2023 GRC Research Year in Review

Written by The GRC Pundit

Published on2024-01-22Updated on2024-01-22DiscussionLeave a Comment on 2023 GRC Research Year in Review

Greetings! 

I trust 2024 is off to a great start. It is for me. 2023 was my busiest year in my career with extensive GRC travels around the world. 2024 looks to be every bit as busy. I am headed this week to Riyadh, and then Dubai over the weekend and into next week. Then London next Wednesday to Friday, returning home on February 3rd. Then back to London the week of February 12th. 

The GRC Market is complex with a broad platforms and many focused best of breed solutions solving specific problems and challenges. There are 365 solution providers (not counting professional service firms) that GRC 20/20 monitors in the market. Seventy-four can be classified as an Enterprise/Integrated GRC Platform that can cross departments and use cases; the rest are best-of-breed point solutions. Of these 365, GRC 20/20 actively monitors 83 of them more deeply annually, and the rest keeps abreast of and interacts with in briefings every two or three years.

It is a fast-moving market with a lot of momentum, but also a lot of nuances and niches. In 2023, GRC 20/20 answered between 10 and 20 inquiry/research questions from organizations asking about and looking for solutions every week. This accounted for over 750 interactions in 2023. These come in via email, text, LinkedIn messages, and more. Most are simple responses to questions; others go deeper. In 2023, there were 53 RFPs that GRC 20/20 monitored around the world. Some deeply, some from a distance. The 2024 outlook on the GRC market was just covered in the on-demand 2024 State of the GRC Market Research Briefing.

Times of uncertainty brings a boom to GRC related solutions and services. GRC 20/20 has never been so busy than at this very moment. While the activity is global, there is a lot of particular GRC market activity coming out of the United Kingdom and Europe right now. And the Middel East is the fastest growing market. 

Follow GRC 20/20 on LinkedIn and Twitter.

As always, you can ask GRC 20/20 Research questions in the context of governance, risk management, and compliance strategies and processes, as well as solutions available in the market we cover in our objective market research through the inquiry process. Every week GRC 20/20 is answering inquiries from organizations looking for advice on solutions and services to engage as they navigate the hundreds of solutions av ailable in the GRC market . . . 

Below is a summary of the research blogs and papers that GRC 20/20 has published throughout 2023, organized by topic area.

Enterprise GRC and the Broad GRC Market

Research Reports

• LogicGate Risk Cloud®: A Next-Generation GRC Management Platform
• Empowered Systems: Connected Risk: Enabling Agile, Cognitive & Business Integrated GRC
• Ansarada GRC: Streamlining Governance, Risk Management & Compliance
• Corestream: Delivering 360° Next-Generation GRC Management
• Symbiant: Delivering Agility to Risk, Compliance & Assurance Processes
• Lucara Botswana: Best in Class Enterprise GRC Management – Small Enterprise
• Farm Credit Canada: Best in Class Enterprise GRC Management – Medium Enterprise

Blogs

• Cognitive GRC: Revolutionizing GRC With Artificial Intelligence
• Building a Business Case & RFP for GRC-Related Software
• Charting the Course: Tackling GRC Challenges in Higher Education Institutions
• Challenges in GRC and the Business Case of GRC Technology
• Addressing GRC in Complex, Distributed & Autonomous Environments
• USA vs. UK/Europe in Risk & Compliance Approaches
• 2023 GRC Trends: Engagement
• 2023 GRC Trends: Accountability
• 2023 GRC Trends: Integrity (ESG)
• Why the Banking Crisis is Back
• 2023 GRC Trends: Resilience (continued) . . .
• 2023 GRC Trends: Resilience
• 2023 GRC Trends: Agility
• How Moving from Spreadsheets to a GRC Solution Provides Better Reporting
• 2023 Governance, Risk Management & Compliance Trends
• GRC in a United Kingdom Context
• 2022 GRC Research Year in Review

Risk & Resilience Management

Research Reports

• Deutsche Telekom AG: Best in Class GRC in Risk & Resilience Management – Large Enterprise
• FNZ: Best in Class Risk & Resilience Management – Medium Enterprise
• Riskonnect Business Continuity & Resilience: Delivering Value in Business Continuity & Resilience
• Inclus: Delivering an Integrated & Holistic View of Risk
• Decision Focus: Delivering 360° Risk & Control Management

Blogs

• The Chief Risk Officer and The Rhythm of Risk
• The Chief Risk Officer: The Conductor of the Orchestra of Risk Management
• Risk Management = No Surprises!
• Navigating Risk and Resilience: Balancing Complexity and Cost in GRC Solutions
• USA vs. UK/Europe in Risk & Compliance Approaches
• Geopolitical Risk and the Extended Enterprise
• Ensuring Supplier Risk & Resilience in the Extended Enterprise
• ESG, Compliance, and Resilience in the Extended Enterprises: Navigating Supplier and Vendor Relationships

Aritificial Intelligence GRC

Research Reports

• A.I. GRC: The Governance, Risk Management & Compliance of A.I.

Blogs

• A.I. Governance, Risk Management & Compliance
• A.I. GRC: The Governance, Risk Management & Compliance of A.I.
• When A.I. (Artificial Intelligence) Fails . . .
• The Challenges & Risk in Artificial Intelligence

ESG – Environmental, Social, Governance

Research Reports

• How to Market & Sell ESG Solutions & Services
• Cognizant: Best in Class ESG Management – Large Enterprise

Blogs

• Rethinking Compliance & Ethics Management in the Era of ESG
• ESG: Doing the right thing is never the wrong thing
• Why ESG Success Requires Effective Policy Management (Strategy, Systems and Processes)
• Delivering 360° Situational Awareness of ESG Starts With a Proper Diagnosis
• 2023 GRC Trends: Integrity (ESG)
• ESG, Compliance, and Resilience in the Extended Enterprises: Navigating Supplier and Vendor Relationships
• Managing Risks, ESG, and PFAS in the Extended Enterprise

Corporate Compliance & Ethics Management

Research Reports

• Ascent: Delivering the A.I. Enabled Regulatory Change Lifecycle
• Zurich Insurance Company: Best in Class Compliance & Ethics Management – Large Enterprise
• Transurban Group: Best in Class Compliance & Ethics Management – Medium Enterprise
• RegEd Regulatory Change Management: Enabling Closed-Loop Regulatory Compliance

Blogs

• 6 Ways to Create a Repeatable, Scalable Compliance Program
• A Preventative Approach To Achieving Compliance In Healthcare
• How to Keep Up With Regulatory Change
• Cognitive GRC: A.I. & Regulatory Change & Intelligence
• Enabling Closed-Loop Regulatory Compliance
• The What, Why & How of an Ethical Compliance Culture
• Measuring the Cost of Non-Compliance
• How Mortgage Lenders Can Leverage Automation to Strengthen Compliance in a Turbulent Economy
• USA vs. UK/Europe in Risk & Compliance Approaches
• ESG, Compliance, and Resilience in the Extended Enterprises: Navigating Supplier and Vendor Relationships

Third-Party (e.g, Vendor/Supplier) GRC Management

Research Reports

• New American Funding: Best in Class in Third Party GRC Management – Medium Enterprise
• Whispir: Best in Class in Third Party GRC Management – Small Enterprise
• ICON plc: Best in Class in Third Party GRC Management – Large Enterprise
• Supply Wisdom: Enabling 360° Intelligence of Third-Party Relationships

Blogs

• Navigating Third-Party Risk Management – 5 Takeaways from Michael Rasmussen
• Geopolitical Risk and the Extended Enterprise
• Ensuring Supplier Risk & Resilience in the Extended Enterprise
• Challenges in Third-Party Risk Management
• Navigating Third-Party Risk Management: An EU & UK Perspective
• ESG, Compliance, and Resilience in the Extended Enterprises: Navigating Supplier and Vendor Relationships
• Managing Risks, ESG, and PFAS in the Extended Enterprise
• Third-Party Risk Management & Intelligence Solutions
• Enabling 360° Intelligence of Third-Party Relationships

Strategy, Performance & Objective Management

Research Reports

• Be’ah: Best in Class GRC in Strategy & Performance Management – Small Enterprise

Policy Management

Blogs

• Ensuring Engagement Throughout the Policy Lifecycle
• Why ESG Success Requires Effective Policy Management (Strategy, Systems and Processes)

IT GRC Management

Research Reports

• RegScale: Providing Real-Time GRC Visibility into IT Risk & Compliance
• Guidewire: Best in Class Enterprise IT GRC Management: Medium Enterprise
• AuditBoard: Delivering Value in IT Risk & Compliance Management
• SimpleRisk: Streamlining Risk Management & Compliance

Internal & Automated Control Management

Blogs

• Navigating Complexity & Chaos: Approaching Regulatory Requirements with Control Automation
• Newell Brands: Best in Class Internal Control Management – Large Enterprise

Audit Management & Analytics

Research Reports

• AuditBoard Audit Management: Elevating Audit for Strategic Impact
• Wendy’s®: Best in Class Audit Management & Analytics – Large Enterprise
• Netafim: Best in Class Audit Management – Medium Enterprise

Issure Reporting & Case Management

Research Reports

• Soneva: Best in Class Issue Reporting & Case Management – Medium Enterprise
• Curry’s: Best in Class Issue Reporting & Case Management – Small Enterprise

Data GRC Management

Blogs

• Building Your Data Governance Strategy: A Call to Action for Data GRC

Finance GRC Management

Research Reports

• Southwest Airlines: Best in Class Finance GRC Management – Large Enterprise

Blogs

• Preparing for Tax Compliance in 2023

Identity GRC Management

Research Reports

• Identity GRC Management by Design