Home  |  Courses & Seminars  |  About Us  |  Certification  |  Governance  |  Risk  |  Compliance  |  Newsletters  |  Contact
Join our Franchise Programme

GRC Controllers are now offering business opportunities in consulting, training and compliance products for regional European countries as part of our GRC franchise programme. We seek entrepreneurs and motivated compliance professionals.

We will provide the entire range of GRC tools and templates to individuals and/or companies who are looking for the opportunity of running and developing their own GRC compliance consultancy with the support of GRC Controllers and our Compliance Product division.

Click here to register your interest.

Eurosox talk in Oslo
Managing partner Kersi Porbunderwalla gave a talk about the implications of Eurosox for Norwegian companies in Oslo 14.2.2007. We encourage you to download the invitation (61 KB, PDF) and the presentation (344 KB, PDF). Both files are in Norwegian.

Company profile
You can read more about us here and get an overview of our related sites here. Memberships
We are are proud to a member of the Association of Certified Fraud Examiners
Governance

The significant Governance issues (in general terms) cover the following:

  • Accountability
  • Authorizations
  • Audit trails
  • Controls
  • Compensation
  • Independence(board, Non-Executive directors, Auditors etc).
  • Conflict of Interests
  • Monitoring
  • Segregation of duties
  • Transparency


Step by step approach for conducting Assessments:

  • Create an overview of the design and operation of the internal control structure (through an investigation of processes, risks, and controls)
  • Create a control risk matrix that links your entity’s financial, operational, and disclosure risks to the internal controls that will be established.
  • Based on the above an assessment of all control risks must be organized. This assessment will determine the extent of process documentation and internal and external audit work that must be performed to test internal controls.
  • The assessment of control risk is typically conducted by detailed control objective for each major type of transaction identified in the Control Risk Matrix.
  • While making assessments, it is critical that you monitor issues from management and staff (e.g. whistleblowers). Periodically conduct a survey for concerns or concerned stakeholders. to obtain their opinion on the adequacy of internal controls.
  • Monitor and adjust regularly or when additional or new internal controls are introduced.



The Corporate Governance Risk Framework

Corporate Governance is often defined as how we assign responsibility for managing risk, by making use of contemporary prudent management and conventional wisdom. But conventional management only provides a fragmented view on the issues involving Risk and Governance.

The Governance Model provides us with a framework for considering the type of decisions that are made including the consequences of those decisions in a cause and effect feedback way.

The Governance Model provided us with that framework whereby we could anticipate and understand and take action around the intended and unintended consequences of our choices and decisions. The Governance Model became a systems model and provided us with a structure dealing with decision-making under varying degrees of uncertainty.

Click here to read more >>




A journey in good corporate governance
On November 2, 2007, Børsen, a Danish daily newspaper, published an article entitled En rejse i god selskabsledelse af Kersi Porbunderwalla.

What does an IT manager need to know about GRC?
At the IDC IT Security conference in Copenhagen 25. September, Kersi Porbunderwalla from Controllers Aps gave a presentation about what an IT Manager needs to know about Governance, Risk and Compliance.

GRC Checklists
An effective compliance program has to be consistent with the size, complexity, range of operation and organization of a company. A one-size-fits-all or a top-down check list approach, that treats all Governance, Risks or Compliance (GRC) issues as being equal, is not a solution. The checklists are designed only to provide indications that a "canaries in a coal mine" does.

Please feel free to download our checklists for improving Corporate Governance policies, conducting Risk Assessment based on COSO definitions, and implementing Compliance activities in your company.

EuroSox: A Brief Overview
EuroSox is the nickname of a set of EU directives that corresponds to the American Sarbanes-Oxley (SOX) Act. A supplement to the overview is available here.

Will EuroSox also be a regulatory overreach?
Managing partner in GRC Controllers, Kersi F. Porbunderwalla, will be presenting the paper "Will EuroSox also be a regulatory overreach, as its American counterpart SOX?" at the Winter 2008 Hawaii Global Conference on Business and Finance. The conference will be held January 9-12, 2008 at the Sheraton Waikiki Hotel, Honolulu, Hawaii.

An abstract of the paper is available here. Additional information about the conference is available here.