GRF’s enterprise risk management approach is rooted in strengthening the link between risk and strategy. We review existing ERM initiatives to identify opportunities for organizations to enhance and get more value out of their current ERM efforts.
We help organizations reorient more traditional risk management programs with a compliance or loss-prevention focus to better align with their strategy and support their mission. We go beyond benchmarking to provide a detailed path forward that is customized for an organization’s goals, needs, structure, and culture.
GRF uses the Capability Maturity Model* to benchmark risk management processes on a 5-point scale from “ad-hoc” to “optimized.”
We provide a detailed assessment of current strengths to build on and areas requiring improvement. We can benchmark against international (ISO 31000) or U.S. standards (COSO) or our proprietary model blending both sets of standards with nonprofit best practices.
*Developed by Carnegie Mellon University
At the end of a GRF maturity assessment, organizations receive a detailed roadmap to help them achieve their ERM objectives. GRF’s recommendations are actionable and customized to leverage an organization’s strengths and to address short-term and long-term priorities for all elements of the assessment.