Overview of Technology for GRC

Overview of Technology for GRC
Collection filed under Information Technology , Integrated GRC

What’s at the core of GRC technology? According to Joe DeVita, Partner & GRC Technology Leader, PwC, successful GRC technology must align, automate and integrate business processes. In this Tech Talk video interview “Overview of Technology for GRC,” Joe provides background and insights into GRC technology. He offers tips on how to get started. And if you’re looking for GRC technology benefits he offers a healthy list with many examples.


V01. Who is Joe DeVita?

Introduction of Joe DeVita: Partner and GRC Technology Leader, PwC


V03. GRC: The Acronym

Governance, Risk, & Compliance: what they are and how they interrelate.


V04. GRC and Principled Performance

The importance of GRC and Principled Performance in creating effective business processes.


V05. Evolution of Risk and Compliance Initiatives

How risk and compliance initiatives, such as audit and tax, evolve over time.


V06. Evolution of Automation and Integration

Keeping up with technology when automating and integrating risk and compliance initiatives into business process cycles.


V07. The Disconnect

The disconnect between risk/compliance initiatives and business processes, and the importance of overcoming it.


V08. Importance of Automation

The importance of reaching a level of automation in which the business process is not impeded by the compliance initiative.


V09. GRC and ERM

Importance of ensuring the entire enterprise is taken care of from a risk and compliance initiative.


V10. How GRC Overlays ERM

How GRC overlays enterprise risk management and the broader compliance initiatives.


V11. IT for GRC

The automation of risk and compliance activities.


V12. Involvement of the Chief Information Officer in ERP and Compliance

The importance of involving the Chief Information Officer and getting feedback from stakeholders when purchasing compliance tools.


V13. Compliance Information: In the Cloud vs. in the Organization

Choosing what compliance information should be kept secured within the organization and what information can be kept in the Cloud.


V14. Importance of Data Analytics

Role of data analytics in detecting issues that can then be resolved.


V15. 'Bring Your Own Devices' and IT Risk

Ensuring data is protected when using personal mobile devices.


V16. 'Bring Your Own Devices' and IT Policy and Process

Understanding the risk and implications of using personal devices opposed to corporate devices.


V17. Origins of GRC Technologies

Where GRC technologies originated and how they evolved.


V18. Evolution of Tools

How tools are expected to evolve, but not necessarily reach a 'one-tool-future.'


V19. Complications of the 'Big Bang' Approach to Automation

History of complications rising through past attempts at automation with the 'big bang' approach and benefits of utilizing a 'controlled burn' approach instead.


V20. The Evolution of GRC Technologies

The evolution and consolidation of GRC technologies in the future.


V21. Where to Start?

Choosing a starting point based on risk or the easiest place to begin to automate and integrate.


V22. Automation in IT Risk

IT risk as a key area in which automation fits.


V23. Integrating Multiple Tools

Integrating tools so they can compliment each other.


V24. Niche Applications

How niche applications feed up into enterprise tools.


V25. Cost of GRC Implementation

Costs of GRC implementation through the 'controlled burn' approach.


V26. ROI Initiatives and Automation

Looking at the benefits of automation from an ROI perspective.


V27. The GRC Bandwagon

Why companies are jumping on the 'GRC bandwagon.'


V28. Best Case in GRC World

How different organizations have a different 'best case' and how that means there will never be a 'one-size-fits-all' in the GRC world.


V29. Pressures to Consolidate and Integrate

Organizations rethinking how to consolidate expense and integrate the initiatives.


V30. Forced vs. Natural Evolution

Benefits of attaining success and showing the value of initiatives to get people on board rather than putting pressure on others to integrate.


V31. 'Tone at the Top'

Getting people involved by reaching out to the executives and keeping them informed about the initiatives.


V32. Asking the Right Questions

The importance of asking the right questions early on to best prevent and manage crises.


V33. Status Reports and Tools for Informed Decision-Making

The importance of status reports and the role of tools in the informed perspective for making decisions.


V34. Who Should Lead the Effort?

The governance model and the role of the executives and governance committee.


V35. Key Stakeholders

Key stakeholders at the various levels of an organization.


V36. The Most Critical Part of Implementation

The importance of setting up the governance model correctly in order to sustain the GRC platform.


V37. At the Board Level

What is seen at the board level in the evolution of the audit committee.


V38. The Role of the Chief Audit Executive

Questions to ask the Chief Audit Executive and the importance of their role as the first, second, and third line of defense.


V39. The Chief Audit Executive as the Third Line of Defense

How to strengthen the Chief Audit Executive's role as the third line of defense.


V40. How the Chief Audit Executive Works and What They Test Against

How the Chief Audit Executive is working, what they are going to be testing against, and how this is unique from organization to organization.


V41. The Role of the Chief Financial Officer

The role of the Chief Financial Officer and the importance of the their involvement.


42. The Compliance and Risk Cycles and the Budget

The Chief Financial Officer and how they align compliance and risk with the budgeting process.


V43. Role of the Chief Risk Officer

The role of the Chief Risk Officer and how it varies by industry.


V44. Role of the Chief Compliance Officer

The role of the Chief Compliance Officer and the factors that influence it.


V45. Compliance as Cost

The role of assessing vendor risk and compliance information in managing compliance costs.


V46. Aligning Business Processes with Risk and Compliance Initiatives

The importance of aligning business processes with risk and compliance initiatives in order to ensure greater effectiveness of the compliance process and evolution of business cycles.


V47. Technology in the Office of the General Counsel

What is seen from the Office of the General Counsel regarding a technology and how it is used.


V48. Role of the Chief Information Officer

The role of the Chief Information Officer and their involvement in integration and automation of initiatives.


V49. Open Source Technologies

Open source technologies and when they can and cannot be used.


V50. Open Source Technologies in Risk and Compliance

Things to consider before using open source technologies.


V51. OCEG Ahead of Its Time

OCEG and where it is at with the vision and the structure.


V52. Where OCEG Fits

OCEG as one of the precursors.


V53. How to Implement a GRC Technology Tool

Creating the necessary structure and process flows.