Now lets talk about automation of GRC, and this is the part where the majority of the industry “pundits” are typically focused on.
Consider the set of processes that a GRC team executes on a day to day basis. In the absence of a robust automation platform, it is a lot of work with countless moving parts that keep changing the risk and compliance posture at the speed of business. Human error could easily lead to inaccurate reporting of business alignment and performance back to the executive leadership.
It is understood that if these GRC processes are not yielding results as intended, either because they are outdated, or simply inaccurate or incomplete, then automation of these processes would not fix such foundational issues and the implementation would not yield expected results.
Make no mistake that if GRC processes are not effective, automation will follow the logic of “garbage in, garbage out”.
So when an organization embarks on implementation of a GRC automation platform, the first step that ought to be taken is to ensure that GRC processes are effective (complete, accurate, up to date). Then proceed with the implementation.
Once the likes of RSA Archer, Lockpath Keylight, ServiceNow, etc., are implemented, a GRC team can quickly start to gain operational efficiencies, and that is, the true business value of GRC automation.
About the Author:
Faisal Ansari is a senior executive, a keynote speaker, and most importantly, an experienced practitioner in the domains of Information Privacy, Enterprise Risk, Cybersecurity, and Compliance. Having served global clients across a wide spectrum of industries, Mr. Ansari has also contributed to authorship of several international standards and frameworks from ISO, ISACA, and NIST.
Your Thoughts and Comments:
Author of this Trusted Insight would love to hear from you, and welcomes your feedback, comments, and suggestions to improve this article for the greater good of the business community. You can reach the author at firstname.lastname@example.org.
Thanks for visiting this Trusted Insight. Check out our other articles on this topic, as well as relevant service offering pages displayed on the right side of this article for more information on how we can be a catalyst to the success of your business initiatives.