Current Campaign


Latest Archives

  1. August 23, 2010 Getting Serious about Risk Monitoring Posted in: Daily News with: 0 comments

  2. August 17, 2010 Y211? And other Risks . . . Posted in: Daily News with: 0 comments

  3. August 10, 2010 Video Spills on Government Fraud Posted in: Daily News with: 0 comments

  4. August 5, 2010 Re-Inventing the Internal Auditor? Posted in: Daily News with: 0 comments

  5. August 3, 2010 The Guidance Gauntlet Posted in: Daily News with: 0 comments

  6. July 30, 2010 Stopping the Spreadsheet Scourge Posted in: Daily News with: 1 comment

  7. July 21, 2010 Robbing Risk Management to Pay Receivables Posted in: Daily News with: 0 comments

  8. July 15, 2010 Trailblazing Uncle Sam Posted in: Daily News with: 0 comments

  9. July 13, 2010 CCM Momentum Posted in: Daily News with: 0 comments

  10. July 8, 2010 Introducing Approva One On Demand Posted in: Daily News with: 0 comments

Recent Articles

GRC – Not Just Another Tech Acronym

Posted on October 25th, 2007 by Steve Elliott »Permalink

In the technology industry, three-letter acronyms seem to sprout faster than mushrooms in a forest. Some fade quickly (does anyone remember ERM?), others linger and only a few stand the test of time (e.g. PLM, CRM, SCM, ERP). Governance, Risk & Compliance (GRC) is the latest addition to the three-letter soup.

Time will tell whether GRC will find its place in the acronym hall of fame or not. But one thing that’s clear – however you define it – is that “GRC” is fundamentally different than the business problems that these other software categories are tackling. While the list of differences is long, here are a few of the more obvious ones that come to mind:

·First, “GRC” is inherently a dispersed problem that is not owned by any single group or individual. It’s about every person (and group) in an organization doing their part.

·Second, the business processes that facilitate good governance, risk & compliance are unique to each company, country and industry. Enterprise software companies are notorious for imposing rigid business processes on their customers that match the features and functions they’ve developed in their applications. That won’t fly when it comes to GRC. My conversations with customers and partners make it clear that companies are looking for solutions that layer on top of their existing processes and applications – not something that’s going to force large-scale business process re-engineering.

·Finally, most companies – even small and medium-sized ones – have dozens, if not hundreds of applications that they must factor into their GRC programs. The trick to making GRC programs cost-effective is to standardize your approach to controls and control monitoring across all applications. An application-by-application approach to GRC simply duplicates effort.

The business press is already starting to look at where GRC is headed. CFO Magazine has a good article that summarizes the different angles of the debate. In any case, whether the GRC acronym (and its status as an all-encompassing category of software) fades, lingers or ultimately stands the test of time the one thing that is clear is that governance, risk and compliance activities are firmly ensconced on the priority list of executives.

– Prashanth “PV” Boccasam, CEO of Approva

Tags: , ,

Bookmark and Share

This entry was posted on Thursday, October 25th, 2007 at 8:53 am and is filed under Executive Spotlight. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

One Response

  • Internet Banking Wrote
    not yet rated
      

    February 4th, 2010 at 2:55 am

    I was just chatting with my coworker about this last week over lunch . Don’t remember how in the world we got on the subject actually , they brought it up. I do recall eating a amazing steak salad with ranch on it. I digress…

Leave a Reply