When does GRC Fit within a Small Audit Shop?

Governance, Risk and Compliance (Part 1)

Governance, Risk and Compliance (GRC) is the latest and greatest hot topic being thrown at Internal Audit functions. But what really is the place for GRC in the profession today? Having been bombarded with Risk Management literature and programs for many years and those programs appearing to still be in their embryonic state, what confidence is there to be had in the GRC initiative?

As it turns out, there is a practical application for GRC in the world of Internal Audit. Certain cross-functional audit projects can greatly benefit from a GRC perspective. When faced with a large project across multiple disciplines, divisions, regions or operating groups the GRC model can provide a structure for evaluating the control environment in a manner and perspective that should appeal to senior management’s vision of the organization.

Stay tuned for Pat 2 of the GRC for Small Internal Audit Departments.

---

This post was contributed by Brad Zolkoske. Brad is the Director of Internal Audit at International Coal Group. He is responsible for the design, development, coordination and communication of auditing services throughout the company. Brad’s number one goal at International Coal is to establish a professional internal audit function that actively supports the company’s growth and culture initiatives.

During the course of his 20 year internal audit career Brad has worked in internal audit management for several publicly traded manufacturing companies. He is an expert at getting exceptional performance out of small audit departments. Brad can be contacted through this blog or through his LinkedIn profile.