Key differentiators in Governance Risk and Compliance (GRC) landscape

Key differentiators in Governance Risk and Compliance (GRC) landscape

Feb 21st, 2018

A recent report by Blue Hill Research discusses the Key differentiators in Governance Risk and Compliance (GRC) landscape. The report is entitled Four Components of an Enterprise Risk Reporting and Management Platform. The base of knowledge is analyses and research interviews with fifteen risk management executives.

Key differentiators in Governance Risk and Compliance (GRC) landscape

As far as GRC product functionality, the core components generally involve the following capabilities:

  1. Centralized data management
  2. Process and incident management
  3. Workflow management
  4. Automated monitoring and alerting and finally,
  5. Automated reporting.

Depending on the scope of each implementation, the deployment of these capabilities may be in support of a single unit, a full compliance or risk department, or as a comprehensive enterprise solution.

Key differentiators in Governance Risk and Compliance (GRC) landscape.

First the report identifies and discusses the key differentiators in the enterprise Governance Risk and Compliance (GRC) landscape.

Indeed, the report builds the case around the increase in the complexity of information used by risk and compliance practitioners. The increase reportedly lies in the evolution of risk management from a functionally oriented solution to a true enterprise-wide effort. Another critical factor is the larger number and diversity of stakeholders that provide or apply enterprise risk data.

Then the report identifies four key differentiators in the maturing enterprise Governance Risk and Compliance (GRC) landscape as follows:

  • Moving from generic data management to support for use case context. In other words GRC tools should allow for custom tailored drilling in the hazard and risk registers, so that the gap between “general management” and “case context” can be seamlessly covered.
  • Evolving from basic reporting toward business intelligence analytics allowing in depth analyses of updatable databases.
  • Using visualization in the presentation of compliance and risk information, i.e. dashboards.
  • Workflow management as an alternative to customization, i.e. the capability of delivering the information needed by stakeholders how they need it, when they need it.

Closing remark

The real benefits of rational, convergent, scalable, drillable GRC deployment are neither in the time spared nor in terms of people vs. tool costs. They are about what the client can get out of the tool.

Finally the ideal outcome is to deliver comprehensive data, in near real-time, as needed. As a matter of fact, anyone who understands his/her risk profile makes better decisions.

Call us to learn how a ORE deployment can push your GRC program to a higher notch.

 

 

Tagged with: , , , , , ,

Category: Optimum Risk Estimates, Risk analysis, Risk management

Leave a Reply

Your email address will not be published. Required fields are marked *

Riskope Blog latests posts

  • Wells Fargo judgement and Tailings risks
  • 1-02-2023
  • We thought of Wells Fargo judgement and Tailings risks in follow-up to the recent judgement against a number of bank’s…
  • Read More
  • Prefeasibility hazard adjusted NPV
  • 25-01-2023
  • A mining company asked us to perform a Prefeasibility hazard adjusted NPV evaluation. Our action first focused on bringing clarity…
  • Read More
  • OpenAI’s ChatGPT applied to tailings dams and associated risks
  • 11-01-2023
  • As everyone else, we got excited about the new ChatGPT so we tried OpenAI’s ChatGPT applied to tailings dams and…
  • Read More
  • Get in Touch
  • Learn more about our services by contacting us today
  • t +1 604-341-4485
  • +39 347-700-7420

Hosted and powered by WR London.