The Role of Technology in GRC

Email     |     Share  
1 | 2 | 3 | 4 | 5 | 6 | 7
Next The Role of Technology in GRC-5 Next

Personalizing GRC.

To be successful with GRC, GRC has to be baked into the organizational culture. Everyone within the organization as well as in the extended supply chain needs to be GRC 'aware' and 'doing the right thing' without doing anything more than they usually do. This means that GRC has to be personal, at everyone's fingertips, and woven into their daily professional lives – it must be available in mobile devices and in email clients as well as in the day-to-day operational IT systems that every working employee uses. It must be available within ERP systems and travel and expense systems as well as supplier interaction systems. And, all this with an interface so easy to use that the average banana-picker in the plantation should have no trouble using it.

The basic concept of GRC (governance, risk and compliance) is simple – (1) say what you need to do and make sure everyone knows about it, (2) make sure you proactively look at risks, and put controls in place to mitigate the risks, and (3) monitor the controls you put in place to make sure they are working. In other words, put objectives and policies in place to reflect your strategy and regulatory commitments; periodically review the related risks; ensure that controls are in place, and audit the controls.

Say you work for 'The Wide World of Bananas, Inc.' growing and shipping bananas. Now, when everyone in your company knows why they are peeling bananas, which bananas they should peel, where the fallen peels are, and then consistently walks around them (or picks them up and tosses them into the trash bin) … then you have a company that is shipping a lot of high-grade bananas without falling down too often. Better GRC means better business. Easy.

Of course, growing and shipping bananas is not really that simple. You probably have your own banana plantations, and source some other bananas from third parties. You probably have a facility where you wash and shine all those bananas. You most likely ship those bananas to other countries. There is the IT department, for any self-respecting banana shipper needs 'Big Data' and iPads … and let's not forget the bean counters who really are counting bananas in this case.

In reality, any business looks somewhat like the banana business - with suppliers, suppliers' suppliers, facilities, manufacturing, R&D, quality, IT, finance, HR … and lots of people. And let's not forget all the regulations! Financial reporting regulations, export regulations, data privacy regulations, health and safety regulations … there's probably a good reason behind each and every one of them. Clearly the business of doing business is not simple, and if we are to achieve any measure of success by applying GRC across the board, we need technology. Here's how technology can enable and support GRC, as identified by Vasant Balasubramanian, MetricStream's vice president of product management.


Related Topics : A Big Market for Big Data Jobs, Midmarket CIO, IT Management Automation, SharePoint, Technology Markets

More Slideshows

IT_Man89-290x195 9 Tips for Running a 'Tween' Company

Advice and tips for entrepreneurs and companies that are no longer startups but not quite ready for an IPO, also known as "tweens." ...  More >>

IT_Man88-190x128 Top 5 Trends Affecting Women-Owned Micro Businesses

Learn more about the challenges and opportunities presented to women leaders, especially micro-business owners. ...  More >>

Analytics21-190x128 5 Ways to Avoid Becoming 'Digital Prey'

Future IT leaders will need to seek technologies that eliminate silos in order to deliver the right information to the right person within the right application environment at the right time. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.