https://training-course-material.com/index.php?action=history&feed=atom&title=GRCGRC - Revision history2026-04-14T22:44:35ZRevision history for this page on the wikiMediaWiki 1.45.1https://training-course-material.com/index.php?title=GRC&diff=7807&oldid=prevBernard Szlachta at 01:32, 17 November 20122012-11-17T01:32:12Z<p></p>
<p><b>New page</b></p><div>{{Cat|OCEB B200.5 - Quality and GRC}}<br />
{{OCEB Links}}<br />
<br />
Source: Anthony Tarantino, Governance, Risk, and Compliance Handbook, Wiley, 2008.<br />
<br />
<slideshow style="nobleprog" headingmark="⌘" incmark="…" scaled="false" font="Trebuchet MS" ><br />
;title: GRC<br />
;author: Bernard Szlachta (NobleProg Ltd)<br />
</slideshow><br />
<br />
== GRC ⌘==<br />
* '''Governance'''<br />
* '''Risk''' <br />
* '''Compliance'''<br />
* Distinction is sometimes blurred<br />
<br />
= Governance ⌘=<br />
* Governance - Latin: ''steering''<br />
* "Addresses the processes systems and control by which organizations operate"<br />
* Applies to all organizations: '''public''' and '''private'''<br />
* "Includes the exercise of legal and regulatory authority and the user of institutional resources to manage organizations"<br />
* Area of Economics: separation of ownership and control (board directors, owners, managers, employees, suppliers, customers, regulators and communities"<br />
<br />
== Corporate governance ⌘==<br />
* "Processes by which an organization defends the interests of the stakeholders"<br />
* Refers to the relationship between those who govern and those who are governed.<br />
* In politics: relationship between the government and citizens<br />
* GAP: Present State, Desired State, Plan to get there<br />
<br />
== Short Chronology ⌘==<br />
* 500 BC 孔子, Analects<br />
* 31 BC Rome (shareholding)<br />
* 1600 East India Company (Court of Directors, separation of ownership and control)<br />
* 1844 UK, Joint Stock Company Act<br />
* 1930 Bank of International Settlement<br />
* 1933 US, The Securities Act (regulation over securities markets, registration disclosure, SEC)<br />
* 1984 G10, BIS creates the Basel Committee<br />
* 1977 US, Foreign Currupt Practices Act (FCPA, prevation of bribery of foreign officials)<br />
* 1985 US, EU, COSO<br />
* 1988 G10, Basel accord (minimal requirements)<br />
* 1990 UK, Polly Peck, CCI, Maxwell<br />
* 1992 UK, Cadbury Committee published first code on corporate governance<br />
* 1999 G10, Basel II<br />
* 2001 US, Encrom<br />
* 2002 US, SOX<br />
* 2004 US, COSO II (ERM)<br />
* 2011 Global banks are required to be live under Basel II<br />
<br />
== Commonly Accepted Principles of Corporate Governance ⌘==<br />
* Rights and Fair Treatment of Shareholders<br />
* Rules and Responsibilities of the Board of Directors<br />
* Ethical and Professional Behaviour<br />
* Financial Transparency and Disclosure<br />
* Internal Controls<br />
<br />
== Models of Corporate Governance ⌘==<br />
Anglo-American Model<br />
* priority to shareholder interests <br />
* powerful CEO<br />
* board provides overachieving stewardship<br />
The coordinated Model<br />
* prevalent in Europe and Japan<br />
* "gives priority to the interest of managers employees, customers, suppliers and the community in general"<br />
* slower growth in profits, more control over ethics and morality<br />
Family-Owned Company Model<br />
* Asia, Latin America, also (Span, France, Italy)<br />
* Transparency is not welcomed<br />
== Agency vs Stewardship ⌘==<br />
Agency theory<br />
* separation of Board Chair (Chairman) and CEO<br />
* Greater monitoring and sanctioning of management<br />
Stewardship<br />
* Shared incumbency of the roles<br />
* More independence in decision making, faster reaction to changes<br />
= Risk ⌘=<br />
; Risk<br />
: "Possibility of loss or injury created by an activity or by a person"<br />
* doesn't have to be bad<br />
* opportunies can come from a risk<br />
<br />
; Risk Management<br />
: "seeks to identify, assess and measure risk and then develop countermeasers to mitigate and minimize its impact"<br />
<br />
== Basel II major areas of operational risk ⌘==<br />
# Internal fraud<br />
# External fraud<br />
# Employment practices<br />
# Clients, products and business processes<br />
# Damage to physical assets<br />
# Business disruptions and system failures<br />
# Execution, delivery, and process management<br />
<br />
== COSO and ERM ⌘==<br />
; COSO<br />
: Committee of Sponsoring Organizations<br />
<br />
* In 2004, COSO published update to 1992 risk management framwork, AKA '''Enterprise Risk Management (ERM)''<br />
<br />
= Compliance and Internal Controls =<br />
; Compliance<br />
: acting in accordance with established laws, regulations, protocols, standards and specifications.<br />
; Internal Controls<br />
* terms used in finacial reporting<br />
* COSO specified internal controls approach<br />
* SOX section 404<br />
<br />
== Globalization ⌘==<br />
* GDP<br />
* GDP PPP<br />
<br />
== IFRS vs GAAP ⌘==<br />
; GAAP<br />
: Generally Accepted Accounting Principles<br />
: Mostly in the US<br />
; IFRS<br />
: International Financial Reporting Standard<br />
<br />
== Harmonization ⌘==<br />
* Equivalnce (standards)<br />
** GAAP, IFRS<br />
* Reciprocity<br />
* Transparency<br />
<br />
== Basel II ⌘==<br />
Aplies to ''Large Banks'' <br />
* over 250 billion in consolidated assets or<br />
* 10 billion in foreign exposure<br />
<br />
Smaller companies can be "punished" for non compliance by rating agencies<br />
<br />
== World Bank six categories of governance ⌘==<br />
# Voice and accountability<br />
# Political stability and absence of violence<br />
# Government effectiveness<br />
# Regulatory quality<br />
# Rule of law<br />
# Control of corruption<br />
http://en.wikipedia.org/wiki/Worldwide_Governance_Indicators</div>Bernard Szlachta