Turning data into actionable insight
October 2018, Security Services & Risk Management
Governance, Risk and Compliance (GRC) programmes are no longer a ‘tick-the-box’ exercise for organisations. Information technology advancements are better enabling GRC management software to become sophisticated enough to anticipate likely incidents and implement better controls, while also offering insights that can inform business opportunities and strategy.
GRC professionals are now adept at gathering, administering and scrutinising a vast and contrasting volume of data from multiple sources in order to fulfil their mandate of addressing enterprise-wide risks.
Bosman Stramrood, GM: Lexis GRC at LexisNexis, says: “Sustained technological innovation and disruption will ensure that the GRC function continues to evolve. Big Data and advanced analytics are increasingly helping risk and compliance professionals to uncover substantial risks earlier, but can now also provide the actionable business insight that boards and executives need to facilitate informed decision-making and ethics and integrity management on behalf of the organisation.”
Stramrood adds that company leadership must, however, first understand what insights they need in order to make good strategic and operational decisions. Companies that invest in and effectively draw value from their data will achieve clear gains over their competitors.
“The available data can help to pinpoint trends and parallels that will guide positive changes in organisational conduct. This organisational information can then be further enriched with external sources,” he says.
Just some of the advanced technologies now available include data visualisation and statistical analysis.
GRC data enables the business to retrieve and manage a vast amount of information that can aid in building a more risk savvy organisation. Boards can then take positive actions, strengthening controls, changing policy and procedures, and completely mitigating similar reputational threats in the future.
“Solutions that seamlessly combine available technologies with numerous data sources are those that will enable enhanced, sharper, real-time and fact-based decision-making for executive boards,” says Stramrood.
An example is Lexis GRC, which now boasts improved and interactive business intelligence dashboards as well as data visualisation tools. These bring case management to life through intuitive, audience-appropriate reporting views and interactive capabilities that aggregate or isolate risk hotspots.
Graphical reports on data from all modules is instantaneously available on management dashboards which could be used for day-to-day status updates, meetings, board-packs, etc. and exported in predefined, multi-format reports from PDF to Word to Excel. An action manager across components allows the user to set up tasks and actions from all components to ensure follow up, tracked history and audit trails. Notifications integrate with the user’s e-mail system.
This customisable software solution enables users to determine the modules that are most important to their business – starting with creating their own risk registers from the legal universe provided and isolating relevant acts and legislation that apply to their organisation. From there, the sophisticated GRC software will help identify areas that could potentially impact the business – and can be scaled up as the business changes.
For more information, contact LexisNexis South Africa, +27 31 268 3284, www.lexisnexis.co.za/governance-risk-and-compliance/grc-system