Integration of governance, risk, and compliance (GRC) for Thai business sustainability

พรชัย ชุณหจินดา

ผู้แต่ง

พรชัย ชุณหจินดา

คำสำคัญ:

Integration,, good corporate governance, risk management, compliance, sustainability

บทคัดย่อ

PURPOSES: To explain three important functions that an organization must have to ensure it’s security which are Governance (G), Risk Management (R), and Compliance to Rules and Regulations (C),and to explain the framework to integrate the three functions in order to reduce redundancy, enhance interconnectivity, and finally raise efficiency of the organization. In addition, this paper also exemplifies the implementation of the Integrated GRC in a listed company in the MAI stock exchange with a certain degree of progress. METHODS: Review of literature and relevant articles as well as reliable experience from business sector for an analysis and compilation of the GRE model that could be used by business sector. RESULTS: A proposal of an integrated GRE with seven important steps for a successful implementation that organizations can practically adopt. THEORY/ POLICY IMPLICATIONS: The proposed model of integrate GRC could be applied for any business organization that could lead to a flexible and better response to the continual changes of the business environment. The organization will gain an important mechanism that can drive it to a sustainable growth.

เอกสารอ้างอิง

HR Note Asia. (2022). VUCA In the modern working world: 4 techniques for modern leader to handle the uncertainty.

https://th.hrnote.asia/orgdevelopment/vuca-for-leader-in-future-work-03032021

Office of the Securities and Exchange Commission (SEC). (2560). Corporate governance code for listed company 2017.

https://www.sec.or.th/TH/Documents/CompanyHandbooksandGuidelines/CGcode2560_th.pdf

Premier Tank Corporation (PCL). (2565). Risk management policy of PTC Public Company Limited.

https://www.set.or.th/th/market/product/stock/quote/ptc/company-information.

PTT Public Company Limited. (2565a). Guidelines for the implementation of compliance policy of PTT Public Company Limited.

https://www.pttplc.com/th/Media/Publications/Report.aspx.

PTT Public Company Limited. (2565b). Measures to the integration of governance, risk and compliance (Integrated GRC) for procurement of PTT.

https://procurement.pttplc.com/webfiles/web/PDF/LawsAndRegulations/Integration_measuresGovernance_Risk_and_Compliance_(GRC)_Procurement_of_PTT.pdf

Racz, N., Weippl, E. & Seufert, A. (2014). A frame of reference for research of integrated governance, risk and compliance (GRC).

https://www.researchgate.net/publication/221521336_A_Frame_of_Reference_for_Research_of_Integrated_Governance_Risk_and_Compliance_GRC

Siahaan, M., Suharman, H., Fitrijanti, T. & Umar, H. (2022). Will the integrated GRC implementation be effective against corruption? Journal of Financial Crime.

https://www.researchgate.net/publication/358830950_Will_the_integrated_GRC_implementation_be_effective_against_corruptio

The Committee of Sponsoring Organizations of the Treadway Commission (COSO). (2017). Enterprise risk management-integrating with strategy and performance. https://www.coso.org/SitePages/Enterprise-Risk-Management-Integrating-with-Strategy-and-Performance-2017.aspx?web=1

Thai Institute of Directors Association. (2564). Guideline on board’s role in governance, risk, and compliance (GRC).

http://www.thai-iod.com/imgUpload/IOD

The Open Compliance and Ethics Group (OCEG). (2016). A maturity model for integrated GRC.

https://www.scribd.com/document/427664432/A-Maturity-Model-Integrated-GRC

Vicente, P. & da Silva, M. M. (2011). A conceptual model for integrated governance, risk and compliance.

https://link.springer.com/content/pdf/10.1007/978-3-642-21640-4_16.pdf.