66% Of Organisations Are Focused On Internally-Driven Risk Exposures
Despite increasing stakeholder and regulatory pressure to improve governance, risk management and compliance (GRC), organizations are significantly hindered from performing the task effectively. According to the first annual GRC Technology Pulse Survey of 2,200 audit, compliance and risk professionals conducted by ACL, this is due mostly to internal roadblocks. A lack of budget, lack of IT support, and lack of knowledge about new technologies are the top obstacles impeding all lines of corporate defense from preventing fraud, accounting errors, and operational waste.
The top three areas of concern for 2014 indicated by respondents are 1) Internal Fraud and Abuse; 2) Operational Waste; and 3) Regulatory Reform. The Survey also shows that relying on dated, non-integrated GRC technology solutions from a variety of vendors inhibits management of these risks. Survey results shed light on what companies are doing—or not doing—with regard to this issue.
Below are highlights of findings from the survey. (Results infographic available here)
Internal Risks Loom Large
For 2014, 66% of organizations are focused on internally-driven risk exposures, and 27% of respondents are focused on externally-driven risk exposures. The top three GRC concerns for 2014 are: internal fraud and abuse, operational waste, and regulatory reform.
Disparate GRC Platforms Dominate
Nearly 55% of respondents indicated that their GRC platform is comprised of a multitude of different solutions scattered across the organization. Only 15% of organizations are using a single, unified technology platform to manage GRC processes.
Old Tech Increases Risks
Over 49% of respondents indicated that they felt their organization is more at risk by not leveraging newer technologies. Respondents cited the largest barrier to adopting new GRC technology as a lack of funds / budget, and cited the second largest barrier as a lack of IT support.
Only 14% of respondents indicated that they are satisfied with their current GRC platform, with 54% stating they are dissatisfied. More than 29% stated that they would be likely to switch vendors if they could buy a GRC solution that is fully integrated with data analysis / continuous monitoring from a single vendor. Feedback from survey respondents suggests that legacy GRC technology is falling short of user expectations and is ripe for innovation and improved user experience.
Cloud Technology Growing
More than 21% of responding organizations use some form of cloud technology, with the number of organizations planning to implement cloud-based technology for GRC expected to more than double in the next two years. For laggards, lack of knowledge and understanding remains the top barrier to cloud adoption, with nearly half of respondents stating this as their top concern.
“It’s essential that ACL understands the rapidly evolving GRC landscape so that we can continue to deliver transformational products that enable organizations to better mitigate risks while achieving their objectives,” said Ross Paul, VP of Go to Market and IT at ACL. “The fact that stood out in our annual survey centered on internal barriers, especially a lack of both budget and IT support. Our data-driven GRC software platform solves the issues identified by providing a cost-effective, subscription-based cloud solution that removes budget barriers and eliminates IT burden.”