Board Risk Committee Guide

Section 4: Risk Management and Internal Control Systems | 189 5. PwC’s GRC Framework PwC’s GRC framework is based on the vision that a holistic application of GRC, linked to an organisation’s strategic objectives, can add significant value and provide a competitive advantage. The ecosystem in which the Integrated View of Governance, Risk Management and Compliance operates is influenced by both the culture of the organisation as well as stakeholders’ expectations: • The central pyramid, which represents the organisation’s own GRC framework, is built upon the Extended Enterprise & Value Chain, which illustrates the fact that a GRC framework should be integrated across the full spectrum of an organisation’s operations. • There is a cyclical mechanism within the ecosystem through which the integrated GRC framework evolves. In response to emerging standards and new requirements, the GRC framework drives the development of culture, process and technology. As these advance on a wider (for example, national or industry) scale, new standards and requirements emerge. This in turn requires the framework to adapt in order to remain relevant and continue to deliver value. Integrated GRC and Business Framework