Management asserts operating effectiveness, existence of risk mitigating controls, and compliances with relevant laws and regulations. However, getting independent assurance on these assertions can be critically insightful as well as mandatory.
Hence, having tech savvy process experts who possess strong data analytics skills with multi-industry experience in successful application of time tested auditing techniques and strategies, shall be a key value differentiator.
Business Process Re-engineering (BPR) should strive transformation of people, process and technology across organisation at one go. Whereas Business Process Improvement (BPI) strives for increamental improvement.
Approach and mind-set to BPR and BPI initiatives determines its success or failure. A robust objective framework ensuring buy-in of process owners goes a long way.
To build an agile, risk-aware, better governed organisation that achieve its objectives with responsibility, its “risk strategy” should clearly categorise which risks are to be embraced, avoided or mitigated as per its "risk appetite"
Implement an integrated view of governance, risk management, and compliance (GRC) that connects board, C-level as well as lower level management with one ERM framework.