Risk Management: GRC Implementation, Benefits, and Cost Analysis

Verified

Added on 2020/06/04

AI Summary

This report delves into the critical aspects of risk management, governance, risk management, and compliance (GRC), highlighting their significance for organizational success. The introduction emphasizes the increasing need for risk management systems and control tools, with a focus on how GRC facilitates efficient workplace operations, communication, and waste reduction. The report then examines the three pillars of GRC, their benefits, and their practical implementation, using Deloitte as a case study. Benefits such as transparency, corporate accountability, and reduced audit costs are discussed, alongside the complexities of implementation, including multiple regulations, internal audits, and diverse participants. The report also addresses the substantial costs associated with GRC implementation, including software, hardware, and expert services. The conclusion summarizes the importance of GRC for enhancing workplace efficiency, reducing errors, and improving accountability, while acknowledging the high initial investment. The report suggests that proper steps should be taken while implementing this technique so that the desired goals can be achieved with minimum deviations.

Contribute Materials

Your contribution can guide someone’s learning journey. Share your documents today.

RISK MANAGEMENT

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

Table of Contents
INTRODUCTION...........................................................................................................................1
TASK...............................................................................................................................................1
CONCLUSION ...............................................................................................................................3
REFERENCES................................................................................................................................5

INTRODUCTION
Increased concerns in respect the the accountability of different business associations has
raised the requirement of risk management systems and other controlling tools like auditing so
that accordingly operations can be managed. Governance, risk management and compliance are
different terms that assist an organisation to achieve its set goals and objectives (McNeil, Frey,
and Embrechts, 2015). GRC can even be termed as discipline whose prime objective is to
facilitate the functioning of work place so that efficient process is carried out supported with
good communication and also focus on minimising the total wastage. With the help of laws and
regulations GRC activities are being carried out that further benefits people, applications, data
and processes. In the following given study the cost of implementing GRC activities will be
discussed along with their implications and benefits which will enhance the knowledge of user
on the subject concern.
TASK
Governance, risk management and compliances are the three different pillars that assist
an organisation in facing the external or internal issues of an enterprise with greater efficiency.
By implementing to these activities an environment of safe operations are established which
further leads to reduction in the overall cost of the enterprise. Governance defines how the
different process are carried out by an enterprise and are clearly reflected in the operations. After
this, risk management is another concept through which the predictable danger are identified in
advance so that accordingly measures are taken against the same (Haimes, 2015). This way the
degree of loss get reduced and hence the possibility of achieving organisational goals and
objectives is increased to a good extent. Governance on the other hand is associated with the risk
management which aims at establishing answer ability so that the the corporate governance can
be made more effective. Deloitte is a huge brand which has its companies all over the world. It
provides various services like audit, financial advises, human capital and like services to its
customers since a long time. In order to achieve the companies targets and goals the refereed
organisation is using the concept of governance, risk management and compliance (Hoyt, and
Liebenberg, 2011).
Benefits of GRC activities are as follows:
1

 Transparency – By implementing the discussed forces crystal clear image of the
company can be established. Through this approach both the inside and outside activities
can be carried out with extreme efficiency which is supported with providing an insight
to the various stakeholders. This further helps in developing good relation with them
which ultimately results into development of companies scale (Duffie, and Singleton,
2012).
 Corporate answer-ability – in order to take various decisions this is must that correct
authority is given the power to take decision. By setting up accountability higher level of
responsibility can be established. It is ensured that an individual will be responsible for
the decision taken by him which further reduces the degree of carelessness at the work
place.
 Integrity – It refers to the development and maintenance of surrounding which is
committed towards ethical work force.
 Decreased audit cost – Once the practices are carried out as per the guidelines of the
discussed concept it reduces the cost that incurs while conducting the audit programme it
is due to the reason that chances of errors reduces to minimum (Bessis, 2011).
This shows that there are many benefits of GRC concept. In order to implement these
activities at work place much efforts needs to be taken. Before reaching to conclusions
management needs to do the evaluation of its internal as well as external surroundings as only
that effective planning regarding the subject matter can be done. The practical implementation of
GRC is complex as various aspects needs to be consider while formulating the activities. Some
of them are discussed below.
 Multiple regulations – At this step company needs to do its internal audit in which
information regarding the vertical and horizontal regulations of an enterprise are
evaluated. This is because after analysing each one of them accordingly governance will
be established for different department (Eckel, and et.al., 2013).
 Internal audit – At this stage the management will do the study regarding the degree of
risk involved with information, finance , It department, continuity planning etc. After
this a clear image of how much attention needs to be given to various sections of an
enterprise is received which helps in establishing accountability of authorities
responsible for maintaining discipline.
2

Secure Best Marks with AI Grader

Need help grading? Try our AI Grader for instant feedback on your assignments.

 Diverse participants – Once the sections are identified there is need to recognise
individual who will be affected by the GRC activities. It may consist of business
executives, risk and compliance heads, managers, workers consultants etc. (Hull, 2012).
It is necessary that the integrated GRC policy is formulated in a manner that it can be managed
independently. For same check points are constructed which ensure that designing of this
concept is done in a manner that it contains least limitations.
The procedure for same
1. Communication of single GRC terminology – It is very important that the information
regarding the subject matter is communicated in a language which can be understood by
all so that no misinterpretation of message take place and uniformity in operation can be
established (Rejda, 2011).
2. Creation of organisation unified construction – This is an important step as a variant
companies constitution may lead to miss assessment of data and may end up in great
loss.
3. Defining various attributes – It is indeed that connection between risk and control is
effectively established. Once al the risk is identified accordingly the governance.
Compliance risk management can be established. The concept is successfully
implemented if the level of granularity is well defined.
4. Defining the hierarchy – At this step the senior subordinate level is defined clearly.
This is an important step as here it is made clear that who will be answerable to whom.
While implementing the GRC it should be given care that the link between multi levels
of the cited company is well defined as it makes the concept to be more successful
(Cornett, and et.al., 2011).
Cost of implementation
As discussed the carrying out phrase is a complex process hence experts are required for
its execution. This makes the implementation cost of same to be very much significant in
Deloitee. According to the survey it is estimated that an average cost of implementation GRC is
$200,000 and $600,000. it includes all the other cost of software, hardware and other service
related charges (Lam, 2014). Apart from the implementation further cost is also incurred which
is the cost of maintenance, strategic consultation process, support cost etc. this way after
3

incurring all these cost the duties and obligations of employees are communicated and assured
that the guidance are followed accordingly.
CONCLUSION
From above report this has been summarised that governance risk management and
complacence are crucial for growth of an enterprise. It rises the level of efficiency at work place
and reduces the level of errors. Accountability can be better established which further increases
the quality of work done. Although high cost needs to be invested for the implementation of this
strategy but its benefits which were discussed above can further rise the level organisational
scope and scale. The given report suggest that proper steps should be taken while implementing
this technique so that the desired goals can be achieved with minimum deviations.
4

REFERENCES
Books and journals
McNeil, A.J., Frey, R. and Embrechts, P., 2015. Quantitative risk management: Concepts,
techniques and tools. Princeton university press.
Haimes, Y.Y., 2015. Risk modeling, assessment, and management. John Wiley & Sons.
Duffie, D. and Singleton, K.J., 2012. Credit risk: pricing, measurement, and management.
Princeton University Press.
Bessis, J., 2011. Risk management in banking. John Wiley & Sons.
Eckel, R.H. and et.al., 2013 AHA/ACC guideline on lifestyle management to reduce
cardiovascular risk. Circulation, pp.01-cir.
Hull, J., 2012. Risk management and financial institutions,+ Web Site (Vol. 733). John Wiley &
Sons.
Rejda, G.E., 2011. Principles of risk management and insurance. Pearson Education India.
Cornett, M.M. and et.al., 2011. Liquidity risk management and credit supply in the financial
crisis. Journal of Financial Economics. 101(2). pp.297-312.
Lam, J., 2014. Enterprise risk management: from incentives to controls. John Wiley & Sons.
Hoyt, R.E. and Liebenberg, A.P., 2011. The value of enterprise risk management. Journal of risk
and insurance.78(4). pp.795-822.
Online
Risk Management. 2017. Availabe through
<http://economictimes.indiatimes.com/definition/risk-management>. [Accessed on 2nd
October 2017]
5