Evaluating In-house Developed GRC Technology: 4 Major Considerations

How to choose between in-house developed solutions and GRC software.

As recently as a few years ago, when executives and management teams discussed how to
manage governance, risk management and compliance (GRC), some of the questions were:

  • Excel spreadsheets seem to be working well for the organization, or aren’t they?
  • Should we use spreadsheets to “automate” compliance and risk management projects?
  • Why spend precious budgets on software when much lower-cost solutions are available?
  • Is it time to go through the trouble of selecting and implementing a GRC platform?

Today the majority of discussions have moved well beyond “if” there is a need for a solution or the pros and cons of spreadsheets to now talking about how to solve GRC challenges with technology. Many executives and managers would like to get more out of their businesses, share verified information, compile one unified version of records, reduce repetitious work cycles across multiple functions, keep up with regulatory requirements better, avoid and manage risks, and document everything appropriately. It is a long list of improvements. 

These business needs and new, more sophisticated technology mean that GRC support discussions now turn to focusing on whether to buy standard software or to build a solution in-house. When organizations consider the needs of the business it may be tempting to think they will be best met when designed and built by the organization itself.

This whitepaper elaborates on the challenges of building GRC technology in-house and takes a critical view of why commercially-available GRC solutions are the preferred choice. 

 

 


Visit our pandemic information center, which includes reading materials, podcasts, videos and best-practice guidance around managing business continuity, compliance, workforce safety and health, and enterprise risks amid the coronavirus pandemic.

Learn more about our solutions to manage IT risk & cybersecurity or third-party and vendor risk.

Or, contact us to see how SAI Global has helped organizations like yours.

Previous Article
Read & React: “How to Build a Company that Actually Values Integrity” by Robert Chesnut in HBR
Read & React: “How to Build a Company that Actually Values Integrity” by Robert Chesnut in HBR

SAI Global's Learning designers, content managers and product designers discuss a Harvard Business Review a...

Next Article
This Compliance Officer Day, We All Deserve Some Headspace
This Compliance Officer Day, We All Deserve Some Headspace

With the fifth annual Compliance Officer Day comes an opportunity to step back, reflect on what a year it h...