by clicking the arrows at the side of the page, or by using the toolbar.
by clicking anywhere on the page.
by dragging the page around when zoomed in.
by clicking anywhere on the page when zoomed in.
web sites or send emails by clicking on hyperlinks.
Email this page to a friend
Search this issue
Index - jump to page or section
Archive - view past issues
GRC Professional : GRC Autumn 2012
3 IN APRIL THIS YEAR, ACI AND RISk MANAGEMENT INSTITuTE OF Australasia (RMIA) announced the formation of a business services partnership under which ACI will provide a number of administrative functions for RMIA. This is in addition to the GRC 2012 conference, which is being jointly hosted by ACI and RMIA on the Gold Coast from 18-20 November 2012. These initiatives by ACI and RMIA reflect the trend that the related disciplines of governance, risk and compliance are being increasingly integrated in organisations to maximise intellectual property and process value, avoid internal conflicts and reduce waste of resources. Despite the perception within the risk and compliance industries that there is a strong understanding of what GRC is, there is no commonly understood definition. In fact, some definitions treat GRC as a holistic term and others as three conjoined definitions of the individual G, R and C components. In the 2010 article ‘A frame of reference for research of integrated Governance, Risk & Compliance (GRC)’, Racz, N., Weippl, E. & Seufert, A. offer the following empirical, scientific definition: “GRC is an integrated, holistic approach to organisation-wide governance, risk and compliance ensuring that an organisation acts ethically correct and in accordance with its risk appetite, internal policies and external regulations through the alignment of strategy, processes, technology and people, thereby improving efficiency and effectiveness”. They go on to state that integrated GRC is a “widespread topic that has not yet been adequately researched” and that, in the absence of empirical research, it is “a topic that lacks a common forum for communication of professionals” and “a domain consisting of lots of shared buzzwords but missing clarity”. “The myriad of perceptions of GRC harms the development of a rising topic.” I believe the increasingly positive relationship between ACI and RMIA provides increased opportunities for the development of a common forum for GRC professionals in Australia, for a better definitional understanding of what GRC is, for empirical research on GRC, and for a clearer industry-wide understanding of the role of the GRC professional. David Lawrence CCP (Fellow), President, ACI pReSident’S MeSSAGe A common forum for GRC professionals Racz, N., Weippl, E. & Seufert, A. (2010): ‘A frame of reference for research of integrated Governance, Risk & Compliance’. In: Bart De Decker, Ingrid Schaumüller-Bichl (Eds.) , Communications and Multimedia Security, 11th IFIP TC 6/TC 11 International Conference, CMS 2010 Proceedings. Berlin: Springer, pp. 106-117.
GRC Summer 2012
GRC Winter 2012