The Democratization of Business Software Technology

The Democratization of Business Software Technology

Democratization of Software Advances in the cloud have changed the way we interact with the world. From how we pay our bills to how we communicate to how we navigate city streets, the cloud's arrival has proven disruptive to the old ways of doing things.
How Blockchain Has Unexpectedly Improved Big Data Integrity

How Blockchain Has Unexpectedly Improved Big Data Integrity

Big Data Integrity Blockchain technology was developed to improve the integrity of bitcoin. However, as bitcoin became more popular, its underlying technology is gaining more attention as well. Perhaps the most significant development in IT over the past few years, blockchain technology has the potential

CONTRIBUTORS

Digital Twin And The End Of The Dreaded Product Recall

Digital Twin And The End Of The Dreaded Product Recall

The Digital Twin  How smart factories and connected assets in the emerging Industrial IoT era along with the automation of ...
3 Major Concerns For The Cloud

3 Major Concerns For The Cloud

Concerns For The Cloud With the rise of cloud computing, different concerns about adopting the cloud have arisen over the ...
Understanding Data Governance - Don't Be Intimidated By It

Understanding Data Governance – Don’t Be Intimidated By It

Understanding Data Governance Data governance, the understanding of the raw data of an organization is an area IT departments have ...

RECENT NEWS

Oracle Cloud Unveils New HPC Offerings to Support Mission Critical Workloads

Oracle Cloud Unveils New HPC Offerings to Support Mission Critical Workloads

Oracle Cloud Unveils New HPC Offering Oracle now provides a complete set of solutions for any high performance computing workload, ...
Amazon picks New York City, Virginia for $5 billion new headquarters

Amazon picks New York City, Virginia for $5 billion new headquarters

SAN FRANCISCO (Reuters) - Amazon.com Inc (AMZN.O) said on Tuesday it will build offices for up to 25,000 people in ...
Alibaba's on-demand online services unit valued at $30 billion: sources

Alibaba’s on-demand online services unit valued at $30 billion: sources

HONG KONG (Reuters) - Alibaba Group’s newly formed on-demand online services unit has rocketed in value to as much as ...
Pressure grows on Zuckerberg to attend Facebook committee hearing

Pressure grows on Zuckerberg to attend Facebook committee hearing

Australia, Argentina and Ireland join UK and Canada in urging Facebook CEO to give evidence to parliaments Parliamentary committees from ...
The New Industrial Revolution – According to the WSJ

The New Industrial Revolution – According to the WSJ

The insert in today’s US print edition of the Wall Street Journal is called The New Industrial Revolution. The paper updates ...
Vidya Phalke

Cloud-based GRC Intelligence Supports Better Business Performance

Cloud-based GRC Intelligence

All businesses need a strategy and processes for governance, risk and compliance (GRC). Many still view GRC activity as a burdensome ‘must-do,’ approaching it reactively and managing it with non-specialized tools. GRC is a necessary business endeavor but it can be elevated from a cost drain to a value-add activity. By integrating GRC holistically throughout the organization, and by minimizing manual and duplicative processes through the use of cloud-based tools, firms can benefit from actionable business intelligence and support rapid and informed decision-making.

compliance-cloud

Companies are questioning whether their GRC can be managed more efficiently because there is an increasing number and range of regulatory mandates and risk concerns that demand action. As problems arise, and multiple regulatory and compliance issues need to be addressed, but manual approaches to the day to day practice of GRC can swamp organizations through a constant need to monitor information sources for changes. The planning and implementation of changes often takes place as and when the demands arise.

Where GRC management and implementation occurs within business silos there is duplication of effort and inefficient cost control. There is also limited capability for knowledge sharing and learning across the organization.

Businesses need to tap into a staggering number of information sources to stay alert to changes in regulatory and legal requirements. If this is manual activity it’s a considerable burden. A MetricStream survey of 123 compliance professionals late last year looked at regulatory change management only and found that it is indeed a resource-hungry endeavor for businesses of all sizes.

Manual mind-set

A third of mid-sized businesses revealed they devote between three and ten employees to the activity, over 30 percent of large businesses said they have 21 or more and over 45 percent of small businesses reported one to two.

employees-digital

(Image Source: Shutterstock)

It’s a lot of resource to tie-up on regulatory activity. And a great deal of that resource’s time is spent on manual activities. Over 50 percent of respondents said monitoring regulatory intelligence sources for a new regulation, or changes to existing regulations, is part of their role. The three principal information sources being regulatory agency filings and releases, industry and trade associations and trade industry publications.

Cloud-based technology enables businesses to tap into collated GRC information sources. These can supply multiple information needs in one place and provide updates on regulatory compliance, risk, vendor due diligence and IT risk and compliance. With information brought together in this way, businesses can save valuable time and resource that would be spent on manual searches.

By integrating GRC knowledge with business systems and operations the whole activity can become even more streamlined and effective. The content picked up from the intelligence portal can be streamed automatically as alerts or email notifications.

From these automated alerts, businesses can quickly identify where action needs to be taken, notify relevant departments and individuals and address process and system workflows. Not only does this proactive approach to GRC management save cost and time on manual information scanning, it also helps businesses stay ahead of changes in regulation and compliance. This knowledge is elevated to almost real-time and the action to preserve corporate compliance is quicker and more efficient.

Integration and automation

In the same MetricStream survey, which was conducted late last year, nearly half (48 percent) of compliance respondents advised they still use office productivity software like spreadsheets to track regulatory changes. These traditional methods fail to address large and small enterprises need for compliance issues to be addressed at scale. However,cloud-based GRC intelligence can integrate with GRC systems to seamlessly update multiple policies, procedures and controls. Data sets can be applied across applications, including Enterprise Resource Management (ERM) systems and compliance. The trained risk and compliance personnel who have spent so much of their time market-watching can turn to more productive endeavors such as analysis, forecasting and implementation.

To a great extent, this takes a change of mind-set. It’s a cultural shift to stop viewing GRC as a cumbersome burden, and to instead incorporate it into the fabric of the organization. By adopting such an approach though, and by embracing automation to manage GRC, companies can derive real business value from taking a proactive approach.

GRC intelligence as a governance layer in the cloud can enhance business operations. From rapid change identification and the ongoing analysis of GRC data, quicker and better decision-making results. Integrated and automated GRC management puts companies in a better position to protect the company from contraventions and to perform well. By identifying risk patterns and trends, and using these in business planning the organization can improve its change response.

Fully rounded visibility into risk and compliance demands and GRC activities across the business is a step in the right direction to viewing GRC holistically, instead of in business silos. With GRC intelligence businesses can make more informed decisions and this means reduced risk and better business performance for competitive advantage.

By Vidya Phalke

Vidya Phalke

Vidya Phalke is responsible for MetricStream's technical architecture and strategy. Prior to being promoted to the CTO position, Vidya served as Vice President of Product Management and Engineering where he was responsible for MetricStream's Software Products and Platform Delivery. Starting with MetricStream in 2003, Vidya has been instrumental in developing an industry-leading GRC software platform. Before joining the software industry, Vidya earned a PhD in Computer Science from Rutgers University, where he won two Small Business Innovation Research grants for his research on databases and network optimization.

Cloud Community Supporters

(ISC)²
Cisco
SAP
CA Technologies
Dropbox

Cloud community support comes from (paid) sponsorship or (no cost) collaborative network partnership initiatives.