Vidya Phalke

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence

All businesses need a strategy and processes for governance, risk and compliance (GRC). Many still view GRC activity as a burdensome ‘must-do,’ approaching it reactively and managing it with non-specialized tools. GRC is a necessary business endeavor but it can be elevated from a cost drain to a value-add activity. By integrating GRC holistically throughout the organization, and by minimizing manual and duplicative processes through the use of cloud-based tools, firms can benefit from actionable business intelligence and support rapid and informed decision-making.

compliance-cloud

Companies are questioning whether their GRC can be managed more efficiently because there is an increasing number and range of regulatory mandates and risk concerns that demand action. As problems arise, and multiple regulatory and compliance issues need to be addressed, but manual approaches to the day to day practice of GRC can swamp organizations through a constant need to monitor information sources for changes. The planning and implementation of changes often takes place as and when the demands arise.

Where GRC management and implementation occurs within business silos there is duplication of effort and inefficient cost control. There is also limited capability for knowledge sharing and learning across the organization.

Businesses need to tap into a staggering number of information sources to stay alert to changes in regulatory and legal requirements. If this is manual activity it’s a considerable burden. A MetricStream survey of 123 compliance professionals late last year looked at regulatory change management only and found that it is indeed a resource-hungry endeavor for businesses of all sizes.

Manual mind-set

A third of mid-sized businesses revealed they devote between three and ten employees to the activity, over 30 percent of large businesses said they have 21 or more and over 45 percent of small businesses reported one to two.

employees-digital

(Image Source: Shutterstock)

It’s a lot of resource to tie-up on regulatory activity. And a great deal of that resource’s time is spent on manual activities. Over 50 percent of respondents said monitoring regulatory intelligence sources for a new regulation, or changes to existing regulations, is part of their role. The three principal information sources being regulatory agency filings and releases, industry and trade associations and trade industry publications.

Cloud-based technology enables businesses to tap into collated GRC information sources. These can supply multiple information needs in one place and provide updates on regulatory compliance, risk, vendor due diligence and IT risk and compliance. With information brought together in this way, businesses can save valuable time and resource that would be spent on manual searches.

By integrating GRC knowledge with business systems and operations the whole activity can become even more streamlined and effective. The content picked up from the intelligence portal can be streamed automatically as alerts or email notifications.

From these automated alerts, businesses can quickly identify where action needs to be taken, notify relevant departments and individuals and address process and system workflows. Not only does this proactive approach to GRC management save cost and time on manual information scanning, it also helps businesses stay ahead of changes in regulation and compliance. This knowledge is elevated to almost real-time and the action to preserve corporate compliance is quicker and more efficient.

Integration and automation

In the same MetricStream survey, which was conducted late last year, nearly half (48 percent) of compliance respondents advised they still use office productivity software like spreadsheets to track regulatory changes. These traditional methods fail to address large and small enterprises need for compliance issues to be addressed at scale. However,cloud-based GRC intelligence can integrate with GRC systems to seamlessly update multiple policies, procedures and controls. Data sets can be applied across applications, including Enterprise Resource Management (ERM) systems and compliance. The trained risk and compliance personnel who have spent so much of their time market-watching can turn to more productive endeavors such as analysis, forecasting and implementation.

To a great extent, this takes a change of mind-set. It’s a cultural shift to stop viewing GRC as a cumbersome burden, and to instead incorporate it into the fabric of the organization. By adopting such an approach though, and by embracing automation to manage GRC, companies can derive real business value from taking a proactive approach.

GRC intelligence as a governance layer in the cloud can enhance business operations. From rapid change identification and the ongoing analysis of GRC data, quicker and better decision-making results. Integrated and automated GRC management puts companies in a better position to protect the company from contraventions and to perform well. By identifying risk patterns and trends, and using these in business planning the organization can improve its change response.

Fully rounded visibility into risk and compliance demands and GRC activities across the business is a step in the right direction to viewing GRC holistically, instead of in business silos. With GRC intelligence businesses can make more informed decisions and this means reduced risk and better business performance for competitive advantage.

By Vidya Phalke

Vidya Phalke

Vidya Phalke is responsible for MetricStream's technical architecture and strategy. Prior to being promoted to the CTO position, Vidya served as Vice President of Product Management and Engineering where he was responsible for MetricStream's Software Products and Platform Delivery. Starting with MetricStream in 2003, Vidya has been instrumental in developing an industry-leading GRC software platform. Before joining the software industry, Vidya earned a PhD in Computer Science from Rutgers University, where he won two Small Business Innovation Research grants for his research on databases and network optimization.

How to Simplify Multi Cloud Complexities Before Adopting

How to Simplify Multi Cloud Complexities Before Adopting

Simplify Multi Cloud Complexities The enterprise is moving quickly from a single-cloud deployment strategy to one that encompasses multiple clouds ...
Quantum Computing opens new front in Cloud!

Quantum Computing opens new front in Cloud!

Quantum Computing As the amount of data in the world is rapidly increasing, so is the time required for machines to ...
What Does The Transition To New Energy Teach Us About Cloud?

What Does The Transition To New Energy Teach Us About Cloud?

New Energy Shift CIOs report that private cloud is all the rage now. The Cisco’s of the world argue that ...
Five Ways CPQ Is Revolutionizing Selling Today

Five Ways CPQ Is Revolutionizing Selling Today

CPQ Is Revolutionizing Selling Configure-Price-Quote (CPQ) continues to be one of the hottest enterprise apps today, fueled by the relentless ...
Four Keys For Telecoms Competing In A Digital World

Four Keys For Telecoms Competing In A Digital World

Competing in a Digital World Telecoms, otherwise largely known as Communications Service Providers (CSPs), have traditionally made the lion’s share ...
How Brands Can Use IoT and Wearables to Enhance Customer Experience

How Brands Can Use IoT and Wearables to Enhance Customer Experience

Using IoT and Wearables as Part of the Customer Experience The IoT and wearables are on the verge of completely ...
Cloud Advances One Funeral at a Time

Cloud Advances One Funeral at a Time

The Advancing Cloud Forecasts scream huge growth rates for cloud but in the big picture it is tiny. Max Planck ...
First Things First. What Are Microservices?

First Things First. What Are Microservices?

Innovation with Microservices Microservices are an engineering approach and architectural style of computing that is becoming extremely important for organizations ...
3 Ways to Protect Users From Ransomware With the Cloud

3 Ways to Protect Users From Ransomware With the Cloud

Protect Users From Ransomware The threat of ransomware came into sharp focus over the course of 2016. Cybersecurity trackers have ...
The Coming of Cloud Ended the AI Winter

The Coming of Cloud Ended the AI Winter

The Coming of Cloud Use Alexa, Siri, or Google Home? They are AI’s – Artifical Intelligences. Today, AI is in ...