Advertise on ITWeb         Sat, 26 Sep, 05:26:11 AM

Six challenges of governance, risk management, compliance

Corporate governance, risk management, and regulatory compliance (GRC) are no longer the exclusive province of Sarbanes-Oxley. Powerful market forces - globalisation, increased mergers and acquisition activity, heightened regulatory scrutiny, tight operational budgets, and escalating environmental concerns - are all pushing your company to develop and implement a comprehensive GRC initiative to protect itself, while remaining agile and competitive.

Successful GRC initiatives demand an integrated and enterprise-wide view of risk and compliance. As a result, your business requires access to all its data, regardless of where it resides and the form it takes.

It must be available to users and applications when, where, and however needed. And your business needs to be confident that its data is available, complete, accurate, consistent, auditable, and secure.


* Limited visibility and transparency. Your enterprise data is located in different systems and unconventional formats and unstructured files, such as PDFs and PowerPoint presentations. You need to increase visibility into and transparency of GRC activities across the enterprise, but you lack a comprehensive, cross-enterprise view of GRC-relevant information.

* Questionable data quality. You need to base GRC activities on reliable, high-quality data. But you're unable to identify data quality issues that affect GRC-related reports. Fixing data quality errors, such as those caused by human error, database corruption, and system consolidations from past mergers and an acquisition is a cumbersome and time-consuming process.

* Lack of operational efficiency. Effective GRC initiatives require accurate, up-to-the-minute data. Information delays can cause significant financial losses. You need a technology infrastructure to support real-time data access and delivery.

* High costs of producing timely and trusted data. The processes of accessing, discovering, classifying, cleansing, integrating, and delivering timely, trustworthy data to the business to fuel GRC activities can be expensive to develop and maintain. Many IT organisations use hand-coding, which is inefficient and slow. As a result, the cost of managing data to support GRC activities is high.

* Escalating infrastructure and maintenance costs. Longer data retention policies force corporations to keep information for longer periods of time. As a result, the investment required to store the information extends beyond just the cost of storage and more powerful servers. Maintenance procedures on application databases take longer and consume more time and resources for normal day-to-day support. Organisations need to control escalating infrastructure costs while retaining information long enough to meet retention requirements.

* Risk of unauthorised access to sensitive data. Security measures for production systems may not extend to copies used for test and development purposes. Global outsourcing models further expose sensitive corporate information to developers outside the firewall. As data privacy and risk of unauthorised access increases, companies must take measures to mask and protect confidential data while minimising the impact to development processes.

You need solutions to help you leverage trustworthy data to increase visibility into and transparency of your GRC activities. The core of GRC, much the same as any business initiative, is data and its management. If companies cannot integrate, understand and trust their data, then GRC, like any other business initiative, will fail.

Editorial contacts

Informatica South Africa
Paul van Aswegen
(+27) 11 462 9676
This e-mail address is being protected from spambots, you need JavaScript enabled to view it

Predictive Communications
Jeanné Golding
(+27) 11 452 2923
This e-mail address is being protected from spambots, you need JavaScript enabled to view it


Our comments policy does not allow anonymous postings. Read the policy here




Sponsors Message