In this changing regulatory environment, it becomes important for organizations to start thinking about an enterprise-wide initiative that can bring order and structure to the complexity of complying with industry specific regulations (such as FDA, HIPAA, HITECH) and cross-industry mandates (such as the FCPA, UK Anti-Bribery Act, IT Privacy and Security Laws, SOX). This initiative, called the Enterprise GRC (Governance, Risk, & Compliance) Strategy, involves tracking regulatory changes, implementing controls, managing risks, carrying out audits, and defining and ensuring policy conformance in a unified manner.
The Enterprise GRC Strategy holds good even for those organizations that already have strategies and systems in place for regulatory compliance. Very often, these strategies and systems are managed in a siloed, disintegrated, and manual manner. But the Enterprise GRC Strategy brings in a much needed level of efficiency and effectiveness by integrating and streamlining regulatory compliance processes, as well as risk management, audits, and all other GRC initiatives.
Join Isabel Smith, Director of Internal Audit and Enterprise GRC Program at Johnson & Johnson and Shellye Archambeau, CEO at MetricStream on this MetricStream hosted webinar that will discuss:-
- The foundational elements required to build an Enterprise GRC program
- Challenges involved in laying the foundation for the program
- Key factors to consider in choosing a GRC technology framework
- The role of technology in unifying the different components of GRC