Publication: How to get back to business through sensible integration of governance, risk, and compliance*

Integrated governance, risk and compliance
Print-friendly version
Email to a colleague

How to improve the effectiveness of governance, risk and compliance activities while reducing cost and complexity*

Managing businesses today grows increasingly difficult as new risks, laws and regulations proliferate and stakeholder demands rise. More than ever before, senior executives spend time and resources resolving governance, risk and compliance issues across the organization. They need innovative ideas and proven, business-driven approaches that go beyond ensuring compliance to create value for the organization.

Traditional approaches to risk oversight have added cost and complexity


When confronted with new risks or regulations, companies often react by creating or expanding the scope of current oversight functions. While organization and structure of oversight functions vary by company and industry, these functions address similar issues relating to internal audit, compliance, risk management, finance and legal considerations.

Companies often establish oversight functions in isolation, giving each a separate mission, scope and procedures. This “silo approach” results in an inefficient and complex risk and compliance management function that typically:
  • Duplicates efforts and increases costs
  • Lacks coordination
  • Competes for management attention
  • Allows risks to "fall between the cracks"

Get back to business through the power of principles


To gain control over diverse risks through a consistent, coordinated and sustainable strategy, we help companies execute on our “integrated governance, risk and compliance” or “iGRC” strategy. The iGRC approach is a principles-guided, step-by-step, logical and scaleable method that integrates governance, risk and compliance activities into a manageable and sustainable process. iGRC helps companies customize an approach, avoid duplication of effort and make better use of staff and resources.

How integrated governance, risk and compliance (iGRC) can help your organization:
  • Identify unmanaged risks through a practical but comprehensive evaluation process.
  • Improve the content, quality and timing of governance, risk and compliance analysis and reporting.
  • Implement a proactive approach to risk management.
  • Control the growth of governance, risk and compliance-related expenses.
  • Enable business resources to focus on revenue generation.
  • Establish a timely and consistent approach to assess compliance programs across business units.
  • Establish an enterprise-wide view of gaps and improve risk response strategies.
  • Streamline compliance programs across the enterprise to gain efficiencies and improve effectiveness.
  • Establish consistent policies and standards across the enterprise to enforce ownership and accountability.
  • Leverage technology to aggregate controls information to rapidly identify and report exceptions, as well as improve information quality.


Privacy Legal About site provider Email Webmaster Site map Podcasts RSS
© 2007-2008 PricewaterhouseCoopers. All rights reserved. PricewaterhouseCoopers refers to the network of member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity.
Accessibility information Skip navigation Countries online