2022 GRC Research Year in Review

Written by The GRC Pundit

Published on2023-01-12Updated on2023-01-12DiscussionLeave a Comment on 2022 GRC Research Year in Review

Wow! 2022, what a rollercoaster of a year for GRC – governance, risk management, and compliance. Top discussions this past year have been around ESG, risk agility, resilience, third-party risk in the extended enterprise, compliance and regulatory change, and policy management. We are still feeling the impact of the COVID pandemic combined with geopolitical risk tensions further confounded by economic and global uncertainty.

However, times of uncertainty brings a boom to GRC related solutions and services. GRC 20/20 has never been so busy than at this very moment. While the activity is global, there is a lot of particular GRC market activity coming out of the United Kingdom and Europe right now.

The top GRC 20/20 social media post, by far, this past year was on LinkedIn:

HEAR ME – no organization can address #ESG without good #policymanagement and #policyengagement with training. ESG gets codified in policies from #codeofconduct down into #environmental policies, #socialaccountability policies, and the range of #governance policies. The measure of integrity to ESG comes down to policy engagement and enforcement to employees. 

Follow GRC 20/20 on LinkedIn and Twitter.

Below is a summary of the research blogs and papers that GRC 20/20 has published throughout 2022 organized by topic area.

As always, you can ask GRC 20/20 Research questions in the context of governance, risk management, and compliance strategies and processes, as well as solutions available in the market we cover in our objective market research through the inquiry process. Every week GRC 20/20 is answering between 15 and 20 inquiries from organizations looking for advice on solutions and services to engage as they navigate the hundreds of solutions av ailable in the GRC market . . .

Enterprise GRC and the Broad GRC Market

Research Reports

• 2022: State of the GRC Market
• 2022: How to Market & Sell GRC Solutions
• 6clicks: Delivering Hub & Spoke GRC Engagement

Blogs

• State of GRC: A Future of Agility, Resiliency & Integrity
• Measuring Value: Making GRC Processes Efficient, Effective, and Agile
• Rasmussen’s Strategic Pillars of GRC: Agility, Resiliency, Integrity
• GRC Done Right Starts With the Business: Objectives, Performance, Processes
• COGNITIVE GRC: Enabling Regulatory Change Management
• Cognitive GRC (GRC 5.0): Enabling Enterprise Risk Agility & Resilience
• Agile & Cognitive GRC: a New Generation in GRC Solutions
• Building a Mature GRC Program: The Top 5 Considerations
• How to Build your GRC Strategy in an ESG Era
• GRC 20/20’s 2021 Research Year in Review

Risk & Resiliency Management

Research Reports

• Risk & Resilience Management by Design: an Integrated Approach to Risk & Resilience Management
• Risk & Resilience Management Maturity Model
• Fusion Risk Management: Enabling Integrated Risk & Resilience Management

Blogs

• Where Risk Management Strategy & Technology Fail . . .
• Checklist to Measure & Improve Risk & Resilience Maturity
• Advancing Your Organization’s Risk and Resilience Maturity
• Five Stages of Risk and Resilience Maturity
• IRM Risk Predictions 2022
• Rethinking Risk Across the Enterprise
• A New Paradigm in Risk, Resiliency & Continuity Integration
• 360° Visibility into Risk & Resilience
• Got Risk Management? You Think You Do . . .

ESG – Environmental, Social, Governance

Blogs

• ESG and the Geopolitical Complexities of Supplier Risk
• Practically Understanding and Delivering ESG in Today’s Organization
• ESG: The Foundation is Built on Policies
• How to Operationalize ESG with GRC
• How to Build your GRC Strategy in an ESG Era
• Ways to Enhance Your Social Accountability/Sustainability Program
• GRC 2020’s Key Tips for ESG Reporting in 2022 

Corporate Compliance & Ethics Management

Research Reports

• Skillcast: Delivering Compliance Engagement to the Organization

Blogs

• The Exposure of Compliance at the Frontlines of the Organization
• The Human Firewall: Essential to Organizations
• Operationalize Compliance to Ensure 360° Visibility into Operational Resilience 
• How do you add compliance controls in different parts of your business?
• Strategies to Drive Compliance Operationalization
• Providing Compliance Defensibility

Third-Party (e.g, Vendor/Supplier) GRC Management

Research Reports

• 360° Risk Intelligence in the Extended Enterprise
• ProcessUnity: Delivering Value in Third Party Risk Management
• CISO: a Critical Role in Resilience in the Extended Enterprise

Blogs

• ESG and the Geopolitical Complexities of Supplier Risk
• Where Third-Party Risk Strategy & Technology Fail . . .
• Delivering 360° Third-Party Risk Situational Awareness
• 360° Risk Intelligence in the Extended Enterprise

Policy Management

Research Reports

• MetaCompliance: Delivering Policy Management & Engagement

Blogs

• Where Policy Management Fails
• Strengthen Your Cybersecurity Management Policy With the Human Firewall
• ESG: The Foundation is Built on Policies
• The Human Firewall: Essential to Organizations
• Policy Management Maturity: Level 2 – Fragmented
• Policy Management Maturity: Level 1 – The Ad Hoc

IT GRC Management

Research Reports

• CISO: a Critical Role in Resilience in the Extended Enterprise

Research Reports

• Strengthen Your Cybersecurity Management Policy With the Human Firewall
• Improving FedRAMP: Federal Procurement & Risk Management

Environmental, Health & Safety (EHS)

Blogs

• How EHS Software Facilitates Risk Data Collection, Improves Data Accuracy & Streamlines Reporting 

Internal & Automated Control Management

Blogs

• How do you add compliance controls in different parts of your business?

Legal GRC Management

Blogs

• Breaking Silos with GRC and Legal