IIA-Australia White Paper - GORC – New and improved GRC with added O

GORC – New and improved GRC with added O

This is a members only resource. Please login to access. 

Author

Nigel Dalton-Brown FGIA, GAICD, AMIIA, MBA

Date

 2022

Topics Explored

Compliance, GRC

Format

White Paper

Extract/Description

The term GRC creates a risk-centric bias by focusing on risk management, risk control and risk governance.
The term GRC can create confusion and bias, increasing the possibility of decision-making errors. The term GRC should be updated to describe the totality more accurately. By including Obligations in the GRC acronym (by changing it to GORC where the O stands for Obligational awareness), risk centric bias is eliminated by recognising the equal and parallel importance of obligations.

Key Points

  1. Internal Audit needs to be aware of all the organisation’s obligations and needs documentary evidence that all obligations are being met.
  2. Obligations must be monitored using a bottom-up feedback loop

Relevant Industries

All

Level of Assumed Knowledge

Intermediate