Organizations need to be agile, not just resilient. Agility is the ability to see what is coming at the organization and allow the organization to adjust and navigate to use the environment to its advantage to seize opportunities while avoid or mitigate hazards and harms. Resiliency is the ability to spring back and recover from an event and minimize loss and exposure. Both are needed in today’s dynamic business environment, but their needs to be focus on agility and not just resiliency.
Take the analogy of running. If I am running down the street and trip over a pothole or curb, resilience is how quickly can I recover and get up and start running again. Agility is to see what is coming at me on the horizon and see the obstacle, like a curb or pothole, and leap over it, go around it, or if I am doing some type of parkour use it to my advantage to spring into a flip to amaze all those around me.
We are migrating from the era of GRC 4.0 – Agile GRC to the new era of GRC 5.0 – Cognitive GRC. Agile GRC is still there and is the foundation for Cognitive GRC. Agile GRC is a complete re-architecture of GRC to be flexible, adaptable, configurable, and intuitive while increasing efficiency, effectiveness, and agility. Agile GRC technologies have a lower cost of ownership in implementation and ongoing maintenance cost and do not break on upgrades. They replace older legacy GRC software that struggled with these issues.
Cognitive GRC, GRC 5.0, builds on Agile GRC by leveraging cognitive technologies such as machine/deep learning, predictive analytics, natural language processing, neural networks, blockchain, and robotic process automation to make GRC processes even more efficient, effective, and agile in today’s dynamic, disrupted, distributed business environment.
It is with Cognitive GRC we can contextualize current operations and data to see risks, controls, gaps, issues and such that operational impact us now or in the near future to increase our resiliency. It is with Cognitive GRC that the organization can conduct horizon scanning of risks, opportunities, and regulations that are starting to trend one, two, or three years out to prepare scenarios for scenario analysis so the organization can achieve greater agility to navigate the environment and prepare the organization.
I am excited to see new capabilities being added on to Agile GRC solutions to achieve and deliver on the vision I have had for Cognitive GRC for several years. These solutions make organizations more agile and resilient int regulatory change, risk trending/monitoring, control and process automation, assurance, and much more.
As you look to upgrade or implement GRC related solutions (whether focused on a specific area or a broad enterprise platform) it is critical that you include requirements for Cognitive GRC to keep the edge on the organization in an environment that is fraught with risk and disruption.
In the words of the physicist Fritjof Capra,
“The more we study the major problems of our time, the more we come to realise that they cannot be understood in isolation. They are systemic problems, which means that they are interconnected and interdependent.”
It is with Cognitive GRC that we can start seeing and reacting to these systemic risks in real-time as they develop on the horizon or impact us operationally in the here and now.