No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe
Jump to a Section
  • At the Office
    • Ethics
    • HR Compliance
    • Leadership & Career
    • Well-Being at Work
  • Compliance & Risk
    • Compliance
    • FCPA
    • Fraud
    • Risk
  • Finserv & Audit
    • Financial Services
    • Internal Audit
  • Governance
    • ESG
    • Getting Governance Right
  • Infosec
    • Cybersecurity
    • Data Privacy
  • Opinion
    • Adam Balfour
    • Jim DeLoach
    • Mary Shirley
    • Yan Tougas
No Result
View All Result
Corporate Compliance Insights
Home Compliance

Reassessing the GRC Industry Outlook Well Into 2020

Covid, digital transformation heighten the importance of GRC

by Matt Kunkel
September 23, 2020
in Compliance, Featured
black binoculars on yellow background

With normal, day-to-day business processes interrupted and organizations increasingly adopting cloud infrastructure services, the GRC landscape is rapidly changing. LogicGate CEO Matt Kunkel offers predictions based on changes he’s seen within risk and compliance management this year.

Things in governance, risk, and compliance (GRC) change really quickly. And if you throw in the fact that normal, day-to-day business practices have been disrupted as a result of the pandemic, our compliance and risk mitigation processes have been drastically altered since the start of the year.

With this new environment, businesses have been forced to compress their digital transformation timelines, producing an uptick in cloud-based investments. According to Synergy Research Group, through the first quarter of 2020, corporate spending on cloud infrastructure services reached $29 billion, a 37 percent increase over the same quarter last year.

Increased demand for cloud services and emphasis on digital transformation initiatives throughout the first and second quarters of the year not only heighten the importance of GRC now, but also as we look toward Q4 2020 and beyond. The outlook of the entire governance, risk and compliance industry has changed. C-suite executives and GRC professionals alike need to understand the new requirements, best practices and paradigm set before us.

With all that is happening within the GRC space, transforming entire business structures and functions, it’s best to reassess predictions and where we are as an industry.

Managing a Spiderweb of Third-Party Vendors

The rise of the cloud has led to the emergence of more third-party vendors and outsourcing of non-core business functions. How does this impact the future of risk?

According to estimates, up to 50 percent of a large organization’s total workforce is outsourced, and in 2019, the global outsourcing market amounted to $92.5 billion. Furthermore, industries with high-risk potential and more nuanced compliance mandates, such as health care, are no different. According to Transparency Market Research, health care IT outsourcing, by itself, is expected to reach $61.2 billion by 2023.

While utilizing third-party vendors allows businesses to focus on core functions and is incredibly beneficial to bottom lines, it also raises many privacy and security concerns. As third-party networks expand, those vendors have third parties of their own, creating a complex spiderweb of programs and data.

And with consumer data privacy legislation like CCPA and CPRA on the rise, CEOs and other C-suite executives need to get in front of risk mitigation processes and security concerns. They can no longer afford to be reactionary; they must be proactive.

In order to securely manage third-, fourth- and even fifth-party vendors, more organizations will look to partner with GRC cloud solutions with the capacity to screen potential partners against lists of high-risk individuals or entities and offer risk-scoring metrics, ongoing compliance assessments and escalation frameworks.

Risk-Monitoring Analytics

As more companies invest in quantifying and benchmarking risk, robust risk-monitoring analytics will soon become the most important aspect of GRC processes.

In order for businesses to simultaneously scale and grow during this time, they need to turn risk into opportunity. Because GRC is constantly changing, the ability to measure mitigation and vulnerability via metrics and data gives an organization a 360-degree view of its risk profile. Thus, the ability to more easily identify the interconnectivity of various GRC processes enables organizations to make more informed, strategic decisions.

In the future, it’ll be easier for risk managers to identify, define, gather and process risk data according to the company’s risk tolerance, making it easier to assign financial value. With assigned financial values, it’ll also be easier to communicate risk opportunities with the board, C-suite executives and other departments.

Quantitative data yields a more straightforward, specific approach to risk scoring. Similar to assigning dollars and cents to risk opportunity, managers can eventually determine the probability of risk within organizational activities and, subsequently, the amount of money at risk. Ultimately, GRC analytics have the ability to change much more than just GRC processes, as it can scale entire enterprise-level businesses.

RPA: The Future of GRC

There’s certainly a variety of different automated processes that SaaS solutions, digital transformation initiatives and management platforms can utilize: AI, machine learning and robotic process automation (RPA) to name a few. But, within GRC, RPA is the future.

RPA works so well because of the many risk and compliance functions that follow a formal process. There’s a much clearer path to automate those steps as companies put more and more data through specific processes. As a result, RPA gives businesses the fortitude to make smarter decisions more quickly while also freeing talent from tedious, mind-numbing manual tasks and allowing them to take on more strategic, complex work.

That being said, not all companies looking to implement RPA within their GRC processes are ripe for success. The P (process) in RPA determines organizational progress and improvement.

RPA is a force multiplier, meaning it’ll enhance good processes and make them better, but it will make bad processes even worse. So, it’s vital for companies to have refined workflows before turning to technology to keep GRC momentum. In order to drive top-line revenue growth, businesses must have a culture of risk and compliance already in place, with great emphasis from all levels of organizational structure, top to bottom.

GRC Becomes About Revenue Generation, Not Just Asset Protection

Many view risk as revenue protection; especially CEOs and board members. But, if leveraged properly, risk can be a major revenue driver for businesses.

Companies need to devise proper GRC processes that reflect modern-day risk management practices, like risk-scoring and predictive analytics. With these reporting capabilities constantly monitoring up-to-date companywide initiatives and holistic, customizable visualizations, risk managers and CISOs can provide CEOs and other C-suite executives with valuable information. This information includes quantifiable, digestible insights and data transforming all departments – not just finance or legal, the functions most traditionally associated with risk. They can then identify and respond to the most pressing concerns affecting the health of their organizational structure, internally and externally, and better predict the outcomes of business decisions.

For example, risk managers and a cloud-based GRC platform can quantify, in terms of percentages and dollars and cents, the risk and payoff associated with entering a new market or vertical, even in a more tightly regulated industry, like health care or finance.

Businesses need to remember: Risk isn’t a bad thing. Companies are built and scaled based on taking big, strategic risks.

With companies executing digital transformation initiatives earlier than anticipated and, in some cases, rushing implementation processes, they’re exposing themselves to greater risk and compliance concerns. As a result, the importance and presence of GRC will only continue to grow. Yet, within an ever-changing landscape, risk and compliance managers and C-suite executives need to reassess internal processes and, in the case of third-party risk evaluation, external processes.


Tags: Cloud ComplianceCOVID-19Robotic Process Automation (RPA)
Previous Post

IBM Brings Risk Analytics to Security Decision Making

Next Post

Is Your Company Future Ready?

Matt Kunkel

Matt Kunkel

Matt Kunkel is Co-Founder and CEO of LogicGate. Prior to LogicGate, he spent over a decade in the management consulting space, building technology solutions to operationalize regulatory, risk and compliance programs for Fortune 100 companies. It was during this time he learned the skills to realize his true calling: building world-class companies that meaningfully affect the lives of others through user-friendly technology. Given his extensive background in the GRC space, Matt regularly speaks and consults on risk and compliance topics. Recently, he was named an Ernst & Young finalist for the Entrepreneur of the Year® 2020 Midwest Award.

Related Posts

new yorkers in covid masks on street

Covid Fraud Enforcement (Yes, This Is Still a Thing)

by Denise M. Barnes and Brian Irving
February 7, 2025

With $2B recovered and $36B in estimated fraud, DOJ signals years of continued pandemic relief investigations ahead

cloud over skyscraper

As SaaS Evolves, Hybrid Models Take Center Stage

by Jason Purviance
January 20, 2025

Why 2025 could mark a turning point in how companies deploy cloud applications

Alveo Cloud Data Management Research Report

FinServ Cloud Data Management Survey

by Corporate Compliance Insights
November 10, 2023

Cloud impact on total cost, data sharing, governance and more Decision-maker survey FinServ Cloud Data Management Report What’s in this...

theater marquee showing covid shutdown

Was Covid Pandemic an Act of God? Depends on the Contract.

by Gretchen L. Jankowski and Jacqueline M. Weyand
September 4, 2023

Force majeure provisions in contracts haven’t garnered much attention over the years. But the Covid-19 pandemic appears to have changed...

Next Post
woman holding card that reads "be prepared"

Is Your Company Future Ready?

No Result
View All Result

Privacy Policy | AI Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Research
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2025 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT
No Result
View All Result
  • Home
  • About
    • About CCI
    • CCI Magazine
    • Writing for CCI
    • Career Connection
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Library
    • Download Whitepapers & Reports
    • Download eBooks
    • New: Living Your Best Compliance Life by Mary Shirley
    • New: Ethics and Compliance for Humans by Adam Balfour
    • 2021: Raise Your Game, Not Your Voice by Lentini-Walker & Tschida
    • CCI Press & Compliance Bookshelf
  • Podcasts
    • Great Women in Compliance
    • Unless: The Podcast (Hemma Lomax)
  • Research
  • Webinars
  • Events
  • Subscribe

© 2025 Corporate Compliance Insights