Many organisations’ governance, risk management and compliance (GRC) practices have not changed for years. The result is organisations are struggling to keep up with the complex regulatory environment and meet external stakeholders’ expectations. Many organisations, no matter what sector they trade in are seeking to become more flexible and profitable while increasing internal controls and reducing risk. These objectives appear to be contradictory, but one way large organisations can unite them is by improving their approach to GRC.
Using the correct tools and processes to improve GRC can enable organisations to make better business decisions, foster innovation and become more competitive. To enable best practice for GRC, a company must know its corporate structure and all its components intimately.
Enterprise architecture (EA) is a way to gain that knowledge. As a discipline, EA has been around for some time, and essentially it is a way to model and describe an enterprise. A common way to do this is to use business enterprise models, data models, organisational models and representations of the information technology assets. […]
This paper examines the factors bringing together EA and GRC solutions and practices. It looks at current challenges in GRC and includes a summary of the types of solutions available. There is an introduction to the broad concepts and practices of EA and a detailed discussion of the integration of EA and GRC. The paper explains how EA and GRC solutions fit together to link risks and business processes and to enable improved business decision-making. […]
To read the document, please complete the form on this page.