Business continuity maturity and operational resilience took the spotlight in 2020 as organizations scrambled to get their plans in order and updated with pandemic response policies and procedures. But has this extra attention helped increase continuity program maturity and the ability to address operational risks? Taking the Pulse of Business Continuity for 2021 In the “State of Business Continuity Preparedness” survey conducted by the Disaster Recovery Journal (DRJ) and Forrester during the last quarter…
The events of 2020 highlighted risk management in a way that no other situation could. Organizations were tested from all fronts in many ways, be it internal challenges with migrating to remote work or external challenges such as increased cybersecurity and third-party risk. Not a single business was left unscathed. The most important thing is that we learn from these events. Why is risk culture important? One important lesson we can take away is: we…
After breaking down some common but inaccurate assumptions about GRC tools and technology in Part 2, we’ll conclude with a closely related topic: weighing the costs, benefits, and return on investment, or ROI, for GRC initiatives. GRC Myths About Cost & ROI 8. GRC is a necessary inconvenience. Many organizations have traditionally approached GRC as a reactive process, scrambling to respond when there’s a risk event, audit finding, regulatory change, business disruption, or other…
Part 1 of this series debunked some common misconceptions about GRC program development and maturity. We explored why it’s important to establish a management framework that’s integrated across the enterprise, synchronized through standard processes, and supported by technology that enables digitization and automation. This week, we’ll take a look at concerns related to choosing and implementing GRC solutions. GRC Myths About Tools & Technology 5. All GRC platforms are equal. OCEG, a nonprofit think…
Getting stakeholder agreement on a coordinated approach to governance, risk, and compliance (GRC) management is no easy task. Budget, buy-in, departmental silos, and existing processes and tools (or lack thereof) can all stand in the way of pursuing GRC program maturity. Yet, apart from these challenges, many organizations fail to consider the return on investment from and business benefits of an integrated, technology-enabled GRC program. In this series, we’ll explore some of the most…