Considerations in Selection of a Compliance Management Solutions
Compliance is pervasive throughout organisations. There are many departments that manage compliance with a variety of approaches, requirements, and views into compliance. Because of the reach and impact of compliance initiatives, the decision to purchase compliance solutions can quickly evolve into an extensive process, involving dozens of stakeholders and requiring various approval procedures. Compliance professionals often find themselves having to explain the necessity and value of new compliance solutions — as well as combatting pressure to “make it work” with existing systems. This is further complicated by the variety of technology solutions available to manage compliance. Some are broad enterprise compliance platforms, while other compliance solutions focus on specific departments or compliance issues/obligation.
Whether for a department compliance management need, or to manage enterprise compliance across the organization, compliance management solutions are in demand. Recent RFP and inquiry trends that GRC 20/20 is involved with show a growing demand for compliance management solutions. There are several hundred solutions available in compliance management with varying capabilities and approaches. Organizations need to clearly understand the breadth and depth of their requirements, map these into compliance solution capabilities, and understand that there is no one size fits all solution for compliance management no matter what solution providers may say. It has become a complex segment of the GRC market to navigate, understand, and find the solution(s) that are the perfect fit for your organization.
In this Research Briefing GRC 20/20 provides a framework for organizations evaluating or considering compliance management platforms and more focused compliance solutions.
- Defining & Understanding Compliance Management
Definition, Drivers, Trends & Best Practices
- Critical Capabilities of a Compliance Management Platform
What Differentiates Basic, Common, & Advanced Solutions
- Considerations in Selection of a Compliance Management Platform
Decision Framework & Considerations to Keep in Mind
- Building a Business Case for Compliance Management
Trajectory of Value in Effectiveness, Efficiency & Agility
The GRC Pundit will help organizations . . .
- Define and scope the compliance management market
- Understand compliance management drivers, trends, and best practices
- Relate the components of what makes a compliance management platform
- Identify core features/functionality of basic, common, and advanced compliance management platforms
- Map critical capabilities needed in a compliance management platform
- Predict future directions and capabilities for compliance management
- Scope how to purchase compliance management platforms in a decision-tree framework
- Discern considerations to keep in mind as you evaluate compliance management solutions
- Compliance and broader business professionals with responsibilities for compliance management
- Compliance solution providers offering compliance management solutions
- Compliance professional service firms advising organizations on compliance management
- Compliance content & intelligence providers that provide compliance content, intelligence and templates
Michael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.
©GRC 20/20 Research, LLC. All Rights Reserved.
No part of this publication may be reproduced, adapted, stored in a retrieval system or transmitted in any form by any means, electronic, mechanical, photocopying, recording or otherwise, without the prior permission of GRC 20/20 Research, LLC. If you are authorized to access this publication, your use of it is subject to the Usage Guidelines established in client contract. The information contained in this publication is believed to be accurate and has been obtained from sources believed to be reliable but cannot be guaranteed and is subject to change. GRC 20/20 accepts no liability whatever for actions taken based on information that may subsequently prove to be incorrect or errors in analysis. This research contains opinions of GRC 20/20 analysts and should not be construed as statements of fact. GRC 20/20 disclaims all warranties as to the accuracy, completeness or adequacy of such information and shall have no liability for errors, omissions or inadequacies in such information. Although GRC 20/20 may include a discussion of related legal issues, GRC 20/20 does not provide legal advice or services and its research should not be construed or used as such.