-
GRC was still in its infancy. Fast forward to 2022 and it’s no longer considered an orphan process. This is now a company-wide concern, permeating every decision from the C-suite to the shop floor. And the evolution shows no signs of slowing down, as the latest solutions are changing how his GRC process is implemented and embedded into the day-to-day operations of his organization. So what does the future hold? With risks accelerating, we must look to the past to understand the challenges that will shape tomorrow’s landscape.
past
Historically, the GRC market has been underserved. Looking back at his turn of the 20th century, when markets began to shape, everyone did things differently and there was no standardization or best practices for companies to follow. It turns out that different companies did things in different ways, doing certain aspects of the broader GRC framework while ignoring others.
This is primarily due to how the GRC was commissioned. We didn’t start from scratch, and we didn’t go in one direction. Instead, it grew out of a collection of concerns ranging from the 2001 Enron scandal and his SOX launch to the 2008 financial crisis, concerns about financial management, and guarantees about publicly traded company filings.
Since then, the GRC market has evolved significantly as risk management methodologies and processes have become more sophisticated to provide quantitative results. Today there is far less ambiguity than before thanks to software solutions developed to help the organization manage his GRC process.
Providing quantitative results
However, there are still inconsistencies between GRC requirements and much of the software used to meet them. Organizations crave functionality and flexibility, but many still struggle with highly complex platforms that fail to deliver the quantifiable and measurable results they need today.
The good news is that companies are now investing heavily in GRC. Organizations adopt software, implement policies, and provide resources to implement effective GRC systems. A lot of this was clearly due to compliance and contractual requirements. But companies are starting to tie the value of his GRC to their bottom line.
However, many organizations in the current situation still face challenges when it comes to using GRC systems effectively. Part of the problem is that GRC is becoming increasingly siloed. At best it’s a company-wide integrated thing, at worst it’s treated as nothing more than a ticking exercise. A company that creates secure and fast supplier onboarding.