Apac
  • Home
  • CXO Insights
  • CIO Views
  • News
  • Conferences
  • Newsletter
  • Whitepapers
  • About us
Apac
  • Admired Tech

    Agile

    AI Healthcare

    Artificial Intelligence

    Augmented Reality

    Aviation

    Big Data

    Blockchain

    Cloud

    Cryptocurrency

    Cyber Security

    DevOps

    Digital Transformation

    Drone

    HPC

    Infrared

    Internet of Things

    IT Services

    Marine Tech

    Networking

    PropTech

    Remote Work

    Robotics

    Scheduling Software

    Sensor Tech

    Simulation

    Smart City

    Software Testing

    Startup

    Storage

    Unified Communication

    Web Development

    Wireless

  • Automotive

    Banking

    Capital Market

    Construction

    E-Commerce

    Education

    FinTech

    Food and Beverages

    Gov and Public

    Healthcare

    Insurance

    Legal

    Logistics

    Manufacturing

    Media and Entertainment

    Metals and Mining

    Pharma and Life Science

    Retail

    Sports

    Travel and Hospitality

  • CISCO

    Google

    IBM

    Microsoft

    Oracle

    Salesforce

    SAP

    ServiceNow

  • Business Intelligence

    CEM

    Cloud-based Planning

    Cognitive

    Collaboration

    Compliance

    Contact Center

    Contact Tracing

    Contactless Payments

    Corporate Finance

    CRM

    Custom Software Development

    Data Center

    Digital Signage

    Enterprise Architecture

    Enterprise Asset Management

    Enterprise Communications

    Enterprise Contract Management

    Enterprise Performance Management

    ERP

    Facility Management

    Field Service

    Fleet Management

    Gamification

    HR Technology

    IT Infrastructure

    IT Service Management

    Managed Services

    PLM

    Procurement

    Product Management

    Project Management

    RegTech

    Revenue Management

    Sales Tech

Menu
    • Compliance
    • CISCO
    • Collaboration
    • Contact Center
    • Healthcare
    • IT Service Management
    • Microsoft
    • Retail
    • MORE
    #

    Apac CIO Outlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIO Outlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • Compliance
    Editor's Pick (1 - 4 of 8)
    left
    Welcoming Big Data Technology amidst Changes

    Darren Cockrel, CIO, Coyote Logistics

    Leveraging Compliance to Your Advantage

    Mark Bloom, Global CIO, Aegon

    Demystifying the Role of IT in Millennial Organizations

    Jeff Fithian, VP, Strategic Initiatives and CIO, Dynamic Materials Corporation

    Productivity and Security- Can you ever have both?

    Julie Cullivan, SVP, Business Operations & CIO, Fireeye

    Lessons Learned from a CIO

    John Miller, Vice President and CIO, American Textile Company

    Digital Transformation: Prerequisites for Success in the Insurance Industry

    Nicole Kellenberger, Global Eadmin Lead, Swiss RE and Sven Scandella, Head of ITP&C Business Management, Swiss RE

    Compliance in the Cloud

    Vasyl Nair, Chief Risk Officer, Mine Super & Louis Leung, Executive General Manager Group Risk and Compliance, Mine Super

    Lessons Learnt on Compliance and Culture Change

    Paula Cristina Spirandio, Compliance Manager, Gunvor Group

    right

    Implementing an IT-GRC Program

    By Ker Shing Chock, Head of Legal & Compliance, DBS Bank, Malaysia

    Tweet
    content-image

    Ker Shing Chock, Head of Legal & Compliance, DBS Bank, Malaysia

    The concept of GRC is nothing new but the entire framework itself is feeling the heat due to growing regulatory environment (especially after the financial collapse of 2008), higher business complexity, increased demands for more accountability, and rapid proliferation of new risks.

    Generally, GRC initiatives will always require business and IT to work together, as many of the risks and challenges in GRC landscape cannot be solved efficiently without specific IT tools. Hence, the term “IT strategy” has been used commonly in the context of GRC process enhancement. This not withstanding, one should always bear in mind that the software is not the strategy; without a solid governance structure as a foundation, no solution will adhere to compliance.

    An effective GRC strategy requires top management to bring order to GRC activities across the organisation – that is, across all business functions and units, all underlying IT infrastructure and all geographies. This is particularly important because when corporate GRC are fragmented, it implies a higher expenditure of time and money, causing significant misallocation of financial and human resources.

    To develop a coherent GRC approach across the organisation whereby management can have a firmer handle on risk from all aspects, a common GRC technology platform (IT-GRC) may be of utmost importance, apart from having a common framework to define the group-wide GRC principles; approve policies, provide guidance to different segments of GRC initiatives, and authorize any GRC-related technology investments.

    A good IT-GRC platform should consider embedding stronger financial controls and compliance objectives, and not just a mere system upgrade to meet the ad-hoc requirements. A successful IT-GRC implementation can enhance business processes from two broad aspects:

    (a) Information/Resource Management

    It is undeniable that both private and public sector executives are battling against a tide of information, which organisations and their staff cannot easily cope up with. Under the common IT-GRC platform, fragmented information can be brought together and streamlined so that employees are able to rely on those comprehensive data to support their analytics, reporting, business rule and end-point decision making.

    This can be achieved by coming up with a common repository for all policy documents, regulatory updates, training materials and other compliance resources.

    A good IT-GRC platform should consider embedding stronger financial controls and compliance objectives

    Under a central location where data is stored and managed, users are not just able to create new policies and controls and map them to the regulations and internal requirements, but also able to assess whether the controls are in place and working, and fix them if they are not.

    In addition, effective information governance through a common IT platform will also help business to extract data for all GRC-related reporting across departments and across domains, which allows upper management to compare the GRC performance of different business units and identify risks on a real-time basis.

    (b) Risk Management

    Risk is inherent in everything we do and the portfolio of risk is broadening as new stresses and challenges continue to emerge.

    To manage both internal and external risks of an organisation, the most common and systematic approach would involve:

    (a) Identification; (b) Analysis; (c) Evaluation; (d) Responding; and (e) On-going monitoring and reviewing risks, whereby the same will be embedded in most software solutions that supports the end-to-end risk management process.

    That being said, we all recognize that risks do not exist in isolation. They interact with other events and conditions. Hence, to ensure that various risks are being managed and mitigated effectively within a common IT-GRC platform, it is important to understand and identify the correlation between different risks. Techniques such as risk-interaction matrices should be developed as part of the GRC tools for segmenting users, to prevent the impact of some risks that are underestimated in classical methods.

    Malaysia IT Governance and Compliance

    Back in the year 2011, Malaysia Software Testing Board (MSTB) initiated the Malaysia Software Testing Hub (MSTH) program funded by the Government with an aim to facilitate and strengthen the nation’s governance, risk and compliance (GRC) framework. In essence, the testing is to ensure the underlying IT components of the GRC framework are thoroughly tested for functionality, integrity, security, and so forth.

    From banking and financial perspectives, the country’s central bank, Bank Negara Malaysia (BNM) had in October 2016, set up a Fintech regulatory sandbox framework for financial institutions and FinTech companies to experiment and test out innovations that:

    (a) Improve the accessibility, efficiency, security and quality of financial services;

    (b) Enhance the efficiency and effectiveness of Malaysian’s financial institution’s risk management; or

    (c) Address the gaps in financing or investments in the Malaysian economy.

    This concept of regulatory sandbox framework is not new as UK, Singapore and Australia are also encouraging the development of FinTech innovations. Banks are investing heavily in new technologies, and spending is expected to grow continuously as banks seek to take advantage of new IT and digital solutions to make their operations more efficient, comply with regulators while simultaneously interacting with customers in order to maintain competitiveness.

    Conclusion

    Today’s era is less about major rewrite of risk and compliance frameworks, and more about rapid response towards the fast-changing environment with big data. As corporates embark on new strategies and change by leveraging digital technology, effective governance from top level is essential to getting a comprehensive IT-GRC platform implemented. It requires an innovative approach not only of technology but of the entire management system.

    tag

    GRC

    Financial

    Big Data

    Weekly Brief

    loading

    Featured Vendor

    • ACTICO: Leveraging AI for Compliance Management
      ACTICO: Leveraging AI for Compliance Management
    Top 10 Compliance Solution Companies - 2020
    ON THE DECK

    Content Management System 2020

    Top Vendors

    Contactless Payments 2020

    Top Vendors

    Admired Tech 2020

    Top Vendors

    Corporate Finance 2020

    Top Vendors

    AI 2020

    Top Vendors

    Travel and Hospitality 2020

    Top Vendors

    Startup 2020

    Top Vendors

    Networking 2020

    Top Vendors

    FinTech 2020

    Top Vendors

    CRM 2020

    Top Vendors

    Scheduling Software 2020

    Top Vendors

    Education 2020

    Top Vendors

    Business Intelligence 2020

    Top Vendors

    PropTech 2020

    Top Vendors

    Salesforce 2020

    Top Vendors

    Big Data 2020

    Top Vendors

    Simulation 2020

    Top Vendors

    Product Management 2020

    Top Vendors

    Legal 2020

    Top Vendors

    Remote Work 2020

    Top Vendors

    Cryptocurrency 2020

    Top Vendors

    CEM 2020

    Top Vendors

    Insurance 2020

    Top Vendors

    Data Center 2020

    Top Vendors

    Banking 2020

    Top Vendors

    RegTech 2020

    Top Vendors

    Wireless 2020

    Top Vendors

    Procurement 2020

    Top Vendors

    Cognitive 2020

    Top Vendors

    Drone 2020

    Top Vendors

    HR Technology 2020

    Top Vendors

    HPC 2020

    Top Vendors

    Pharma and Life Science 2020

    Top Vendors

    SAP 2020

    Top Vendors

    Food and Beverages 2020

    Top Vendors

    Cloud 2020

    Top Vendors

    Blockchain 2020

    Top Vendors

    Cloud 2020

    Top Vendors

    Logistics 2020

    Top Vendors

    Augmented Reality 2020

    Top Vendors

    Contact Center 2020

    Top Vendors

    Oracle 2020

    Top Vendors

    Cyber Security 2020

    Top Vendors

    E-Commerce 2020

    Top Vendors

    Compliance 2020

    Top Vendors

    Enterprise Architecture 2020

    Top Vendors

    Digital Transformation 2020

    Top Vendors

    Manufacturing 2020

    Top Vendors

    Agile 2020

    Top Vendors

    CISCO 2020

    Top Vendors

    Field Service 2020

    Top Vendors

    Contact Center 2020

    Top Vendors

    IoT 2020

    Top Vendors

    Microsoft 2020

    Top Vendors

    Retail 2020

    Top Vendors

    Aviation 2020

    Top Vendors

    Healthcare 2020

    Top Vendors

    IT Service Management 2020

    Top Vendors

    Top Vendors

    Big Data 2019

    Top Vendors

    Digital Signage 2019

    Top Vendors

    Sales Tech 2019

    Top Vendors

    Startup 2019

    Top Vendors

    Salesforce 2019

    Top Vendors

    AI 2019

    Top Vendors

    Google 2019

    Top Vendors

    Smart City 2019

    Top Vendors

    FinTech 2019

    Top Vendors

    Admired Tech 2019

    Top Vendors

    Big Data 2019

    Top Vendors

    IT Services 2019

    Top Vendors

    Business Intelligence 2019

    Top Vendors

    Education 2019

    Top Vendors

    Project Management 2019

    Top Vendors

    Enterprise Asset Management 2019

    Top Vendors

    CRM 2019

    Top Vendors

    Data Center 2019

    Top Vendors

    PropTech 2019

    Top Vendors

    Capital Market 2019

    Top Vendors

    Travel and Hospitality 2019

    Top Vendors

    Legal 2019

    Top Vendors

    IT Infrastructure 2019

    Top Vendors

    Plastic Tech 2019

    Top Vendors

    Facility Management 2019

    Top Vendors

    Fleet Management 2019

    Top Vendors

    CEM 2019

    Top Vendors

    Sensor Tech 2019

    Top Vendors

    RegTech 2019

    Top Vendors

    Marine Tech 2019

    Top Vendors

    Collaboration 2019

    Top Vendors

    Software Testing 2019

    Top Vendors

    Facility Management 2019

    Top Vendors

    Automotive 2019

    Top Vendors

    Food and Beverages 2019

    Top Vendors

    Insurance 2019

    Top Vendors

    HPC 2019

    Top Vendors

    Wireless 2019

    Top Vendors

    Simulation 2019

    Top Vendors

    Corporate Finance 2019

    Top Vendors

    Drone 2019

    Top Vendors

    AI Healthcare 2019

    Top Vendors

    SAP 2019

    Top Vendors

    Procurement 2019

    Top Vendors

    Cyber Security 2019

    Top Vendors

    IBM 2019

    Top Vendors

    Construction 2019

    Top Vendors

    Logistics 2019

    Top Vendors

    Managed Services 2019

    Top Vendors

    Manufacturing 2019

    Top Vendors

    Media and Entertainment 2019

    Top Vendors

    Cloud 2019

    Top Vendors

    Banking 2019

    Top Vendors

    Agile 2019

    Top Vendors

    IT Service Management 2019

    Top Vendors

    Retail 2019

    Top Vendors

    HR Technology 2019

    Top Vendors

    Oracle 2019

    Top Vendors

    Cognitive 2019

    Top Vendors

    Compliance 2019

    Top Vendors

    Contact Center 2019

    Top Vendors

    Healthcare 2019

    Top Vendors

    Gov and Public 2019

    Top Vendors

    Microsoft 2019

    Top Vendors

    Pharma and Life Science 2019

    Top Vendors

    DevOps 2019

    Top Vendors

    E-Commerce 2019

    Top Vendors

    Blockchain 2019

    Top Vendors

    IoT 2019

    Top Vendors

    Metals and Mining 2019

    Top Vendors

    Gamification 2019

    Top Vendors

    Field Service 2019

    Top Vendors

    Augmented Reality 2019

    Top Vendors

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Read Also

    Pinpointing Weak Links in an Enterprise Security Chain: Helping Companies Battle Data and Content Security Challenges

    Pinpointing Weak Links in an Enterprise Security Chain: Helping Companies Battle Data and Content Security Challenges

    Hiro Imamura, SVP and GM, Business Imaging Solutions Group, Canon U.S.A. [NYSE:CAJ]
    Evolving Customer Relationship Management: Move Fast or Die Trying

    Evolving Customer Relationship Management: Move Fast or Die Trying

    Ed Ariel, Vice President of Service Operations, ezCater
    Importance of Customer Relationship Management Implementation

    Importance of Customer Relationship Management Implementation

    Drew Fredrick, Vice President, Home Building Technology, Clayton Homes
    How enterprise tech startups and corporates can collaborate for innovation

    How enterprise tech startups and corporates can collaborate for innovation

    Paul Santos, Managing Partner, Wavemaker Partners
    How an Initiative for Standardization and Modularization Leads to Cost Reduction, Increased Efficiency-and Better Teamwork

    How an Initiative for Standardization and Modularization Leads to Cost Reduction, Increased Efficiency-and Better Teamwork

    Faruk Bilgin, Global Director Manufacturing Engineering of Webasto Group
    Empowering the Retail Paradigm

    Empowering the Retail Paradigm

    Jason Williams, VP of Engineering, DICK’S Sporting Goods
    Fortifying the Retail Pardigm Amidst Uncertainities

    Fortifying the Retail Pardigm Amidst Uncertainities

    Vlad Yakubson, Head of Retail, yd.
    Journey from Intelligent Automation (IA) to Artificial Intelligence (AI)

    Journey from Intelligent Automation (IA) to Artificial Intelligence (AI)

    Sanjay Choubey, VP-IT, Briggs & Stratton
    Loading...

    Copyright © 2021 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy Policy  |  Sitemap |  Subscribe

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://compliance.apacciooutlook.com/cxoinsights/implementing-an-itgrc-program-nwid-4390.html