Governance, Risk & Compliance (GRC) 

The global economic crisis proved that many businesses did not take a strategic and coordinated approach to risk management. Coming out of the crisis, organizations are pressured to be more proactive and rigorous in how they manage risks and to provide assurance to internal and external stakeholders about their risk management effectiveness. Companies that can clearly articulate and quantify the risks they face and their likely impact on performance will ultimately make better business decisions. A comprehensive Governance, Risk, and Compliance (GRC) approach, enabled by technology, can drive new compliance and performance capabilities-and new organizational resilience.
Governance, Risk, and Compliance (GRC) services help clients develop a wide-ranging vision and approach for their organizations' multiple governance, risk, and compliance processes. The key focus is to help improve the sustainability, effectiveness, efficiency, and transparency for GRC processes; align the processes with the organization's strategic goals and objectives; and drive both competitive advantage and shareholder value.

KPMG can help with…
  • Strengthening the GRC organization and processes to address renewed stakeholder focus on governance and risk management
  • Enhancing economic business value by helping improve cost efficiencies
  • Capitalizing on opportunities and helping to minimize losses through enhanced risk management and informed decision making

In addition, KPMG's Holistic Model for GRC provides an integrated approach for developing and establishing a successful and sustainable GRC framework within the organization.

Potential Benefits
A company's effective approach to GRC can help:
  • Protect and enhance business value by fostering a risk-aware culture, supporting informed decision making, and addressing multiple compliance and assurance layers
  • Enhance operational efficiency by rationalizing risk management, controls, and assurance structures and processes, and intelligent use of IT and data management structures
  • Enable the organization to quickly, consistently, and efficiently respond to challenges provided by evolving risk profiles and rapidly changing regulatory requirements
  • Enable a company to meet compliance objectives while improving performance by using an integrated framework in support of its strategic objectives

Featured Success Story
KPMG's team helped a large power utility company develop a common language of risk and methodology to assess risk that would ultimately be enabled through the implementation of a GRC application. KPMG helped the company refine the business requirements and develop the common language of risk, including the organizational, process, risk, and control taxonomies. The common language of risk has allowed the oversight functions to manage risk at an appropriate level where they are not so far into the detail that they lose sight of the bigger picture.

Share this

Share this


         Deon Minnaar

Deon Minnaar
Service Network Leader

Submit an RFP

Questions to Consider

  • Have you considered developing and implementing a strategy for GRC Convergence?
  • Do you know how GRC Convergence can be a strategic driver and enabler for achieving sustainable business performance?
  • Are you aware of the benefits and advantages of proactive GRC Convergence and integration in company’s transformation processes?
  • Do you know how to create a centralized platform for monitoring, measuring, and managing risk across your organization?
  • Are you aware of KPMG’s GRC holistic model that can help enable effective GRC Convergence?
  • Subscribe to related feeds