainable bottom line and meeting the requirements of external compliance criteria. A common framework or standard for measurement is required which all areas need to adhere to.

ISO (International Organisation for Standardisation) standards have been designed specifically for this purpose, allowing businesses to ‘compare apples with apples’ so to speak, by creating common measurements that ensure organisations are following the right processes for the right reason.

Complying with ISO standards is an effective way of harnessing various areas of business together, breaking down silos across an organisation and offering an integrated view of the overall impact of risk, compliance breaches and so on.

Examples of such auditable standards in ICT to underpin GRC are; ISO/IEC 27001 which is the International Standard describing best practice for an Information Security Management System, and ISO/IEC 20000 the International Standard for IT Service Management.

Measurement of risk in silos and isolation to the rest of the business hinders a company’s ability to add value, as this knowledge cannot be used to drive performance. However, implementing a common framework for measurement and improvement across the organisation ensures that all areas are measured to a common standard, offering better control and enhanced performance management, for improved GRC activities.

Contact Us View all Articles

Similar Articles

Endless possibilities with Marval...

Whatever your aspirations might be, we have the technology, the expertise and the people to make them happen.

We know you may have some questions...

I would like to opt in to receive marketing communications from Marval via:

  • Request a

    Discover the benefits of implementing MSM software, designed to improve service quality, customer satisfaction and reduce costs

  • Download

    Your central repository of interesting and useful information on IT Service Management

  • Customer
    Case Studies

    See how organisations all over the world use Marval MSM software to address their most critical IT Service Management challenges

  • Contact

    Contact us to discuss your service improvement requirements