Introduction and Scope

We would like to have all your attention for the launch of the Special Interest Group of GRC on Blockchain. The launch of Hyperledger GRC SIG is designed to focus on the optimization of GRC on the blockchain. We would be happy to work with enthusiastic developers and all manner of professionals to take this SIG forward and make it into an industry standard.

To keep it in simple words, GRC – SIG uses decentralized, permissioned Hyperledger blockchain to build applications that will streamline the way global organizations run their businesses. Blockchain has a huge potential on data accessibility along with cryptographic hash security in a transparent manner. The SIG will use the following relevant technologies like

1. Hyperledger Fabric
2. Token
3. DAO
4. New Consensus Mechanism

The span of a Governance, Risk and Compliance process includes three elements

• Governance is the oversight role and the process by which companies manage and mitigate business risks. Means by which organizations are managed in a structured way
• Risk management enables an organization to evaluate all relevant business and regulatory risks and controls and monitor mitigation actions in a structured manner
• Compliance ensures that an organization has the processes and internal controls to meet the requirements imposed by governmental bodies, regulators, industry mandates, or internal policies.

Governance: With an increase in activism among shareholders and increased scrutiny from the regulatory bodies, corporate boards and executive teams are more focused on governance-related issues than ever before. The governance process within n organization includes elements such as definition and communication of corporate control, key policies, enterprise risk management, regulatory and compliance management and oversight (e.g., compliance with ethics and options compliance as well as overall oversight of regulatory issues) and evaluating business performance through balanced scorecards, risk scorecards, and operational dashboards. A governance process integrates all these elements into a coherent process to drive corporate governance.

Risk Management: With the recent jump in regulatory mandates and increasingly activist shareholders, many organizations have become sensitized to identifying and managing areas of risk in their business: whether it is financial, operational, IT, brand, or reputation-related risk. These risks are no longer considered the sole responsibility of specialists - executives and the boards demand visibility into exposure and status so they can effectively manage the organization’s long-term strategies. As a result, companies are looking to systemically identify, measure, prioritize and respond to all types of risk in the business, and then manage any exposure accordingly. A risk management process provides a strategic orientation for companies of all sizes in all geographies with a formal process to identify, measure and manage risk.

Compliance: An initiative to comply with a regulation typically begins as a project as companies race to meet deadlines to comply with that regulation. These projects consume significant resources as meeting the deadline becomes the most important objective. However, compliance is not a one-time event - organizations realize that they need to make it into a repeatable process, so that they can continue to sustain compliance with that regulation at a lower cost than for the first deadline. When an organization is dealing with multiple regulations at the same time, a streamlined process of managing compliance with each of these initiatives is critical, or else, costs can spiral out of control, and the risk of non-compliance increases. The compliance process enables organizations to make compliance repeatable and hence enables them to sustain it on an ongoing basis at a lower cost.

Image Removed

Read the GRC SIG Charter to know more.

Note: GRC Framework definition by MetricStream

Meetings

All Hyperledger meetings are run covered by the following Antitrust Policy.

Meeting Agendas

Meeting Notes & Recordings

Activity of the Group

Links to Ongoing Work

Links to Completed Work