No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

Harnessing the Power of GRC Technology in the Era of COVID-19

Next-Gen Tools Can Address Pandemic Risk in Real Time

by John Castner
September 9, 2020
in Featured, Risk
businessman hand working on laptop computer with digital layer business strategy

Is AI the answer to effective risk management? IsoMetrix’s John Castner details why companies need to stop focusing on predictive analytics and instead prioritize removing a siloed risk management approach to deal with the impact of COVID-19.

As industries push to leverage technology, in today’s COVID-19 world, many are looking for the next generation of GRC technology to integrate predictive analytics and artificial intelligence (AI). However, many have overlooked the challenges we still need to overcome to apply these use cases to GRC technology.

Right now, businesses are under a time crunch to understand, manage and mitigate the impact of COVID-19. One failed control or one materialized risk could have ripple effects impacting stakeholders and the bottom line. By lacking a proper risk management infrastructure, it is difficult to understand the impact of existing risks and the emerging risks caused by COVID-19.

Many hope that AI can help them understand how COVID-19 is impacting their bottom line. However, to date, predicting the unpredictable has proven difficult. Before thinking about predictive analytics, companies should focus their efforts on integrating GRC data across the entire business. This starts with removing the silos between a company’s financial, environmental, health, safety and social disciplines. After this critical step, companies can add HR, enterprise resource planning (ERP) and other systems into the data pipeline to gain a more holistic view of the risk landscape.

In risk management terms, COVID-19 now sits on most companies’ enterprise risk register, and the impact and consequences have also manifested at the operational level. The actual impact of COVID-19 can change regularly. Without continuously reviewing the core risk factors – such as the spread of COVID-19 throughout a business – and continuously monitoring and re-assessing causes, controls and safeguards, companies will have a difficult time understanding the day-to-day risks – let alone be able to use AI to predict an unwanted event. Additionally, a siloed approach to risk management makes it impossible to make the connections between the different areas of your business.

For a business to leverage the power of AI in a GRC solution, it needs an infrastructure to implement risk data across each business unit so it can clearly link enterprise risk. This comprehensive view of the risk environment will help businesses leverage GRC platforms and move closer to predicting unwanted incidents.

Handling the “New Normal” with GRC Technology

Change is a part of business, but rarely does it happen as quickly as it did in early 2020 due to COVID-19. Over the past six months, governments have created new regulations and guidance that continues to change. However, many software solutions that aim to assist in managing this regulatory change don’t help companies actually manage their broader risks. Thus, companies need to also find the connections between compliance and risk management, which is where GRC solutions thrive.

The problem is that traditional approaches to risk management create more challenges than solutions. According to Forrester and Disaster Recovery Journal, 51 percent of organizations are still using ad hoc tools and methods to manage business continuity and risk management.

This traditional approach doesn’t provide the speed, scale and agility needed to keep up with today’s business environment, particularly in the time of COVID-19. Businesses need GRC context quickly and efficiently. What was the norm yesterday may not be the norm today.

To get ahead of these ever-evolving risks, businesses need to start leveraging technology as a tool to help guide business decisions.

Creating Cross-Office Synergy

In traditional risk management approaches, businesses conduct risk assessments every six months to a year, and those risks are reassessed periodically to create the next year’s risk register. However, this approach isn’t working in the era of COVID-19. Risk management approaches need to be consistent and agile. This means GRC technology needs to be agile enough to allow for continual monitoring to help businesses implement a risk approach that can handle ever-evolving risks.

With most companies now working remotely, there is a plethora of emerging risks businesses must consider. Manually tracking these and doing so in a traditional risk management approach puts the business itself at risk, as well as its people. These emerging risks also necessitate the move to an integrated risk management approach in order to understand the interconnected risks, or the “golden threads,” those links between people, processes, risks, controls and events.

Not understanding these golden threads causes different departments to duplicate efforts, increasing the time it takes to respond to incidents. For example, if an employee tests positive for COVID-19, the social, safety, health, HR and legal teams have to execute a unified response plan.

Without an integrated infrastructure in place, these departments could repeatedly contact the same stakeholder. Siloed approaches may also create gaps in communication due to misidentified or unclear ownership. In the case of the employee with COVID-19, the team could forget to notify a critical stakeholder group, such as third-party contractors. Without notice, the third-party contractors could come on-site and risk contracting the virus. This could result in litigation and financial damage for putting the contractors at risk. In a sense, what COVID-19 has done is force companies to address these types of gaps in their existing processes and systems.

Digital Risk Ecosystems, Analytics and COVID-19

While an ever-changing landscape is the norm in the time of COVID-19, there is no doubt that there will be a plethora of opportunities to leverage from the lessons learned. From a pure risk management perspective, COVID-19 will create a shift to more regular risk and control monitoring. In the past, a lack of data has acted as a barrier to predicting unwanted events in the environmental, health and safety realm. Through continuous monitoring, businesses can remove their data barrier and increase the amount of data they’re collecting to better understand the risk environment.

COVID-19 has put health and safety at the forefront at the employee, customer and community level. For businesses to operate and manage this new type of risk, they have to leverage the power of technology. Fortunately, given the proliferation of software tools to help companies manage COVID-19 and the return to work, options are plenty.

The truth is, there is no single technology solution that gives companies a holistic view of risks, no matter how integrated that company may be. Even companies that have already broken down the traditional silos still have a technology landscape that is either immature or has a myriad of best-of-breed solutions that solve specific problems for each department. Thus, it is still a challenge for companies to leverage all the information they capture to create a 360-degree view of risks. This makes it even more difficult to implement predictive analytics into GRC technology.

Therefore, leading companies are finding ways to not only create an integrated business, but also support the business with an integrated technology landscape. These companies are pulling data from GRC platforms, asset management systems, ERPs and many other solutions, pushing them into data warehouses and then leveraging corporate analytics tools to make key business decisions. This digital risk ecosystem is the technical realization of an integrated risk management approach.

If Culture Eats Strategy for Breakfast, then Technology is the Fork and Knife

To actually reap the benefits of GRC technology, businesses must integrate GRC tech into their larger operational strategy. Proper integration with HR, ERP and environment, health, and safety (EHS) systems incorporates risk management processes into businesses’ strategic objectives.

One outcome of COVID-19 is that it has encouraged businesses to adopt technology where they were previously resistant to do so. Government organizations that didn’t allow remote work now do everything remotely. Restaurants no longer hand out menus; instead, you scan the menu using your phone. Going to work at many places means using an app to self-screen in order to enter the facility.

Want “evidence” that technology is the key to business success going forward? Look no further than the fact that the S&P 500 has set a record amidst COVID-19. What drove that? Big Tech. The challenge going forward with GRC technology is the question around who it serves: executives or employees. To successfully integrate GRC technology, businesses need to create an organizational culture around GRC technology. This may sound simple, but often, employees’ lack of buy-in leads to a platform’s demise.

Knowing that management is prioritizing the GRC platform’s success, employees may be hesitant to share feedback as it could be negatively perceived. However, lacking an understanding of the platform leads to incomplete tasks or missing data. Not inserting that data changes how GRC platforms identify risky events.

Educating employees on the importance of GRC platforms provides more context and encourages feedback. Empowering the people closest to the project streamlines its implementation and creates more accurate data to drive key business decisions.

Successfully integrating GRC platforms into every business unit gives the executive team a comprehensive overview of people’s movement, training, attendance and more. This gives GRC platforms the data to determine what could go wrong and what could go right. If used effectively, technology influences culture, culture influences technology and businesses are more apt to achieve their strategic objectives. If data is the key to prediction and analytics, then a technology-focused organizational culture will move businesses closer to being able to leverage the power of AI and predictive analytics.

Looking at where things are today, there’s still a long way to go before GRC technology platforms can truly leverage AI. So, let’s not get ahead of ourselves – let’s focus on what really matters in terms of leveraging GRC technology: breaking down the siloed nature of business and risk management.


Tags: Artificial Intelligence (AI)COVID-19Technology
Previous Post

Compliance Content Creator L&E Announces “Tales From the Hotline”

Next Post

5 Steps to Reduce Risk of IRS 226-J Assessments

John Castner

John Castner

John Castner is President and CEO of the Americas division of IsoMetrix, one of the world’s leading developers of software solutions for integrated risk management. A graduate of the University of California, John started his technology career around 13 years ago, at CMO software. His focus was on translating the tools and skill sets he learned as a teacher and coach in order to present simple solutions to complex problems around GRC, HSE and social management. John’s client portfolio includes dozens of global brands and hundreds of customers across a range of high-risk industries including mining, oil & gas, renewables, transport, logistics, utilities, food & retail, manufacturing and financial services. This broad experience has allowed John to recognize the common challenges facing both low- and high-performing organizations and how the right tools enable teams to better manage risk and opportunity.

Related Posts

DALL·E 2023-02-16 13.18.43 - magritte style painting of robot looking into mirror

A Bot Isn’t Going to Take Your Place, But AI Will Make Your Job Harder

by Jennifer L. Gaskin
March 8, 2023

OpenAI’s splashy ChatGPT rollout has generated untold amounts of text, both directly and indirectly. While much of what’s been written...

covid business closure insurance

Who’s on the Hook for Pandemic-Related Business Disruptions? Courts Agree, It’s Not Property Insurers.

by Crowell & Moring
February 8, 2023

We’re nearing the three-year anniversary of widespread business shutdowns in the early days of the Covid-19 pandemic. In that short...

uvalde crosses

Will 2023 Bring More ‘Permacrisis’ Culture?

by Lisa Schor Babin
January 4, 2023

While 2022 had no shortage of chaotic events, ethics columnist Lisa Schor Babin shares her hopes for 2023 — and...

cci top 10 stories collage

Top 10 Compliance Stories of 2022

by Jennifer L. Gaskin
December 7, 2022

The more things change, the more they stay the same. This time last year, we summarized the top 10 ESG...

Next Post
illustration of businessman running in clock

5 Steps to Reduce Risk of IRS 226-J Assessments

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT