The next step on our journey to jumpstart a GRC project is to evaluate and refine the tools used in your assurance practice.
STEP 5:
There is a saying that you can tell a lot about a workman by looking at the tools they use. That applies to all professionals and, in particular, to GRC professionals. Here are some basic tools every GRC professional should have in their tool- kit and sharpen regularly.
REGULATORY NEWS AND ANALYSIS: Seek out and rely on expert information that includes current, new and proposed regulatory information. Look for expert opinions and analysis that can help you stay ahead of the evolving compliance landscape.
RESEARCH YOUR PEERS: Knowledge of your competitors and their practices provides insight into enforcement trends, legal precedent, and opportunities for innovation and business development.
SELF-ASSESSMENT: Vast amounts of information about risks, controls, compliance and issues can be gathered using self-assessment techniques. Self-assessment instruments range from structured workshops run by skilled facilitators to surveys that can provide new insights.
MONITORING AND SCREENING: Technology exists that can immediately detect fraudulent transactions or screen for risky vendors and employees. Are you considering, or have you proposed, sophisticated screening and monitoring technology options to management?
REPORTING AND DISCLOSURE: Ensure that the board and your decision makers have access to real-time actionable information and that you are following all disclosure requirements to shareholders, the board and regulatory agencies.
GRC CONVERGENCE TECHNOLOGY: Technology exists and is successfully used to document, manage and report on the work and results of GRC professionals in a corporation. Have you explored this technology?
