Origami Risk has expanded its operations in the UK, Europe, and Middle East due to rapid growth in the region. Mary Upshaw, Head of Professional Service – EMEA at Origami, discusses the current risk landscape, expected trends, and the role technology plays in an effective GRC programme.
From the perspective of a client executive who is working very closely with UK and EMEA-based organisations, what are the most pressing issues risk managers face in regards to GRC?
There are a few that come to mind. The first is dealing with regulatory change. How do organisations stay on top of risk associated with regulatory compliance when the landscape is constantly changing, the jurisdictions that companies reside in are growing, and laws around privacy are growing?
The second is getting different groups and departments within an organisation to work together toward a shared GRC approach. For example, there might be an internal controls team that rolls up through the CFO; an enterprise risk management (ERM) team that works for the CRO; a business continuity management (BCM) unit that flows through a CTO; and a compliance group that reports to the general counsel’s office. Risk managers need to set a tone that conveys that all of these groups must work together in order to reap the benefits of GRC.