Blue Hill Research found that companies experiencing Worst-Case GRC implementations largely shared: (1) limited consideration of underlying business needs and process change, (2) lack of involvement of IT stakeholders and consideration of IT needs in implementation planning, (3) big bang solution rollouts, and (4) a large degree of solution customization. The various delays and costs[…]
Moving from strategic planning to GRC implementation planning, Blue Hill Research found similar trends in how organizations experiencing Worst-Case GRC implementations overlooked key perspectives, primarily those of IT leadership. Additionally, Blue Hill Research found a preference for big bang deployment strategies with the intent to put all planned functionality in place at once. Largely as[…]
Blue Hill Research found significant differences in the characteristics, strategies, and methods adopted. In order to isolate factors with a determinative effect onGovernance, risk, and compliance implementation project success or failure, Blue Hill Research removed several characteristics that necessarily related to the cost and length of the GRC implementation. These factors included: (1) the scope of[…]
Governance, risk, and compliance (GRC) solutions provide value by helping organizations to manage the complexity of information management, process execution, and stakeholder coordination in light of increasing volatility, regulatory complexity and change, and other concerns. The resulting benefits generally relate to improved visibility into and mitigation of risk factors while reducing manual efforts on the[…]
This is Part One of a four-part blog series on ERM that is from guest blogger Michael Rasmussen of GRC 20/20 Research. Organizations take risks all the time but fail to monitor and manage risk effectively for the enterprise. A cavalier approach to risk-taking results in disaster, providing case studies for future generations on how[…]