GRC functions are at a critical crossroads as organisations and societies are increasingly defined by data proliferation, hyperconnectivity, globalised supply chains and costly regulatory requirements. This is especially true for organisations with large operations as well as businesses that are regulated.
Conventional assurance operating models characterised by fragmented data storage, manual and duplicated testing efforts, and siloed GRC processes, may no longer be adequate to meet the complexities of the business environment.
Some questions to consider
Here are some questions to consider if you are eGRC-ready:
Eliminate manual collation of risk data and inputs from stakeholders, which then allows risk personnel to focus on more value adding activities such as risk analytics and mitigation
An integrated view of risks and threats across the assurance ecosystem
Automated notification and monitoring of risk processes (e.g. KRI) through integration with existing data
Foster greater collaboration across three lines of defense and reduce duplicated testing efforts
Effortless extraction of data for regulatory reporting
Interactive and customisable dashboard for different roles
GRC technology implementation is more than a technology exercise. Having GRC technology does not guarantee maximum benefit from your digital investment. We will help you with a successful implementation by understanding your GRC processes and how the GRC technology can be tailored to meet your organisation’s needs.
Every GRC technology has its strengths and shortfalls. We will work together with you to identify and implement a suitable GRC technology based on our GRC strategy and needs.
Our understanding of industry practices, local regulatory requirements and best practices enable us to design a fit for purpose and integrated GRC practice for your organisation.
GRC strategy roadmap and integrated framework - We assist you in defining the governance model and implementation roadmap to ensure sustainable maintenance and effective collaboration between stakeholders.
User requirement and process reengineering - We will work with you to understand your requirements including the As-Is processes and propose To-Be processes fit for your needs.
Solution design, configuration, testing and deployment - Based on the defined user requirements, we will design the data model and taxonomy for the solution configuration. This will be followed with a structured testing by users to ensure system readiness for deployment.
Post deployment support – Train and maintain - Upon deployment of the solution, we will provide the necessary training and post-deployment maintenance support.
Project and change management - We help manage the implementation journey through a strategic project management office. We will oversee progress and provide you with regular project updates.
Financial Services and Risk Assurance Services Leader, PwC Malaysia
Tel: +60 (12) 334 6243