Posted on Leave a comment

GRC in Uncertain Times: 2016 and into 2017

In the past month there have been a lot of posts, articles, and discussion on the impact of Trump’s presidency on the GRC market, particularly compliance. Some fear that the need for compliance management within organizations is not going to be as strong as a Trump administration looks to deregulate. My perspective is that compliance management will continue to grow within organizations no matter who is in office. Whether conservative or liberal, regulations have grown and grown over the years. While President-Elect Trump is not your typical candidate, he is already toning down some of the rhetoric that he used during the campaign and coming to reality. There may be shifts in focus in certain areas, but ethics and compliance will remain a strong need within organizations for many years to come.

HOWEVER, the focus of the question should not be on compliance but on what the forecast looks like for risk management. While organizations will continue to need compliance processes and technologies, organizations will see a renewed focus and energy on risk management processes and related technologies.

Times are uncertain. 2016 has brought us Brexit, a forthcoming Trump administration, and turmoil politically around the world, particularly in European election possibilities. Economically things are topsy turvy with the British Pound, European Euro, caution on an outlook in China.

As I look to 2017 one word continues to come to mind: UNCERTAINTY.

If we go to ISO 31000 for a definition of risk, “risk is the effect of uncertainty on objectives.” Organizations face a world of uncertainty in 2017 and need defined risk management processes and systems in place to be able to manage risk in context of objectives. As we close 2016 and move into 2017, GRC 20/20 is seeing growing inquiries from organizations looking to improve risk management related processes and are asking questions related to risk management technologies to enable these processes.

It is interesting, the current OCEG GRC Maturity Survey, that GRC 20/20 Research collaborates on and authors, show a change in the respondents. This survey was fielded over the past two months and has 697 respondents with 578 of them in roles managing GRC internally within their organization. The past several GRC Maturity Surveys had Compliance and Ethics as the primary role responding to the survey, this year (the past few months to be specific) it is Risk Management roles that are the number one responder. Consider joining the webinar to learn more on the findings.

GRC 20/20 is seeing increased interest in enterprise and operational risk management technologies, but also increased interest in solutions for geo-political risk management, third party (vendor/supplier) risk management, IT/information security risk management, EH&S, and business continuity management.

What are your thoughts on 2017 and the outlook for GRC Related processes and systems? I look forward to hearing your thoughts.

How to Purchase Business Continuity Management Solutions

Considerations in Selection of Business Continuity Management & Disaster Recovery Solutions

[tabs style=”default”] [tab title=”Overview”]

Business Continuity Management (BCM) and Disaster Recovery (DR) solutions has been an established segment of technology for going on two decades. However, this does not mean that this segment of the GRC market is stale and lacks innovation. The past few years has shown a number of new, compelling, and interesting BCM solutions that focus on easy of use, intuitiveness, and accessibility. Some of these solutions are particularly compelling as they tie BCM into broader operational risk and GRC programs.

Recent RFP and inquiry trends that GRC 20/20 is involved with show a growing demand for BCM solutions. There are many solutions available in the market with varying capabilities and approaches.  Organizations need to clearly understand the breadth and depth of their requirements, map these into solution capabilities, and understand that there is no one size fits all solution for BCM management no matter what solution providers may say. Organizations looking for BCM solutions need to carefully navigate, understand, and find the solution(s) that are the perfect fit for your organization.

In this Research Briefing GRC 20/20 provides a framework for organizations evaluating or considering BCM management platforms and solutions. Specifically, GRC 20/20 will break out types of solutions in the market, critical capabilities, what differentiates basic, common, and advanced BCM solutions, and considerations and warning in navigating solution offerings and vendor hyperbole.

[/tab] [tab title=”Agenda”]

  • Defining & Understanding Business Continuity Management
    Definition, Drivers, Trends & Best Practices
  • Critical Capabilities of Business Continuity Management Platforms
    What Differentiates Basic, Common, & Advanced Solutions
  • Considerations in Selection of Business Continuity Management Platforms
    Decision Framework & Considerations to Keep in Mind
  • Building a Business Case for Business Continuity Management
    Trajectory of Value in Effectiveness, Efficiency & Agility

[/tab] [tab title=”Benefits”]

The GRC Pundit will help organizations . . .

  • Define and scope the BCM market
  • Understand BCM drivers, trends, and best practices
  • Relate the components of what makes a BCM platform
  • Identify core features/functionality of basic, common, and advanced BCM platforms
  • Map critical capabilities needed in a BCM platform
  • Predict future directions and capabilities for BCM
  • Scope how to purchase BCM platforms in a decision-tree framework
  • Discern considerations to keep in mind as you evaluate BCM solutions

[/tab] [tab title=”Who Should Attend”]

  • BCM/DR and broader business professionals with responsibilities for BCM
  • BCM solution providers offering management solutions
  • BCM professional service firms advising organizations on business continuity and disaster recovery
  • BCM content & intelligence providers that provide content, intelligence and templates

[/tab] [tab title=”Instructor”]
rasmussenMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.[/tab] [/tabs]

Integrated Resiliency and GRC to Support the New Digital Healthcare Organization

[button link=”https://attendee.gotowebinar.com/register/2572564011702520577″]Register[/button]

[tabs style=”default”] [tab title=”Summary”]

Advances in the Internet of Things (IoT), Cloud and mobility, and an explosion of data across the care ecosystem is digitally transforming the healthcare industry. These unprecedented waves of innovation are introducing new and related risks and regulations forcing the industry to rethink its approach to governing the new digital healthcare enterprise.

In this webinar, distinguished analyst, Michael Rasmussen from GRC 20/20 and Tejas Katwala, CEO and Co-Founder of Continuity Logic will discuss the challenges facing the healthcare industry from a resiliency, risk, and compliance perspective. They will share best practices that address these challenges through an integrated resiliency and GRC approach based on Continuity Logic’s innovative, zero-code GRC platform.

[/tab] [tab title=”Objectives”]

Topics covered include:

  • What is the new digital healthcare enterprise?
  • Why is healthcare compliance complex?
  • What are the common pain points?
  • How can integrated resiliency and GRC address
    complexity?
  • What makes the Continuity Logic platform innovative?

[/tab] [tab title=”GRC 20/20 Presenter”]
rasmussenMichael Rasmussen – The GRC Pundit @ GRC 20/20 Research, Michael Rasmussen is an internationally recognized pundit on governance, risk management, and compliance (GRC) – with specific expertise on the topics of GRC strategy, process, information, and technology architectures and solutions. With 23+ years of experience, Michael helps organizations improve GRC processes, design and implement GRC architectures, and select solutions that are effective, efficient, and agile. He is a sought-after keynote speaker, author, and advisor and is noted as the “Father of GRC” — being the first to define and model the GRC market in February 2002 while at Forrester Research, Inc.

[/tab] [tab title=”Webinar Sponsor”]

Screen Shot 2016-02-10 at 12.58.23 PMAs a leading provider of Governance, Risk Management & Compliance solutions, Continuity Logic is transforming enterprise governance by effectively converging continuity, risk and compliance into one easy-to-use cloud-based solution. With Continuity Logic’s Version 5.0 companies can capture and connect all of its people, processes, technology, vendors, facilities, policies and controls with all of their inter-relationships and inter-dependencies – into a single, unified governance database. Our multi-tenant platform is designed to help customers dramatically improve resiliency, reduce operating risk, demonstrate regulatory compliance and actively manage operational disruptions and disasters.

[/tab][/tabs]