GRC, The Backbone of Enterprise Management
()
About this ebook
Business enterprises need to be more adaptive than ever in this increasingly digitalized world. They must strategize by exhibiting traits that drive an effective response to change, including agile decision-making, the ability to respond cohesively, and the adaptive capacity to pivot and reposition while maintaining high levels of trust among stakeholders.
Because of this, Enterprise Risk Management is becoming a focal point of every boardroom conversation and a critical element in developing business strategies and objectives to optimize the decision outcomes. Organizations should focus on positioning enterprise risk in the context of business performance rather than viewing it as an isolated exercise to anticipate risk and mitigate it.
That's where the GRC converges with ERM. Enterprise Risk Management plays a crucial role in establishing the processes and frameworks necessary for risk identification and mitigation. GRC capabilities provide insight into people, process, and technology layers required for the businesses to manage risks and adopt change effectively.
GRC, the backbone of the Enterprise Risk Management book, provides insights into harnessing the power of GRC for managing enterprise risks. The book is unique because it emphasizes on:
- the top-down approach instead of the bottom-up to build GRC capabilities for enterprise risk management
- the Boards and executive leadership to understand their role in GRC enablement
- aligning people processes and technology by actively engaging three lines of defense
- creating a strategic functional unit to operationalize GRC
- leveraging technology as a lever to accelerate benefits and sustain the GRC capabilities for enterprise risk management.
Seshagiri Rao Vaidyula
Sesh is a Partner at Templar Shield responsible for client enablement. Before this role, Sesh served Wipro as the Practice Head of the American Region & Consulting Partner for Risk, Compliance, and Assurance Consulting. At Wipro, he led numerous consulting and managed services engagements for clients globally and built GRC offerings to fuel business growth. Before that, he was a Director, and an instrumental part in building the GRC practice, at PwC LLP. He has also had successful stints at Deloitte & Touché, AFL, Cholamandalam, and Sundaram Finance. Sesh is a seasoned executive with more than 20 years of experience in advising companies in the areas of Cybersecurity, Privacy, Governance, Risk, Compliance (GRC) program transformation, and technology enablement. Sesh has gained multi-domain exposure to enterprise/operational risk, cybersecurity, third-party risk, internal audit, systems audit, business cycle, and ITGC reviews compliance, such as Sarbanes-Oxley, HIPAA, CCPA, and the like. Sesh is a Fellow of the International Compliance Association, a Fellow of the Institute of Cost Accountants of India, a Certified Data Privacy Solutions Engineer, and an ISO 27001 Lead Auditor. He also maintains an ITIL V3 Foundation and cleared CISSP and CISA certifications. He is an Official Member of the Business Journal Leadership Trust and The Directors and Chief Risk Officers (The DCRO) Group. He has presented at multiple events on various GRC topics nationally. He is a highly networked individual and a well-known personality among the risk, compliance, security, and professional audit community as a GRC specialist and thought leader.
Related to GRC, The Backbone of Enterprise Management
Related ebooks
Guide to effective risk management 3.0 Rating: 0 out of 5 stars0 ratingsStrategic Risk Management: New Tools for Competitive Advantage in an Uncertain Age Rating: 0 out of 5 stars0 ratingsSecurity Risk Management: Building an Information Security Risk Management Program from the Ground Up Rating: 4 out of 5 stars4/5CISA Certified Information Systems Auditor Study Guide Rating: 5 out of 5 stars5/5Risk Management and Information Systems Control Rating: 5 out of 5 stars5/5Auditor's Guide to IT Auditing Rating: 5 out of 5 stars5/5Sarbanes-Oxley Compliance Using COBIT and Open Source Tools Rating: 4 out of 5 stars4/5GRC A Complete Guide - 2019 Edition Rating: 0 out of 5 stars0 ratingsHardening by Auditing: A Handbook for Measurably and Immediately Iimrpving the Security Management of Any Organization Rating: 0 out of 5 stars0 ratingsThird-Party Risk Management Second Edition Rating: 0 out of 5 stars0 ratingsInformation Security Breaches: Avoidance and Treatment based on ISO27001 Rating: 0 out of 5 stars0 ratingsPCI DSS: A Pocket Guide, fourth edition Rating: 0 out of 5 stars0 ratingsISO22301: A Pocket Guide Rating: 4 out of 5 stars4/5Introduction to Enterprise Risk Management: A Guide to Risk Analysis and Control for Small and Medium Enterprises Rating: 0 out of 5 stars0 ratingsOperationalizing Information Security: Putting the Top 10 SIEM Best Practices to Work Rating: 0 out of 5 stars0 ratingsIT Audit, Control, and Security Rating: 0 out of 5 stars0 ratingsPractice Aid: Enterprise Risk Management: Guidance For Practical Implementation and Assessment, 2018 Rating: 0 out of 5 stars0 ratingsCISA Exam-Testing Concept-Knowledge of Risk Assessment Rating: 3 out of 5 stars3/5Risk Management Framework: A Lab-Based Approach to Securing Information Systems Rating: 2 out of 5 stars2/5Implementing Enterprise Risk Management: From Methods to Applications Rating: 0 out of 5 stars0 ratingsNine Steps to Success: North American edition: An ISO 27001 Implementation Overview Rating: 0 out of 5 stars0 ratingsNIST Cybersecurity Framework: A pocket guide Rating: 0 out of 5 stars0 ratingsRisk Management and ISO 31000: A pocket guide Rating: 0 out of 5 stars0 ratingsOperational Risk Management: Best Practices in the Financial Services Industry Rating: 0 out of 5 stars0 ratingsEnterprise Risk Management Complete Self-Assessment Guide Rating: 5 out of 5 stars5/5Authorizing Official Handbook: for Risk Management Framework (RMF) Rating: 0 out of 5 stars0 ratingsCybersecurity Risk Management Complete Self-Assessment Guide Rating: 0 out of 5 stars0 ratings
Banks & Banking For You
A History of Central Banking and the Enslavement of Mankind Rating: 5 out of 5 stars5/5Win In Court Every Time Rating: 5 out of 5 stars5/5The Lords of Easy Money: How the Federal Reserve Broke the American Economy Rating: 4 out of 5 stars4/5The Secrets of the Federal Reserve Rating: 5 out of 5 stars5/5Billion Dollar Whale: the bestselling investigation into the financial fraud of the century Rating: 4 out of 5 stars4/5Money Mischief: Episodes in Monetary History Rating: 4 out of 5 stars4/5The SBA Loan Book: The Complete Guide to Getting Financial Help Through the Small Business Administration Rating: 5 out of 5 stars5/5The Power and Independence of the Federal Reserve Rating: 5 out of 5 stars5/5The Bitcoin Standard: The Decentralized Alternative to Central Banking Rating: 4 out of 5 stars4/5Discussion Materials: Tales of a Rookie Wall Street Investment Banker Rating: 5 out of 5 stars5/5The House of Morgan: An American Banking Dynasty and the Rise of Modern Finance Rating: 5 out of 5 stars5/5Freedom from Tyranny Rating: 5 out of 5 stars5/5Your Score: An Insider's Secrets to Understanding, Controlling, and Protecting Your Credit Score Rating: 5 out of 5 stars5/5God's Bankers: A History of Money and Power at the Vatican Rating: 4 out of 5 stars4/5Straight to Hell: True Tales of Deviance, Debauchery, and Billion-Dollar Deals Rating: 5 out of 5 stars5/5How the Other Half Banks: Exclusion, Exploitation, and the Threat to Democracy Rating: 4 out of 5 stars4/5The Silo Effect: The Peril of Expertise and the Promise of Breaking Down Barriers Rating: 4 out of 5 stars4/5Principles of Economics Rating: 0 out of 5 stars0 ratingsLehman Brothers: A crisis of value Rating: 5 out of 5 stars5/5Be Your Own Bank: Hidden in Plain Sight Rating: 0 out of 5 stars0 ratingsHeaven's Bankers: Inside the Hidden World of Islamic Finance Rating: 0 out of 5 stars0 ratingsHow to Get a Business Loan Rating: 5 out of 5 stars5/5Practical Life Skills - Managing Money Gr. 9-12+ Rating: 0 out of 5 stars0 ratingsThe Federal Reserve and the Financial Crisis Rating: 4 out of 5 stars4/5The White Wall: How Big Finance Bankrupts Black America Rating: 3 out of 5 stars3/5Mortgages 101: Quick Answers to Over 250 Critical Questions About Your Home Loan Rating: 3 out of 5 stars3/5The Best Way to Rob a Bank is to Own One: How Corporate Executives and Politicians Looted the S&L Industry Rating: 4 out of 5 stars4/5Rethinking Money: How New Currencies Turn Scarcity into Prosperity Rating: 0 out of 5 stars0 ratings
Reviews for GRC, The Backbone of Enterprise Management
0 ratings0 reviews
Book preview
GRC, The Backbone of Enterprise Management - Seshagiri Rao Vaidyula
ACKNOWLEDGMENTS
Idedicate this book to the God who blessed me with human life!
Thank my beloved parents for caring, cultivating values, going above and beyond in providing good education, and laying a solid foundation for my success!
I could not have gotten here without the support and encouragement of my loving wife Bhanu, especially for understanding me and standing by my side, taking care of the kids, and bearing my time away from the family! My kids Rohit and Raghav, you have been the joy of my life!
I express my sincere gratitude to all my mentors who inspired me with their simple living, high thinking, work ethics, and teaching me to stay humble, adding value to others, and living by example!
I take this opportunity to thank Nicholas Friedman for encouraging and approving my proposal to publish the book and helping me with editing and refining the content to flow it better!
FOREWORD
Ifirst met Sesh when I entered our ISACA Greater Houston Chapter One Day Security and Audit Conference one Summer day in 2016. I was a little late, and a bit distracted and saw a gentleman dressed to the nines whom I did not recognize standing behind our Registration Table, assisting in the registration. I did not know him, but he was helping in a situation where we always need more support. Sesh introduced himself to me, saying he was a Director in GRC for PwC, having moved from San Francisco, where he was involved with the San Francisco ISACA Chapter. In minutes, he was sharing ideas around a GRC SIG. In between the second and third speakers, I introduced Sesh to our ISACA Houston Family and were off and running our GRC SIG and signing people up.
Infectious energy and attention to culture are what Sesh brings to the table –with many creative ideas to fields old and new – this book is a new chapter in that path, as it combines GRC and ERM.
I like how he describes GRC as the spine of enterprise risk management because the traditional risk management approach was always inward pulling vs. outward push.
Risk management teams reached out to the first line of defense to conduct risk assessments and collect and report the enterprise risk data. The risk assessment approach is static, reactive, and only a point in time. On top of that, risk quantification is a big challenge with a less actively engaged first line of defense in managing enterprise risks. Consequently, upper-level management can be blindsided by an outdated risk posture when making business decisions, especially when enterprise risk management has become a procedural exercise rather than pivotal to the business.
GRC strategy is a game-changer. GRC strategy presents new ways to evaluate, aggregate, and roll up risks across an organization to achieve objectives in the context of greater business complexity. It enables organizations to include enterprise risk evaluation integrated with strategic and operational planning processes and examine risk attributes to understand the links between strategy, risk, and performance with more depth and clarity.
While GRC strategy created hope for organizations to overcome the complexity and challenges of managing enterprise risks, many could not successfully harness the power of GRC strategy. In this book, Sesh discusses how to overcome roadblocks presented to organizations and provides a simplified holistic approach to harnessing the power of GRC strategy within enterprise risk management.