For some time I have wanted to write about an Enterprise Risk Management (EMR) Map that I came across. It is put out by a company called MetricStream. This ERM Map is designed to assist the compliance practitioner in either designing or reviewing a company’s Governance, Risk and Management (GRC) by providing a visual representation of the best practices in compliance business processes. It allows a company to either develop a gap analysis or classify gaps in its GRC program by better understanding overall system requirements. The ERM Map lays out these best practices in a visual format; identifying sub-processes within the specific disciplines involved in ERM; and finally separating such practices in Leadership, Organization, Process and Technology. This post will focus on Leadership and Process and I will discuss these in only some of the areas which are identified by discipline on the ERM Map.
Please see full publication below for more information.