Evaluating In-house Developed GRC Technology: 4 Major Considerations

How to choose between in-house developed solutions and GRC software.

As recently as a few years ago, when executives and management teams discussed how to
manage governance, risk management and compliance (GRC), some of the questions were:

  • Excel spreadsheets seem to be working well for the organization, or aren’t they?
  • Should we use spreadsheets to “automate” compliance and risk management projects?
  • Why spend precious budgets on software when much lower-cost solutions are available?
  • Is it time to go through the trouble of selecting and implementing a GRC platform?

Today the majority of discussions have moved well beyond “if” there is a need for a solution or the pros and cons of spreadsheets to now talking about how to solve GRC challenges with technology. Many executives and managers would like to get more out of their businesses, share verified information, compile one unified version of records, reduce repetitious work cycles across multiple functions, keep up with regulatory requirements better, avoid and manage risks, and document everything appropriately. It is a long list of improvements. 

These business needs and new, more sophisticated technology mean that GRC support discussions now turn to focusing on whether to buy standard software or to build a solution in-house. When organizations consider the needs of the business it may be tempting to think they will be best met when designed and built by the organization itself.

This whitepaper elaborates on the challenges of building GRC technology in-house and takes a critical view of why commercially-available GRC solutions are the preferred choice. 



Visit our pandemic information center, which includes reading materials, podcasts, videos and best-practice guidance around managing business continuity, compliance, workforce safety and health, and enterprise risks amid the coronavirus pandemic.

Learn more about our solutions to manage IT risk & cybersecurity or third-party and vendor risk.

Or, contact us to see how SAI Global has helped organizations like yours.

Previous Flipbook
2020 HIPAA Compliance Benchmark Survey
2020 HIPAA Compliance Benchmark Survey

This report summarizes the findings from the 2020 National HIPAA Compliance Benchmark Survey (HIPAA Survey)...

Next Flipbook
SAI360 for IT Risk
SAI360 for IT Risk

How cyber risks and connected products are transforming competition.

Measuring Recovery at the Velocity of Risk:
Our balanced risk management & business continuity scorecard