2015-11 How to Purchase Enterprise GRC Platforms

Understanding the Variety of GRC Intelligence & Content Solutions

There are lots of GRC solutions available in the market, most of which do not even call themselves GRC as they are laser focused in specific GRC areas. In fact, I have mapped 843 GRC technology solution providers into and across 17 primary segments of the GRC market (and may sub-segments).

Competition in RFPs, RFI, general sales situations can be tough. When it gets down to it, what can make or break a sale in an organization can often depend on what content you provide in your solution. GRC content and intelligence has become a critical differentiator in GRC opportunities across the board. I have seen enterprise GRC, IT GRC, EH&S, policy management, risk management, and audit management opportunities that were won or lost based on what content was provided and included in the solution.

Content and intelligence integration has become one of the determining factors in selecting GRC related technologies. I am amazed at the number of GRC technology solutions that do not pay much attention to this.

One recent organization I interacted with thought they had a technology winner in the RFP only to find out that the content they thought was there was dated and not kept current. Despite promised feeds for updates, they simply were behind and the content was not current.

Another RFP that is just going out has it as mandatory that the GRC solution (focused on compliance and EH&S) have a very detailed range of compliance regulatory content that is provided and kept current as part of the solution (or integrated with it).

GRC 20/20 has just finished the 2016 update and mapping of GRC content and intelligence solutions. There are 139 GRC content and intelligence providers that combined have over 425 distinct GRC related content and intelligence offerings. GRC solution providers can spend days trying to identify and map potential content partners (it takes me weeks every year keeping data current in this market area).

Or you can attend Monday’s Research Briefing on 2016 Market Overview of GRC Content & Intelligence Providers which will segment, detail, and list providers of GRC Content & Intelligence solutions that supplement GRC related technologies across the following categories (this is essential to solutions looking to expand GRC intelligence and content relationships in their technology solutions, do not miss it):

  • Audit Template & Workpaper Libraries
  • Benchmarking Solutions
  • Control Libraries
  • Compliance Forms & Templates
  • Due Diligence & Financial Monitoring
  • EH&S Libraries
  • Geo-Political Risk Monitoring
  • Industry Risk & Regulatory Reporting
  • Legal Cases & Analysis
  • Loss & Incident Databases
  • Negative News Monitoring
  • Policy Libraries
  • Regulatory Intelligence (actionable insight on reg change, not just a library)
  • Regulatory Libraries
  • Reputation & Brand Monitoring
  • Risk Libraries (including KRI, risk registers)
  • Risk Forms & Templates
  • Sanction / Watch Lists (including PEP lists)
  • Third Party Forms & Templates
  • Third Party Monitoring
  • Third Party Shared Assessments
  • Threat & Vulnerability Monitoring
  • Training Libraries
No comments yet.

Leave a Reply