What every organization can learn from embedding values into their GRC
In a recent case study, Desiree Ramirez, Chief Integrity and Privacy Officer, at UNT Health, explains how her company’s values are woven directly into the outcomes of their conflict of interest program, which was underpinned by CoreStream GRC’s technology.
Integrity as more than just a word for compliance
At CoreStream GRC, we empower organizations to do the right thing, every day. When “courageous integrity” is a core value, like it is at UNT Health, compliance cannot be a check-box exercise. When done right, governance, risk and compliance goes beyond adherence. It can shape the behaviors, culture and outcomes that an organization stands for.
That’s the essence of Value-Based GRC: building governance frameworks that reflect what your business truly values.
As Michael Rasmussen, the GRC pundit puts it;
“GRC is no longer a back-office function. It’s the strategic command center of the modern enterprise.“
It’s this approach we bring to every partnership; designing systems that reflect the people, not just processes.
What value-based GRC really means
As Paul Cadwallader, GRC Strategy Director at CoreStream GRC, explains:
“True value-based GRC connects integrity to impact. It’s how technology, people, and governance come together to make doing the right thing the easiest thing.”
By linking governance and compliance directly to business objectives, organizations can strengthen culture, build trust and drive measurable impact.
Based on our work with leading enterprises and healthcare providers, here are some practical ways to bring your values to life through GRC.
Working together, we built that visibility into the very fabric of their system.
1) Build transparency into every process
Transparency is the foundation of integrity-driven governance. A transparent framework gives everyone clear visibility into compliance activities and their impact. When people can see the why behind compliance, they’re far more likely to engage with it.
CoreStream GRC makes that transparency possible by creating a single source of truth for all compliance data. Instead of juggling spreadsheets or disconnected systems, every bit of data lives in one central platform. Dashboards and drill-down reporting give users, managers, and leadership instant visibility into what’s happening and why.
UNT Health, one of our healthcare partners, embodied this approach. For them, transparency meant that every action could be traced, understood, and shared across the organization, with user visibility permitting. Working together, we built that visibility into the very fabric of their system.
The result? Decisions rooted in openness, not assumptions.
“CoreStream GRC made it easy for people to live our values, not just record them”
Desiree Ramirez, Chief Integrity and Privacy Officer, at UNT Health.
2) Make accountability effortless
When people see themselves reflected in the process, accountability stops feeling like surveillance. Therefore, accountability thrives when ownership is built into workflows, rather than enforced after the fact.
That’s why CoreStream GRC’s no-code platform allows teams to assign tasks, receive guided prompts, and track progress in real time.
For UNT Health, this meant turning compliance from a reactive task into a proactive one. Users didn’t just “complete” actions. Instead, they understood how their choices linked to the organization’s value of Courageous Integrity.
Managers could see who owned each stage, follow escalation paths, and intervene early where integrity might be at risk. Rather than get lost in someone’s crowded inbox or spreadsheet.
3) Escalation Visibility
There must be a clear path for higher-risk issues to reach leadership when integrity could be at stake. Ethical or reputational risks can’t sit unnoticed in inboxes or be buried under competing priorities.
Strong governance frameworks make escalation predictable, structured, and visible. Every user should know which issues need to be raised, who should be notified, and what happens next.
At UNT Health, this visibility translated into action. As Chief Integrity and Privacy Officer, Desiree Ramirez saw 52 potential conflicts raised through CoreStream GRC in the first campaign, many that would previously have gone unnoticed. “It gave me faith in my campus,” she said.
“People were being honest. It helped people live the values, not just hang them on a wall.”
Desiree Ramirez, Chief Integrity and Privacy Officer, at UNT Health.
Value-based GRC creates the same kind of oversight and visibility across every organization, where integrity issues surface early, leadership sees the full picture and teams act with confidence.
About CoreStream GRC
CoreStream GRC is a flexible, intuitive governance, risk, and compliance platform that helps organizations align governance with business outcomes. Our no-code solution delivers fast implementations, seamless integrations, and configurable workflows that reflect your values and priorities.
Trusted by enterprises including the BBC, NHS, and Shell Energy, CoreStream GRC transforms compliance from a cost into a competitive advantage.
Frequently asked questions
Value-Based GRC links governance, risk, and compliance to a company’s core values. It turns compliance from a checkbox task into a framework for integrity and impact. As Paul Cadwallader at CoreStream GRC says, it’s about “making the right thing the easy thing.”
UNT Health built “Courageous Integrity” into their compliance system using CoreStream GRC. The platform made every action traceable and transparent, helping raise 52 potential conflicts in one campaign; issues that might previously have gone unseen.
Any organization focused on ethical culture and governance but especially in healthcare, finance, energy, and education. CoreStream GRC works with enterprises like UNT Health, BBC, NHS, Shell Energy, and Pool Re.
Define your core values, then map them to your compliance goals. With CoreStream GRC’s no-code configuration, you can align policies, workflows, and reporting to reflect those values fast.
