Database Reference
In-Depth Information
Governance
The
www.businessdictionary.com
has a great definition of governance:
Traditionally defined as the ways in which a firm safeguards the interests of
its financiers (investors, lenders, and creditors). The modern definition calls it
the framework of rules and practices by which the board of directors ensure
accountability, fairness, and transparency in the firm's relationship with all the
stakeholders (financiers, customers, management, employees, government, and
the community). This framework consists of (1) explicit and implicit contracts
between the firm and the stakeholders for distribution of responsibilities, rights,
and rewards; (2) procedures for reconciling the sometimes conflicting interests
of stakeholders in accordance with their duties, privileges, and roles; and (3)
procedures for proper supervision, control, and information-flows to serve as a
system of checks-and-balances. It is also called corporation governance.
I really like this definition, partly because it lets you know where the real
accountability for Governance lies in the enterprise, but mostly because it is
pretty much undefined in most of the frameworks that have had influence
on the GRC market.
Risk
Probability of loss inherent in a firm's operations and environment (such as
competition and adverse economic conditions) that may impair its ability to
provide returns on investment. The leading framework in risk management
was published by the
Committee of Sponsoring Organizations
(
COSO
) of the
Treadway Commission. COSO ERM extends the definition from not meeting
a financial objective to not meeting any of the enterprise's objectives. It makes
it pretty clear that the body that is responsible for signing off on the corporate
strategy should also ensure that there is a process to identify the risks of not
meeting the goals.
Compliance
Certification or confirmation that the doer of an action such as the writer of an audit
report, or the manufacturer or supplier of a product, meets the requirements of
accepted practices, legislation, prescribed rules and regulations, specified standards,
or the terms of a contract.
Search WWH ::
Custom Search