Governance, Risk and Compliance

Today’s rapidly changing geo-political, business, and regulatory environment requires rethinking about risk in new ways. Management is constantly struggling with increasingly demanding requirements while optimising the governance structure, to build trust, drive efficiency and to remain competitive.

Implementing the suitable Governance, Risk and Compliance (GRC) framework will enable organisations to identify the right approaches which contribute to improved risk management, enhanced process efficiency, and strengthened internal controls and compliances. Taking an innovative approach to managing and enhancing your GRC capabilities can help you seize opportunities, stay a step ahead of uncertainty, and meet stakeholder expectations.

overview image

Our work comprises helping companies design, review, revamp and benchmark their GRC practices and business process controls performance. By aligning GRC activities to business performance drivers, we help transform the function to anticipate and mitigate risk and deliver business performance. Our teams bring specialty skills and industry experience to provide you with the practical implementation insights.

PwC’s Risk Capabilities

Enterprise Risk Management (ERM)

We work with our clients to design, review and implement operating models for effective Enterprise Risk Management (ERM) solutions by leveraging proprietary frameworks, tools and methodologies which are customisable to clients’ specific needs and maturity. We also have deep expertise in areas such as risk appetite articulation, integrated compliance and risk models, and Key Risk Indicator (KRI) based monitoring.

Our engagement drives a broad range of benefits including:

  • Informed risk decision making
  • Consistent and robust identification and mitigation of all key risks
  • Clarity in accountability and ownership
  • Improved view of key mitigation plans
  • Proactive, risk aware culture across the organisation
  • Assurance to the Board and Audit Committee

Internal Audit Services

An increasingly complex and changing business environment coupled by ever accelerating adoption of newer technologies, poses interesting challenges to the Internal Audit (IA) function in meeting expectations of all stakeholders.

Whether you need assistance in setting up an IA function, transforming existing function, outsource/co-source the planning and delivery of the IA requirements, we can propose a customised solution using our expertise and state-of-the-art tools and technology.

Our IA advisory services offer clarity on maximising the value of your function. We can assist in developing audit maturity assessments, implementing relevant methodologies, providing internal audit training to upskill your team, and conducting quality assurance reviews to ensure compliance with audit standards.

Our services aim to enhance your IA function in multiple ways. Through managed service (outsourcing) and partnering (co-sourcing), we improve the capability, flexibility, and effectiveness of your internal audit, while also delivering better risk coverage and reducing costs. We help create value and relevance within your internal audit function, promoting innovation and efficient resource allocation tailored to your company's needs.

Additionally, we provide staff secondments, offering access to experienced professionals who can be integrated into your team. This allows you to enhance your internal audit competency by leveraging their industry and subject matter knowledge.

Controls Assessment and Optimisation

PwC India’s GRC team offers a specialised service to help organisations evaluate and enhance their internal controls. Their comprehensive assessments of control mechanisms and processes across various functions identify deficiencies and provide recommendations for improvement by leveraging industry best practices. The team helps organisations proactively address control weaknesses which helps them mitigate risks and safeguard their operations and reputation. To help Management have confidence in the control environment, our teams create visibility of the effectiveness of controls by using advanced data analytics and visualization tools.

Key benefits

  • Fit for purpose controls
  • Operational effectiveness
  • Streamlining and simplification of processes and controls
  • Control automation
  • Risk visualisation

Revenue Assurance

Revenue Assurance is aimed to plug revenue leakages along the entire value chain. Revenue leakages represent missed revenue opportunities (e.g., unbilled and under billed charges, delayed cash flows, written off revenues, etc.). Common causes for revenue leakage include inadequate controls around complexity in products, bundles/discounts, manual interventions, multiple handoffs, change in programmes impacting systems and processes. Key components of the solutions include:

Revenue Leakage Minimisation and Cost Management

  • Data analytics along the revenue processes to identify revenue leakage
  • Independent testing, reconciliations and re-modelling of business rules and re-rating on our own systems to assure revenue
  • Independent review of new revenue areas/ business model changes

Proactive Monitoring

  • Development of dashboards for reporting KPIs
  • Report on transactions trends and processing errors

Sustainability of Revenue Leakage Efforts

  • Development of target operating model
  • Training
  • Outsourcing/co-sourcing revenue assurance functions

Monitor, Detect and Fix Revenue Leakage

  • Requirements gathering and data acquisition
  • Data analysis and reconciliation
  • Root cause analysis

Reporting System Implementation

  • Confirmation and prioritisation of test cases and desired reporting based on high-risk areas identified in the analysis.
  • Development and testing of ETL, data models, reports, self-service dashboards and visualisations for reporting.

Set up Alert Monitoring and Management Process

  • Setting up of alerting thresholds and scenarios where users will be informed of possible incidents of revenue leakage
  • Establishment of Alert Management Workflow

Project Governance and Insights (Capex)

The growth plans of organisations are linked with timely completion of development projects. It is equally important to have the right governance mechanism to ensure delivery of projects within the desired parameters (time, cost, quality, compliances). Our 'Project Governance and Insights' solution addresses the key challenges faced by clients today;

  • On-time project completion: On-time project completion through efficient planning and governance of projects (schedule vs. onsite progress, contractor's performance, other project completion risks); recommendations to improve the control over timeline.
  • Budget and cost-control: Opportunities of cost optimisation based on our industry experience and proactive identification of potential cost overruns; recommendations to improve the control over budget and cost.
  • Design control: Adherence with design principles/guidelines to avoid rework & project delayed by client.
  • Compliances: Adherence with safety and compliance guidelines at the project site.

Our deep techno-commercial capabilities with experience of delivering more than 100 similar engagements enables us to deliver exceptional value to our clients across segments (plants & factories, roads & highways, real estate, data centre, hospitals, hotels, retail stores, warehouses etc.). Our partnership approach enables clients to strengthen and deliver their business plans effectively.

Business Process Management

Process mining is an approach to identify As-Is business processes by analysing the digital footstep retained in the system from every transaction. It analyses data generated in the organisation and gives maximum visibility by reconstructing the process maps and advises on how to improve business controls and operations. Improvement opportunities include identification of inconsistencies or abnormalities in business process compliance, finding levers to reduce the cost of business processes, classifying and prioritising top automation opportunities.

Commercial Assurance: Risk Management Solutions

Commercial Assurance involves identifying, validating and managing the risks associated with third party contracts. It gives you the opportunity to drive savings, process enhancements and knowledge transfer, while also ensuring compliance.
Inadequate third-party contract management practices can hurt your bottom line and increase the risks of financial losses, damage to your company's reputation and possible regulatory issues.

Business Process Design and Performance Improvement

Our solution includes design/review/redesign of business processes (Standard Operating Procedures) by improving the control environment, enhancing efficiency and effectiveness and reducing cost. Our teams bring a deep understanding of supply chain, finance, IT systems, operations and human resources; and we use extensive data and identify improvement opportunities. We also provide detailed process narratives along with the KPIs, key risks and controls, responsibility matrix, Delegation of Authority, key MISs, etc. in various formats which are used by clients to standardise the processes and to provide role clarity and instructions to the teams.


PwC India caters to the following industries

  • 79%

    report that keeping up with the speed of digital and other transformations is a significant risk management challenge

  • 22%

    are realising benefits from defining or resetting their risk appetite and risk thresholds

  • 39%

    of business executive respondents say that they are making better decisions and achieving sustained outcomes by consulting with risk professionals early.

  • 56%

    are investing in risk culture and considering behavioural risk in 2022

  • 70%

    are prioritising diversity in risk terms

  • 47%

    are very confident in their risk function’s ability to build a more risk-aware culture

  • 74%

    are increasing their spending toward adding technology and digital capabilities to the risk function workforce

  • 65%

    are increasing overall spending on risk management technology

  • 54%

    complement risk technology investments with people and process changes

  • 3/4

    are planning on increasing spend across data analytics (75%), process automation (74%), and technology to support the detection and monitoring of risks (72%)

  • 75%

    say that having technology systems that don’t work together is a significant task management challenge

  • 38%

    report that their risk function is not actively seeking external insights to assess and monitor risks

Follow PwC India

Required fields are marked with an asterisk(*)

By submitting your contact information you acknowledge that you have read the privacy statement and that you consent to our processing the data in accordance with that privacy statement including international transfers. If you change your mind at any time about wishing to receive material from us you can send an e-mail to

Contact us

Sunil Bhadu

Sunil Bhadu

Leader, GRC, Risk Consulting, PwC India