GRC Access Control (AC): “It Works Best if Everyone Participates”

scaleHappy Friday World! It is 5 pm yet??!!! #postgradproblems

This weekend I’m heading to my hometown of Cleveland (yes, I still have a personal vendetta again Lebron) to spend some long overdue quality-time with the fam. I think it was Patrick Henry who said: “Give me Melt/Tommy’s/East Coast Custard or give me death!” Can’t wait to hit up all the old stomping grounds.

In other news… here’s the low down on a topic that I’ve become very familiar with.

I don’t want to give too much away (I’m looking to pursue some other outlets to discuss this subject further), but I wanted to clue my readers in on one of the most desired and value-added aspects of GRC AC: the ease of collaboration between business and IT. Pardon my need for political analogies, but GRC AC is not all that different from a modern-day democracy in the following ways:

  • GRC AC works best when everyone participates
  • There are many examples of “Separation of Powers” within the GRC AC Engine
  • The system demonstrates the need for “Checks and Balances” which aids in achieving a more holistic approach to audit and compliance

Managed risks must actually be deemed critical by the business and aid in achieving global objectives. Risk management efforts are not likely to be successful unless everyone participates. If inadequate resources are allocated, compliance requirements may be overlooked, and remain unmonitored. Ultimately, by bringing together the individuals responsible for addressing real business needs organizations can achieve a more  balanced approach to governance, regulations and compliance (GRC). Collaborative accountability brings the individual areas of GRC into harmony and enables the business to be held accountable for their expertise while promoting information-sharing. Furthermore, by putting role ownership and remediation in the hands of the business, organizations can reduce the amount of time, energy and money that is put into overall risk management efforts.

Over and out,




One thought on “GRC Access Control (AC): “It Works Best if Everyone Participates”

  1. Pingback: GRC Conference 2014: “Everything to See, Hear and Do” | Diary of a PostGradSAP Consultant

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s