Home > Risk > Three Men, Agility, and GRC

Three Men, Agility, and GRC

September 8, 2010 Leave a comment Go to comments

Imagine a man. He is standing still, looking intently at his feet, making sure they are within a circle on the floor. This man is all about compliance. He is concerned that he remains in the compliance circle, not an inch beyond.

Now imagine a second man. This man is alert, up on his toes, looking all around. He is watching for things that may be coming his way. When he sees something, he prepares for it and is ready to either dodge and avoid it or cushion its impact. As you watch, you see that he is constantly in motion. His head swivels in every direction, his body moves to avoid or cushion adverse events (occasionally, he catches something he likes – an opportunity) and his feet are dancing so he can move with agility as needed. At the same time, he glances down regularly to ensure he is staying within his compliance circle.

This man is about risk as well as compliance (or you could say he is concerned with all forms of risk, not only compliance but also strategic, operational, and financial risk).  One of the differences between the two men is that this second man is either moving or ready to move. He has agility with which to respond to risk. (Wikipedia defines agility as “the capability of rapidly and efficiently adapting to changes”).

Now a third man comes into view. He is coming towards you, but he is also looking all around, alert to uncertainty, dodging risk, catching the occasional opportunity, dancing on his feet so he is always prepared, and staying within a compliance circle that moves as he moves. As you look at the circle, you see that it changes as he travels into a different area. The compliance requirements are changing as his environment, location, and business operations change.

The third man clearly is moving with purpose. He has a direction in which to progress and strategies and goals to achieve. He has (we presume) effective governance processes in place that defined where he wants to go, how he wants to get there, when he needs to arrive, etc. These strategies and objectives were probably developed with due consideration of risks, because as he moves towards his goals he is alert to every risk, compensating for their potential occurrence and impact by changing direction, taking different paths, putting up a shield to minimize impact, etc. We notice that he checks his watch from time to time, as well as a map, so he can monitor his progress.

This man is clearly agile. It’s more than his being up on his toes; his awareness – his consideration and preparing for risks and uncertainty – makes him more capable of responding to potential events, whether to seize an opportunity or to manage an adverse event.

This last figure has efficient processes for GRC: governance, risk management, and compliance. What makes him effective is that they operate together, in sync. Everything comes together to deliver optimized performance (with consideration of risk) while remaining in compliance.

Which are you? Which profile fits your organization?

Note: this post appeared in CMSWire this week.

  1. September 9, 2010 at 7:26 AM

    Norman -Great post.

    It amazes me how common Type 1 and Type 2 “Men” are in key corporate positions and how company culture can restrict change. Your thoughts made me laugh and reflect on Spencer Johnson’s story “Who moved my cheese?”. The world is changing rapidly and keeping up will be difficult for some and impossible for others.

    Audit and Compliance managers need to increase their awareness of the world we now live. All need to align risk and compliance to strategy. Technology solutions will make this feasible but the biggest challenges will be the people and culture.

  1. March 8, 2011 at 9:40 AM

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: