Managing enterprise GRC and big data – How to get there?
The most important aspect is the creation of a risk-aware and risk-responsive culture, one where risk is embraced in a very receptive, optimistic and proactive manner.
Risk is as much about the right culture as it is about people, processes and systems. An aware and risk-responsive culture is one where risk is integrated with strategy setting and its execution. It is important to see the upside and downside impacts of an such an opportunity.
Unfortunately, the benefits are so ingrained in us, we quite often overlook the downside impact in an effort to gain instant benefits. However, without sufficient oversight controls, risk appetite and a risk management framework integrated into your business, you will quickly find yourself in situations that will have long-term implications on the business, and especially on its reputation.
So, with every new opportunity an organisation needs to identify and assess the possible events associated with the opportunity. It must evaluate how good or bad can it get, and whether it is OK to end up somewhere in between. A comprehensive risk analysis is required before stepping into every opportunity.