Our software is designed to support an integrated approach to Enterprise Governance, Risk & Compliance (GRC) is built around eight management disciplines;
Our approach emphasises a culture which embeds these disciplines to drive Strategy Execution while maintaining Appetite Alignment i.e taking the right amount & type of risk to achieve the firm's strategic objectives and drive operational, compliance and audit excellence.
Strategy is about developing a clear sense of direction as to where the organization is going, how much risk it is willing or required to accept to get there, and what are the key opportunities and threats along the way.
The strategy process can be broken down into three phases; Formulation, Setting and Execution.
Governance is about directing and controlling; it is the systematic process and practices which define the strategic, operating and decision-making boundaries of a firm, business unit, project or other activity areas, and how decisions are made, implemented and reviewed.
Performance Management is the continuous process of monitoring objectives, their enablers and their KPIs, identifying root causes of underperformance and making adjustments to close performance gaps.
Risk Management is about understanding and exploiting opportunities and threats (the risk the firms faces in pursue of its objectives), and the continuous monitoring and management of those risks to ensure the firm executes its strategy while ‘operating within appetite’.
Compliance management is the process which ensures that the firm is operating within a 'set of rules'. The rules may be in the form of regulatory rules & obligations, rules set out in policies & procedures or rules set out in quality or other standards such as ISO standards.
Audit Management is about a systematic process of examination of the decisions and actions of the firm's management to execute strategy, drive performance and manage risk, within risk appetite boundaries.
Accountabilities is about the systematic process of defining and assigning a role of authority or decision-making. We embed the RACI framework within our approach and software, where RACI stands for;
Responsible - “The doers”
Accountable - “The buck stops here”
Consult - “Keep in the loop”
Inform - “Keep in the picture”
Reporting & Dashboarding is all about delivering the right information, at the right time and in the right format to the right people. The reporting might be internal management reporting, operational reporting, benchmark reporting or external regulatory reporting.
A Risk-Based Decision-making culture is the term we describe the type of culture which has the dexterity to simultaneously remain focused on delivering a clear set of objectives while scanning broadly to identify threats and opportunities which may help or hinder the achievement of those objectives.
Strategy Execution is about the decisions, activities and processes undertaken by the firm to implement their chosen strategy, achieve their strategic objectives and drive value creation.
Appetite Alignment is the process of continuously aligning current risk exposure to the defined risk appetite. To translate into simple terms, it is about ensuring the firm's current risk-taking is aligned with its chosen business strategy, i.e. operating within appetite.