Scribd
Upload
277 views

Maturity Model

The document describes AMR Research's governance, risk, and compliance (GRC) maturity model, which outlines four steps of GRC maturity: reacting, anticipating, collaborating, and orchestrating. At each step, organizations progress from operating in isolation to strategically managing GRC on an enterprise-wide level. An organization's level of GRC maturity can vary depending on its industry and geographic location.

Uploaded by

schandur
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
277 views

Maturity Model

The document describes AMR Research's governance, risk, and compliance (GRC) maturity model, which outlines four steps of GRC maturity: reacting, anticipating, collaborating, and orchestrating. At each step, organizations progress from operating in isolation to strategically managing GRC on an enterprise-wide level. An organization's level of GRC maturity can vary depending on its industry and geographic location.

Uploaded by

schandur
Copyright
© © All Rights Reserved
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 2

Integrated GRC - Infuse GRC at Every Level

AMR Researchs governance, risk and compliance (GRC) maturity model


Step 4: Orchestrating

Step 3: Collaborating Step 2: Anticipating


Step 1: Reacting
Panic Get it done! Operate in isolation Marshal resources as necessary from wherever Acceptance Efficiency Automation See connections between multiple programs Plan future approach Coordination Identify risks Assess exposure Prioritizing actions Reuse technology components for multiple purposes

Manage in Unison Set enterprise objectives Coordinate analysis and action Complete visibility to risk, exposure, performance

Tactical

Maturity varies by industry / geography

Strategic

Source: AMR Research, 2006

Integrated GRC - Infuse GRC at every level


AMR Researchs governance, risk and compliance (GRC) maturity model
Step 4: Orchestrating

Step 3: Collaborating Step 2: Anticipating


Step 1: Reacting
Panic Excel Excel Spreadsheet Spreadsheet Get it done! Documentation Documentation of of Operate in isolation Controls Controls Marshal resources as necessary from wherever Acceptance Access Controls Efficiency Global Trade Services Automation See connections Process Controls between multiple programs Plan future approach Coordination Risk Management risks Identify Industry Specific Assess GRC exposure actions Prioritizing Environmental Reuse technology components for multiple purposes

Manage in Unison GRC Repository Set enterprise Corporate Social objectives Responsibility Coordinate analysis and action Complete visibility to risk, exposure, performance

Tactical

Maturity varies by industry / geography

Strategic

Source: AMR Research, 2006

You might also like