Governance, Risk, & Compliance (GRC) SIG

Note: This Special Interest Group will be created if there is enough interest from community members in this idea. 

Introduction

With Enterprises becoming more digital, the appetite to take risk has increased significantly. Instead of planning risk aversion strategy, companies have now started strategies to thrive on risk. 

Pandemic has also taught enterprises learn risk mitigation in a hard way, but this has surely resulted in organization to be more open to possibilities of future risk and be ready to tackle it.

This is where GRC plays a very significant role. The software industry has drastically evolved in last few decades by transforming strategies like ERP then CRM and now the focus is all on GRC, it has become one of the most crucial requirements to be added as part of digital transformation.

GRC comprise of Third-Party Risk Management, Business Continuity, Compliance, Enterprise Risk Management, Operational Risk Management, Internal Audit Management and the latest Environmental Social Governance. 

It is said that 60% of Enterprises work with more that 1000 3rd and 4th parties, this is where there is always a risk of selecting the right partners, nurturing them and deriving business benefit. This can significantly expose Enterprises to 3rd party risk. 

Transparency in compliance can bring trust in the company and anyone associated with the company can ensure company will do all the right things for the business. 

Auditing of new technology adoption by enterprises has been a key challenge for Auditors, it is essential to know if the PoCs and standards are right to meet organization's goals to get digitally transformed.

ESG ensures the whole supply chain right from financial funding to Carbon footprint to social causes like philosophy and gender equality are governed in a right way so that Enterprise can be transparent about practices, showcase right certificates, partner with 3rd parties that adhere to ESG norms to bring trust within and outside the organization 

Why should this group be launched?

As mentioned in the section above, Industries are transforming their practices gradually. While starting with Resource Planning via ERP, Customer Relation via CRM in the past to Governance, Risk and Compliance to adopt risk to derive positive outcome. Hence this group will explore role of blockchain to explore GRC use cases, define standards and practices for ease of adoption by the practitioners.

Goals of this proposed Special Interest Group are to:

  1. Awareness of GRC
  2. Focus on Opensource and Hyperledger 
  3. Role of Blockchain in GRC
  4. Right Use case Identification
  5. Build Standards and Practices by getting Business Users, Blockchain Technology providers, Academia and GRC software vendors together
  6. Make Blockchain adoption using Hyperledger for GRC easy for practitioners

In summary, this group is required because:

GRC is getting a lot of traction where Blockchain can play a significant role in bringing transparency and trust.  There are no other communities working on this, hence this group will bring thought leadership and shall make blockchain adoption possible 

Scope

The community will take initiative to specifically address:

3rd party risk Management 

Environmental, Social Governance 

Compliance 


Scope not within Charter:

Anything not mentioned above will be considered as out of scope.

Potential Work Products

The initial work products may include 

  1. Smart Contract Audit tools and techniques.
  2. 3rd Party vendor management and distributed governance modeling.

Collaborators 

The following person(s) is the initial proposer of this SIG:

Aravind Voruganti, Vice President, Blockchain Practice & Products, IDS Inc (Hyperledger Certified Service Provider).

Sunay Zelawat, Associate Product Director, MetricStream Inc.

Sunil Subramanyam, Senior Consultant, KPMG.

Interested Parties

The following individuals have already expressed an interest in joining this group, and we hope will become contributors over the first year:

  1. Aravind Voruganti, Vice President, Blockchain Practice & Products, IDS Inc (Hyperledger Certified Service Provider).
  2. Sunay Zelawat, Associate Product Director, MetricStream Inc.
  3. Sunil Subramanyam, Senior Consultant, KPMG. 
  4. Arnab Mohapatra, manager, risk assurance, TATA Communications
  5. Prashant Yadav, Product manager, Rakuten
  6. Dr. Senthil Murugan, Associate professor, VIT AP University
  7. Siddharth Kaul, Third Party Risk Management, Product Manager, MetricStream
  8. Shreya Jain, Internal Auditor, Volkswagen
  9. Nikhil Kothari, Internal Auditor, Infosys
  10. Magi Saraswathi, Senior Accountant, Audit & Compliance, Commvault
  11. Kishore Goutham, IDS Inc
  12. Hari Sandeep Reddy, Senior Business Consultant, IDS Inc
  13. Jayaprakash Arjarapu, Principal Software Engineer, Oracle India
  14. Dr Sindhu Bhaskar, CEO, EST Global
  15. Sreeman Mannamu, Garranto Pte. Ltd.

Proposed Chair

The following individuals have volunteered to serve as the initial interim Chair/Co-chair for the group:

Aravind Voruganti, Vice President, Blockchain Practice & Products, IDS Inc (Hyperledger Certified Service Provider).

Sunay Zelawat, Associate Product Director, MetricStream Inc.