• Home
  • About Us
  • Contact Us
  • Privacy Policy
  • Special Offers
Business Intelligence Info
  • Business Intelligence
    • BI News and Info
    • Big Data
    • Mobile and Cloud
    • Self-Service BI
  • CRM
    • CRM News and Info
    • InfusionSoft
    • Microsoft Dynamics CRM
    • NetSuite
    • OnContact
    • Salesforce
    • Workbooks
  • Data Mining
    • Pentaho
    • Sisense
    • Tableau
    • TIBCO Spotfire
  • Data Warehousing
    • DWH News and Info
    • IBM DB2
    • Microsoft SQL Server
    • Oracle
    • Teradata
  • Predictive Analytics
    • FICO
    • KNIME
    • Mathematica
    • Matlab
    • Minitab
    • RapidMiner
    • Revolution
    • SAP
    • SAS/SPSS
  • Humor

Lose The Myths And Step Towards A GRC Digital Transformation (Part 2)

October 24, 2018   BI News and Info
 Lose The Myths And Step Towards A GRC Digital Transformation (Part 2)

Part 2 of a 2-part series. Read Part 1

In Part 1 of this series, I identified four common myths preventing companies from transforming their governance, risk, controls, and compliance. Today, I’ll reveal the rest in my Top 10 list.

5. IT needs to lead the GRC project.

GRC is powered by technology, but that doesn’t mean IT will lead the project. The objective of GRC is to centralize all risk management areas (internal control, risk, audit, compliance, IT) and unify a single source of truth to promote oversight of the company.

Because IT knows about technology, and risk areas know about risk and compliance activities, they both play a fundamental role in supporting in a successful GRC implementation. But the risk areas lead the project.

6. GRC is difficult and takes too much time to implement.

It is true that implementing a GRC solution is a demanding project. It demands that you review and update information, business processes, risk maturity levels, business process, owners, and so on. If your company doesn’t have a solid risk and compliance practice, your GRC project will take more time as you construct that solid infrastructure to start taking advantage of the benefits of the solution.

But the good news is that all these pieces are part of the GRC implementation. And you can also start by implementing one module at a time (take a look at the next “myth”).

7. To realize benefits, we must implement the complete functionality.

When you choose GRC solutions that are focused on the three lines of defense framework, you can start by implementing the most mature line (controls, risk, or audit) and go from there.

For example, if your company’s risk management process is the most mature, you could start using risk management software to align your risks with business-value drivers. Or, if your auditors and audit reports are spread across the enterprise, centralize their efforts in an audit management solution to optimize your resources and gain visibility.

If two of the three lines are solid – controls and risk management, for example – you could preserve and grow business value by adding in process control and risk management functionality to share processes, risks, and controls across the enterprise.

The key is not to give up until you have everything ready, whether you start with the most mature line or start maturing all your lines all at once.

8. GRC is expensive.

If you’re evaluating the investment to acquire a GRC solution versus the cost of manual activities, you will probably identify it as being expensive.

But be careful, because this evaluation fails to take into account the benefits provided by an automated solution:

  • Increase scope and coverage for risk mitigation activities to safeguard the company
  • Reduce the cost and time of early detection of cash leakage, frauds, or anomalies to avoid financial losses
  • Reduce ongoing cost for demonstrating compliance
  • Improve team effectiveness and efficiency

Becoming aware of these opportunities may change your cost/benefit analysis.

By the way, it’s important to mention that there are many flexible deployment options to reduce time and cost to implement GRC solutions in your company.

9. GRC is a nice-to-have, not a must-have, solution.

We have never faced so many risks as we do at this moment. We face financial, operational, reputational, technology, compliance, environmental, human capital, and governmental risks. Translating this, we face more complicated frauds, cash leakage, money laundering, data protection, cybersecurity attacks, modern slavery, social media, new governments, and so on.

Companies need visibility like never before – to know what they’re facing so they can avoid or mitigate the impact or the probability that something undesirable will occur. A modern GRC strategy isn’t just desirable. It’s necessary.

10. We don’t need a GRC solution.

It is difficult to argue against this way of thinking because sometimes it’s due more to a cultural attitude than a pure business decision. Some people or companies aren’t proactive; instead they react when something happens and they suffer a major impact. Then they realize the importance of having a risk mitigation strategy.

If you’re a supporter of a GRC solution and your company doesn’t see the importance of proper risk management, keep pushing! Raise the importance of the topic and prepare the company for the next level.

Bottom line

Companies are facing too much uncertainty these days to leave their risk management to chance – or to operate under these 10 myths (and misunderstandings) about GRC solutions.

Taking steps towards a governance, risk, controls, and compliance digital transformation will ensure that you’re armed with the right information to face GRC challenges however and whenever they come.

For more on this topic, read The State of Risk Management in 2018.

This article originally appeared on the SAP Analytics blog and is republished by permission.

Follow SAP Finance online: @SAPFinance (Twitter)  | LinkedIn | Facebook | YouTube

Let’s block ads! (Why?)

Digitalist Magazine

digital, Lose, Myths, Part, Step, towards, Transformation
  • Recent Posts

    • The Neanderthals
    • What the swarm of new Azure announcements mean
    • Importance of Integrating SharePoint and Dynamics 365 in an SMB
    • InfoWars Surrenders
    • Invest Your Time in the Right Skills to Become a Data Scientist in 2021
  • Categories

  • Archives

    • March 2021
    • February 2021
    • January 2021
    • December 2020
    • November 2020
    • October 2020
    • September 2020
    • August 2020
    • July 2020
    • June 2020
    • May 2020
    • April 2020
    • March 2020
    • February 2020
    • January 2020
    • December 2019
    • November 2019
    • October 2019
    • September 2019
    • August 2019
    • July 2019
    • June 2019
    • May 2019
    • April 2019
    • March 2019
    • February 2019
    • January 2019
    • December 2018
    • November 2018
    • October 2018
    • September 2018
    • August 2018
    • July 2018
    • June 2018
    • May 2018
    • April 2018
    • March 2018
    • February 2018
    • January 2018
    • December 2017
    • November 2017
    • October 2017
    • September 2017
    • August 2017
    • July 2017
    • June 2017
    • May 2017
    • April 2017
    • March 2017
    • February 2017
    • January 2017
    • December 2016
    • November 2016
    • October 2016
    • September 2016
    • August 2016
    • July 2016
    • June 2016
    • May 2016
    • April 2016
    • March 2016
    • February 2016
    • January 2016
    • December 2015
    • November 2015
    • October 2015
    • September 2015
    • August 2015
    • July 2015
    • June 2015
    • May 2015
    • April 2015
    • March 2015
    • February 2015
    • January 2015
    • December 2014
    • November 2014
© 2021 Business Intelligence Info
Power BI Training | G Com Solutions Limited