LR pixel

avedos GRC Blog

GRC reporting: Paradigm 3

avedos is highly committed to GRC reporting. In the coming weeks we will present and discuss six paradigms related to this topic on our blog. Profit from our expertise and valuable, hands-on recommendations on how you can take action!

Paradigm change in GRC reporting

– generate tangible value for the executive and supervisory boards

Many organizations still view GRC reporting merely as a necessary legal requirement and a contribution to reducing liability. Reports for executives and supervisory boards, however, offer potential for presenting opportunities in light of risks and, therefore, delivering real value for the company’s sustainable development. This, however, requires a paradigm shift in the way that GRC processes are reported so that the efforts center on providing concrete insights on core issues for the supervisory and executive boards. Paradigm # 3 refers to progression to insightful reports:

3. Insightful

– from fragmented reports to an integrated, complete picture of the situation of the organization

Reporting that shows correlations and dependencies can help deliver decisive insights. Yet the results from GRC activities, in particular, are still often reported in mere fragments. Important correlations throughout the company, however, cannot be identified through classic approaches to reporting. Common examples include:

  • Contradicting results: An action was reported as “implemented” in risk management, and the evaluation for the underlying risk was lowered accordingly. An audit, however, later determined that this action is not suitable to address the risk. This information, however, was overlooked.
  • Systematic weaknesses: Determinations and weaknesses are often viewed individually, in other words, with respect to the specific context. This means that anomalies across regions and departments or correlating facets of a specific topic are often overlooked, and the necessary, widespread actions cannot be identified. These points, of course, are currently reported individually from the various functions for liability reasons. The insight that is necessary to make well-founded decisions, however, only emerges when they are combined in a complete, integrated view.


Transforming reporting to a linked view is the key to building acceptance and stimulating the decision-making processes. This is what makes the related issues transparent and brings the necessary insights to the respective areas. Here it is essential that the messages are well aligned within the GRC functions and lines of defense to ensure a common line with regard to the content.

Our recommendation for action

Define a joint map that shows correlations among different topics. Make an effort to work together whenever possible. Address your points initially outside of the realm of formal reporting. This allows you to promote the value of this map for universal use in reporting.

GRC alert!

GRC know-how for your inbox!

Get informed on the facts and latest trends in GRC – and stay tuned for upcoming events, webinars, podcast episodes or trainings.

CSM Webinar 150x151 Icon
Podcast icon avedos
CSM Event Icon avedos 150x151
CSM Newsletter Icon avedos 150x151
CSM Training 150x150 Icon