Sponsored by ?

This article was paid for by a contributing third party.More Information.

Making GRC everyone’s business

Developing a robust governance, risk and compliance (GRC) programme is a complex task for financial companies, but embedding it in the business can be even more challenging. Following conversations with over 50 firms, Dave Marmer, vice-president of offering management at IBM GRC, reveals the primary motivations for today’s GRC professionals, the key pillars of an integrated GRC framework and the secret to engaging all three lines of defence in the process of continuous assessment.

“With the governance model, there needs to be an embracement of ‘risk as a culture’,” says Marmer. “It has to come from the top down and people really need to understand that risk is truly everybody’s business.”

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here