As the world becomes increasingly complex, leaders must build the mindsets and associated skills to guide their colleagues and organizations in delivering successful business outcomes. In providing these outcomes, leaders must also manage risk, operate an efficient and effective business compliance program, evolve business security maturity, work toward social responsibility, and create and maintain an engaging work culture that aligns with and furthers the organization’s vision. This article articulates the seven mindsets required of a Governance, Risk Management, and Compliance (GRC) leader to operate and innovate in today’s environment successfully.
- Professional humility helps leaders put their organization’s success before their success or image. They are committed to the organization’s purpose and use it as their north star to guide their decision-making. They freely and instinctively share credit with others in their organization, thus supporting an attitude of collaboration and collegiality. Humility is essential when developing, implementing, and enforcing governance, risk management, and compliance programs. A professionally humble leader knows that responsible and comprehensive programs result from relations within a healthy and safe professional ecosystem. Professionally humble leaders understand the need to balance business success and safety, and work as critical team members as the ecosystem evolves. In evolving systems that require a delicate balance of competing stakeholders, leaders must make difficult decisions quickly and have the humility to refine their position as they continue to learn and grow from their choices and actions.
- An unwavering commitment to right action requires leaders to fully commit to the organization’s mission without being myopic or stubborn. This leader knows when to stay the course during challenging times and when to alter direction when gaining additional information. It is the delicate balance of being tenacious and adaptable. The consistent evolution of organizations and compliance best practices means responsible leaders must recalibrate their perception and direction. GRC leaders determine right action by balancing their guiding principles with their organizational goals and stakeholder needs. Then, they define/refine programs ensuring appropriate structures evolve to protect the enterprise and promote its success.
- 360-degree thinking guides leaders to consider the implications of decisions from multiple lenses, including future employees, owners, clients, and other stakeholders. Leaders with this mindset know systems are affected by the ecosystems in which they operate. The systematic thinker balances the business goals with good organizational hygiene relating to governance, risk management, and compliance. Applying a 360 view to an organization’s standards, programs, processes, and procedures ensures that the GRC programs are proactive and consider a broad range of consequences across multiple stakeholders within the ecosystem. These GRC systems must support the enterprise, suppliers, customers, and partners. Therefore, leaders take a broad view of their system and its impacts.
- Intellectually versatile leaders develop interests, curiosity, and expertise in areas beyond their immediate business. This versatile mindset is often called a growth mindset. Broad interests help leaders hone their judgment, expand their thinking, and broaden their perspectives. A well-rounded individual who brings skills and experience from all aspects of life encourages learning, exploration, and creative outlets. They likely synthesize ideas from multiple sources to create more complex maps of their ecosystems. Additionally, GRC leaders with interests and lives beyond their organization and role can leverage external support systems and new ways of thinking to challenge their work.
- Authentic and reflective leaders provide valuable feedback to others that support the growth and development of individuals and systems. They are highly focused on their growth, development, and helping others. Being authentic in various contexts requires a solid ability to reflect on internal actions and impacts. Additionally, leaders need to build reflection skills as a foundation for leaders who grow and improve systems. Because they work in complex systems, often GRC work comes with implementing new or changing established programs. These changes often meet with resistance. An authentic and reflective leader is aware of this resistance and uses their authenticity and ability to change direction to reduce friction and apply the appropriate measures in an understanding and effective way. A reflective leader can understand and have flexibility at the moment to reevaluate the situation and resolve conflict.
- Inspiring followership among stakeholders at all levels of the organization allows leaders to create shared mutual purpose and identify approaches that connect the organization’s goals with individual team members’ goals. Influential leaders create caring connections that encourage others to work with them to accomplish their shared goals. For example, a GRC leader believes in the work they are performing and wants to share that work with others to move toward collective and natural adoption. When leaders have established followership, they create a collaborative environment where all parties build trust and create a shared vision of governance, risk management, and compliance. As a result, they move from following directions to co-owning programs and outcomes.
- Innately collaborative leaders invite diverse perspectives to solve complex challenges that serve the highest outcome for all stakeholders. These GRC leaders are eager to expand their perspectives by inviting others to offer input as they work towards evolving solutions. This orientation towards collaboration creates a workplace where everyone’s input is valued and integrated into a novel solution. A GRC leader spends more time listening than speaking, asking questions, and establishing a “why” before attempting to enact change or implement a practice. As a result, all participants in the collaborative process expand their understanding and have the opportunity to build ownership in changes. GRC leaders know that a successful program is integrated across the organization, not siloed. Connecting and collaborating with key stakeholders across the entire organization and the ecosystems become critical to implementing the necessary changes to mitigate risk, promote compliance, balance business goals, and continue innovating.
As our world becomes more complex, governance, risk management, and compliance become more important. The challenges leaders face working in complex evolving systems means they face challenges their predecessors have not seen. As a result, they must build additional skills to meet the challenges of today’s business world.
Maureen Metcalf M.B.A. is the Founder and CEO of the Innovative Leadership Institute. She is an expert in anticipating and leveraging future business trends. She helps leaders elevate their leadership quality and transform their organizations to create sustainable impact and results. She captures thirty years of experience and success in an award-winning series of books used by public, private, and academic organizations to align company-wide strategy, systems, and culture using Innovative Leadership techniques. She is a Fellow of the International Leadership Association. She also serves on the Advisory Board at the School of Strategic Leadership at James Madison University and the Mason Leadership Center at Franklin University.
Junell Felsburg is the Sr. Director of Cybersecurity at The Columbus Foundation and a lifelong learner who dedicates her energy to exploring the intersections of technology, education, inclusion, and personnel development while leveraging her background in systems, networks, business, and GRC. She believes that technical teams will drive the global community through the next age using emotionally intelligent leadership, interpersonal development, and encouraging passionate pursuits. She is a Co-Facilitator for the Central Ohio IT Leaders program with the Innovative Leadership Institute and works with Franklin University’s CSM Advisory Board.