I recently attended a demonstration of a new ITGRC system. It seems the market is being flooded lately with new technologies or the same technologies but under a different logo. The audience in attendance were a mix of ITGRC practitioners such as myself and a large percentage of people interested in implementing an ITGRC function within their organization.
What struck me about the presentation was the time spent entirely on the features, functions, bells, and whistles of the system with little thought towards how the software should be used in a business setting. From experience, I’ve learned that organizations that are newly considering ITGRC have a hard time understanding where to start and become lost in the in the multitudes of technology and industry jargon. Vendors do these folks a disservice by not connecting the dots between their software and its practical use. It would be like hiring a carpenter to remodel your kitchen. You don’t know where to start or how to plan the replacement or your cabinets but all the carpenter wants to do is demonstrate how well his saw cuts wood or hammer drives nails. You don’t need to understand the tool but rather how they are used to meet your goal. It’s the same with GRC Systems. They are simply a tool to help you reach your Governance, Risk and Compliance goals.
GRCential, LLC has a successful history of helping organizations connect the dots between creating functional ITGRC processes and the GRC tools to facilitate it effectively. We have over 20 years of combined experience in walking clients through the initial steps of establishing and maintaining a robust ITGRC function as well as selecting the right tool for the job.
To learn more about how we can get you started please contact GRCential, LLC.