An application built into a GRC platform to facilitate a business process will never truly be “finished.” When you first implement a business process, think of it like you would a software product. What you just implemented is essentially “version 1.0.” Over time and through repeated end-user exposure, users will request updates. Some of those updates will be minor, like adding a value to a dropdown list, and some will be major, like completely overhauling users’ access.
About Evan Stos
Evan leads the professional services team for Onspring solutions.
If I showed you a picture of a Sasquatch or a unicorn, chances are you would be able to identify them almost immediately. That is to say that nearly everyone knows exactly what they are even though they haven’t been proven to exist. In most cases, the “Fully Integrated GRC Program” fits within the same category. Anyone that has been working in GRC recognizes the concept immediately, but chances are there’s no proof that integrated GRC is fully alive within the organization.
Convenience drives so much of the innovation in the consumer market, often removing nearly all of the human interaction (or thought process) required to do a task. My point is this: When implementing various business processes into a GRC platform, a technology used to make completing those same everyday processes more convenient, be wary of “over-automation.”