Current Campaign


Post of Note

August 13, 2008 Is Corporate Governance A Myth?

Executive Spotlight

Latest Mediacast

What Is Cross Platform vs. Cross Application?

Brian Groves, Senior Director, Product Marketing, Oracle, discusses Approva’s cross platform and cross application functionality.

Latest Archives

  1. July 29, 2008 Novel Ideas for Beating the Summer Heat (Sydney, anyone?) Posted in: Daily News with: 0 comments

  2. July 24, 2008 Wa-wonh: Latest from the Debbie Downer Daily News Posted in: Daily News with: 0 comments

  3. July 22, 2008 Protecting Privacy (and promoting partnerships) Posted in: Daily News with: 0 comments

  4. July 21, 2008 Approva and E&Y Working Together on Risk and Controls Analytics Solutions Posted in: Approva News with: 0 comments

  5. July 18, 2008 Summer Fun for Internal Auditors Posted in: Daily News with: 0 comments

  6. July 16, 2008 The Value of Good Governance Posted in: Post of Note, Industry News with: 0 comments

  7. July 14, 2008 The SEC is Cracking Down on Rumor Mongers and Other News Posted in: Daily News with: 0 comments

  8. July 8, 2008 Talkin’ Bout A Regulation (or Two) Posted in: Daily News with: 0 comments

  9. July 7, 2008 Loving a Good Audit — And a Good Auditor Posted in: Post of Note with: 0 comments

  10. July 2, 2008 Audit Committees Losing Sleep? Posted in: Daily News with: 0 comments

  11. July 1, 2008 Bay Area Bulletin: Approva to Present at IIA Conference July 7 Posted in: Approva Events with: 0 comments

  12. June 30, 2008 GAAP Gabbing and Exec Paying Posted in: Daily News with: 0 comments

  13. June 27, 2008 Sharing the Wealth: Why Boards Should be Using Continuous Controls Monitoring Posted in: Post of Note, Industry News with: 0 comments

  14. June 25, 2008 Subprime Arrests and Dependent Tests Posted in: Daily News with: 0 comments

  15. June 18, 2008 Governance and the Big Guys Posted in: Daily News with: 0 comments

Recent Articles

GRC - Not Just Another Tech Acronym

Posted on October 25th, 2007 by PV Boccasam »Permalink

In the technology industry, three-letter acronyms seem to sprout faster than mushrooms in a forest. Some fade quickly (does anyone remember ERM?), others linger and only a few stand the test of time (e.g. PLM, CRM, SCM, ERP). Governance, Risk & Compliance (GRC) is the latest addition to the three-letter soup.

Time will tell whether GRC will find its place in the acronym hall of fame or not. But one thing that’s clear – however you define it – is that “GRC” is fundamentally different than the business problems that these other software categories are tackling. While the list of differences is long, here are a few of the more obvious ones that come to mind:

·First, “GRC” is inherently a dispersed problem that is not owned by any single group or individual. It’s about every person (and group) in an organization doing their part.

·Second, the business processes that facilitate good governance, risk & compliance are unique to each company, country and industry. Enterprise software companies are notorious for imposing rigid business processes on their customers that match the features and functions they’ve developed in their applications. That won’t fly when it comes to GRC. My conversations with customers and partners make it clear that companies are looking for solutions that layer on top of their existing processes and applications – not something that’s going to force large-scale business process re-engineering.

·Finally, most companies – even small and medium-sized ones – have dozens, if not hundreds of applications that they must factor into their GRC programs. The trick to making GRC programs cost-effective is to standardize your approach to controls and control monitoring across all applications. An application-by-application approach to GRC simply duplicates effort.

The business press is already starting to look at where GRC is headed. CFO Magazine has a good article that summarizes the different angles of the debate. In any case, whether the GRC acronym (and its status as an all-encompassing category of software) fades, lingers or ultimately stands the test of time the one thing that is clear is that governance, risk and compliance activities are firmly ensconced on the priority list of executives.

- Prashanth “PV” Boccasam, CEO of Approva

Tags: , ,

This entry was posted on Thursday, October 25th, 2007 at 8:53 am and is filed under Executive Spotlight. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply