How GRC sustainability can help support cost efficiency
Sustainability and resilience are about how an organization designs and carries out strategies that can be adaptable to help address long-term global trends, crises, threats, changing regulations or customer needs. As the requirements for success change, so can the enterprise.
In this current pandemic many organizations should ask business continuity questions about capacity, bandwidth and critical functions. For example, do the existing network bandwidth, VPN capacity, laptops and IP addressing for remote access solutions support the additional load? If a full complement of remote services are unavailable, what partial services are available? Who will handle customer, third party, business partner, vendor and supplier communications about the crisis – and what should those communications look like? Have all outsourced critical functions been identified, and how are they impacted by the current situation? How effective is the resiliency planning of service providers and third party vendors?
As we’ve seen, many banks and financial institutions desire specific insights into what comes next. If an event occurs that interrupts the normal operations of a business, a business continuity plan should be in place. For governance, risk and compliance professionals, which tactics, tools or solutions today can offer the flexibility, cost-efficiency and sustainability to help manage known and unknown risks to come?
Potential to cut costs, increase efficiencies and stem losses
A classic resilience and sustainability tactic should include adopting GRC (Governance, Risk and Compliance) technology that can help support overall cost savings. The idea is to potentially cut expenses while increasing efficiencies and stemming losses. As threats and regulatory requirements grow so can the related expenses, fees and penalties. A key approach to consider is to shift risk and regulatory compliance processes to agile platforms that use analytics, AI and machine learning and to tools that are codeless and quick-start enabled.
For instance, agile GRC technologies are those that are designed to adapt to ongoing regulatory changes, but are simple enough to scale up to many users without a lot of training. Things like pre-built options, flexible configurations, integrated questionnaires, automated workflows and drag and drop functionality drive efficiency.
A horizontal view of multiple risk disciplines
Legacy systems typically work in silos, patched into interactions with other systems. Views are vertical and sometimes fragmented; processes may be semi-automated or even manual. As organizations look for an integrated data model and single source of truth for risk and compliance data, we recommend moving away from siloed on-premises solutions and into lower cost models with a cloud and SaaS focus. They can offer fast deployment and greater interoperability. Open standards and cloud-native technologies can provide flexibility, agility, and cost efficiency.
More importantly, the intelligent technologies and flexibility they provide can help create an enterprise-wide view of multiple risk disciplines and reduce data silos. Much like warmth escaping through open windows in the winter, data silos trigger a variety of losses. Situations like data inaccuracy, false negatives and potential fines due to system unavailability or authentication failures can result in irritated customers. Such silos and limited interoperability between systems can potentially result in breaches, loss of market share, fraud losses, non-compliance fines – the list can be long.
Organizations can drive faster, more accurate decisions with an integrated, agile GRC platform. An integrated GRC platform can help automatically monitor regulatory events, manage model inventory and provide model assessments with AI and predictive analytics.
Cost-efficiency and sustainability
IBM has worked with customers through many worldwide events. Business continuity in the face of volatility has always been a primary goal. With these challenges top-of-mind, IBM OpenPages with Watson offers an integrated GRC solution. IBM OpenPages with Watson is designed to enable organizations to meet their business objectives in a world of dynamic of risk and threat.
OpenPages with Watson can help support total cost of ownership reductions and improve risk assessments inside the enterprise. With AI, advanced analytics and automation tools and techniques, it can help organizations meet compliance goals. A secured and scalable GRC platform hosted on the IBM Cloud can help clients reduce IT infrastructure overhead with speed and agility.
Standardization in three key areas
Clients can look for cost savings and risk reduction through standardization in three key areas: Operational efficiency, risk reduction and organizational performance improvement.
Operational efficiency – The OpenPages zero-training interface for the first line of defense can help reduce the inefficiencies of manual rework by enforcing data quality and using AI to assist with classification and association. The availability of in-context guidance for a user task is designed so that first line users have clarity of objective and completion criterion. The task oversight view allows managers to see the current state of tasks and where work can be rebalanced to hit key dates.
Risk reduction – OpenPages has an agile designer environment that can allow new programs to be introduced quickly. Integrated workflow and UX design studios can allow risk managers to collaborate with program technical designers to build out the full user experience for each line of defense. This can help organizations respond to opportunities and threats more quickly.
Collaborations with leading risk and compliance data suppliers such as Thomson Reuters, Wolters Kluwer and Ascent deliver alerts that are triaged and mapped to internal business controls – and which are the most relevant and timely for each user or community of users in your organization. This can mean fewer surprises and more awareness of emerging areas of concern. Furthermore, our focus on business continuity planning and impact analysis, integrated directly with risk areas of vendor management and IT governance, can allow organizations to prepare for business disruptions associated with unforeseen events.
Organizational performance improvement – Organizational performance improvement and risk and performance are two sides of the same coin. When risk is well-managed, organizations can focus on clients, employees, growth, and operational excellence. OpenPages can support transparency aimed to allow organizations to operate in a world of dynamic change.
Was this article helpful? 60 Posted by: 👨 Nancy J. Williams