We all know that keeping a car’s wheels in alignment is essential. Misalignment causes a lot of problems, from loss of steering control to reduction in the safety and durability of the tires. In the same way, alignment failures in the GRC capabilities of an organization can knock us off the pathway to principled performance, cause us to swerve beyond the boundaries of acceptable operations, use up resources unwisely, and put the organization at risk.
But what does alignment really mean? And what needs to be aligned? Is alignment in the GRC context just about keeping risk management, compliance, and technology in line with each other, or is there more? Alignment is defined by Merriam-Webster, as the “proper positioning or state of adjustment of parts … in relation to each other.” And the term “proper” is defined as “of the required type; suitable or appropriate.”
