Governance, Risk & Compliance (GRC) programmes are no longer a ‘tick-the-box’ exercise for organisations. Information technology advancements are better enabling GRC management software to become sophisticated enough to anticipate likely incidents and implement better controls, while also offering insights that can inform business opportunities and strategy.
GRC professionals are now adept at gathering, administering and scrutinising a vast and contrasting volume of data from multiple sources in order to fulfill their mandate of addressing enterprise-wide risks.
“Sustained technological innovation and disruption will ensure that the GRC function continues to evolve. Big Data and advanced analytics are increasingly helping risk and compliance professionals to uncover substantial risks earlier but can now also provide the actionable business insight that boards and executives need to facilitate informed decision-making and ethics and integrity management on behalf of the organisation,” says Bosman Stramrood, General Manager: Lexis GRC at LexisNexis.
Stramrood adds that company leadership must, however, first understand what insights they need in order to make good strategic and operational decisions. Companies that invest in and effectively draw value from their data will achieve clear gains over their competitors.
“The available data can help to pinpoint trends and parallels that will guide positive changes in organisational conduct. This organisational information can then be further enriched with external sources,” he says.
Just some of the advanced technologies now available include data visualisation and statistical analysis.
GRC data enables the business to retrieve and manage a vast amount of information that can aid in building a more risk savvy organisation. Boards can then take positive actions, strengthening controls, changing policy and procedures and completely mitigating similar reputational threats in the future.
“Solutions that seamlessly combine available technologies with numerous data sources are those that will enable enhanced, sharper, real-time and fact-based decision-making for executive boards,” says Stramrood.
An example is Lexis GRC, which now boasts improved and interactive business intelligence dashboards as well as data visualisation tools. These bring case management to life through intuitive, audience-appropriate reporting views and interactive capabilities that aggregate or isolate risk hotspots.
Graphical reports on data from all modules is instantaneously available on management dashboards which could be used for day-to-day status updates, meetings, board-packs, etc. and exported in predefined, multi-format reports from PDF to Word to Excel. An action manager across components allows the user to set up tasks and actions from all components to ensure follow up, tracked history and audit trails. Notifications integrate with the user’s e-mail system.
This customisable software solution enables users to determine the modules that are most important to their business – starting with creating their own risk registers from the legal universe provided and isolating relevant acts and legislation that apply to their organisation. From there, the sophisticated GRC software will help identify areas that could potentially impact the business – and can be scaled up as the business changes.
Edited by Daniëlle Kruger
Follow Daniëlle Kruger on Twitter
Follow IT News Africa on Twitter