Home // CYBER 2021, The Sixth International Conference on Cyber-Technologies and Cyber-Systems // View article

Relevance of GRC in Expanding the Enterprise Risk Management Capabilities

Authors:
Alina Andronache
Abraham Althonayan
Seyedeh Mandana Matin

Keywords: Enterprise Risk Management, GRC, align, risk compliance, maturity.

Abstract:
This research explored the need for enhancing the Enterprise Risk Management concept. Thus, delved into challenges and drawbacks to acknowledge levels of maturity. In addition, it studied the reasoning for a paradigm shift, which aggregates “GRC” (Governance, Risk and Compliance) under its umbrella to increase concept capabilities to not only align or comply but to foresee, adapt, and create future-oriented risk strategies. Overall, the key findings from 15 qualitative interviews indicated that Enterprise Risk Management maturity has yet to achieve its full potential. It was found that in practice Enterprise Risk Management no longer suffice to an organisation’s needs. Stakes and risk-return have consequently become considerably higher and broader in scope so the need to orchestrate the disjointed risk functions is higher. Given the significant drawbacks identified, this article suggests a value proposition of integrating GRC into Enterprise Risk Management to increase organisational risk capabilities. The joint approach is suggested to reinforce the effects of Enterprise Risk Management, and last but not least, enable maturity of the concept.

Pages: 78 to 86

Copyright: Copyright (c) IARIA, 2021

Publication date: October 3, 2021

Published in: conference

ISSN: 2519-8599

ISBN: 978-1-61208-893-8

Location: Barcelona, Spain

Dates: from October 3, 2021 to October 7, 2021