The GRC Technology Hiring Gap
I get at least one message a week that goes something like, “Hi Andrew, I came across your profile on LinkedIn and was quite impressed with your background and experience, specifically in RSA Archer. I am looking to fill a few Archer roles…” There is often an unrealistic expectation that an organization can simply find a contractor off the street to maintain their RSA Archer solution after investing heavily in the initial implementation. Moreover, while the chances of finding someone with the appropriate Archer configuration skills are low, the chances of finding someone with Archer configuration skills and deep experience in the necessary GRC areas, as described below, are pretty slim. While some organizations can find success filling one or two roles, more often than not, organizations find themselves struggling to find and train resources to the level needed to manage the program. Additionally, attempts to hire resources or contractors can be expensive and waste valuable time as you try to vet a resource that will meet all of your needs.
The GRC Services Hiring Gap
The primary challenge with hiring individuals to manage your GRC program solution is that a successful program requires more than one or two individuals who hold “Archer Certifications”. While individuals with strong Archer Configuration and Infrastructure skills are important, you also need to consider the additional program management skills, including:
- Managing Governance Committees
- Responding to Issues
- Managing the Backlog
- Coordinating Releases
- Communicating to Stakeholders
- Updating and Developing User Guides
- Conducting Training
While experience working with Archer or GRC processes is not required to perform these roles, experience with the tools and processes can provide significant value, and experience in the GRC area in question is ideal – companies just resign themselves to settling since they feel they’ll never find that perfect fit. However, depending upon the size of your implementation, you may find yourself having to hire multiple employees to manage the program with, but only needing a portion of their time to actually work on your GRC program. Thus, requiring you to find the “golden goose” employee who can manage the entire program, or having to divide the work up amongst shared resources. Additionally, any employees new to Archer or GRC will be required to learn the new solution during their fractional time.
Cential Expanding Our Managed Services Offerings
To address this gap, Cential has expanded our Managed Services Offerings to be a comprehensive solution for our clients. Our Managed Services methodology provides our clients with experienced resources to cover all aspects of their program, saving them time and money. Our services include: