While the concept of reporting seems to be pretty straightforward, the term “report” can have a variety of meanings, so I’m always careful to validate my understanding so I don’t veer off in some unwanted direction. After all, reporting capabilities often represents the organization’s A-1 deal breaker requirement.
Common supports remain in place, even as regulations and best practices evolve. Remember this as you stand at the metaphorical “ice cream counter of compliance.” The sheer variety and complexity of requirements can be overwhelming, but the core people, processes and technologies you engage to understand and address those requirements remains largely the same.
More than likely, you have a process for managing vendor relationships. You may even have a sophisticated process with a centralized vendor repository, risk assessments, due diligence, contract review, careful onboarding and ongoing monitoring. But how many of your employees know the process? And more importantly, how many of them understand how they fit in?
If you were old enough to ride a 10-speed or file taxes in the 80s, you probably have fond memories of mixtapes—a collection of favorite songs on a well-worn cassette that you listened to over…and over…and over again. We’re a long way from mixtapes in 2017, but the concept holds true: sometimes the good stuff just keeps getting better. As the year draws to a close, the Onspring team would like to offer our own mixtape of sorts: a collection of our most popular blog posts from 2017. We invite you to sit back, “press play” and enjoy these stories again (…and again…and again).
In most of our conversations, we’re hearing that there is some kind of system in place, but it’s not adequate. Ranging from Excel, Sharepoint, point solutions or older deployments of other technologies, we’ve been hearing over and over “it’s difficult to keep up,” “everyone manages their information in their own ways,” and “we really struggle to pull everything together for the reports we want.”
When it comes to regulations, industry standards and supporting controls, the only constant is change. Most organization have smart people and defined processes for managing change, but tracking the changes themselves—knowing what they are and how they impact the business—can be a massive headache.
We’re pleased to announce that Onspring has teamed up with Unified Compliance to help companies stay up to date with rapid regulatory changes. Using our dynamic Data Connector, we’ve made it push-button easy to update controls and authority documents from the UCF Common Controls Hub™ within our flexible Controls & Compliance solution. Join us for a webinar on Tuesday, September 19 for all the details!
After months of planning, it’s finally here: Onspring Connect, our inaugural user conference. We’ve gathered clients from all over the US and Canada, from Seattle to Dallas to Boston to Newfoundland and everything in between. We have internal auditors, enterprise risk managers, legal experts, vendor managers and compliance professionals among our participants. In short, we have a lot of collective brainpower.
When I first heard that my son’s first grade class was looking for parents to speak during Career Week, I looked before I leaped and happily volunteered my time. Then the butterflies set in. I had a hard enough time explaining what I did to my friends and family members. Nobody seemed to have the slightest idea what the heck GRC was or why it mattered, so you can only imagine my trepidation about talking about my job in front of a bunch of six- and seven-year-olds.
As with many things in this world, adulthood has a tendency to put a different spin on our youthful perspectives. This time of year can be fraught with its share of stress, angst, hassle and sadness. Whether it’s a minor nuisance like fighting tooth and nail for a parking place, or something much deeper, like celebrating your first Christmas without a loved one, this particular time of year is prone to its own set of struggles.
We hear a common frustration from clients: They have internal controls distributed across their enterprise, managed by various groups and at many levels of maturity. They have processes and activities in place to help the organization manage performance, efficiency, risk and compliance. What they don’t have is a clear picture of what’s working, what’s not and who is responsible.