Despite increasing stakeholder and regulatory pressure to improve governance, risk management, and compliance (GRC), organizations are significantly hindered from performing the task effectively.
According to the GRC Technology Pulse Survey 2013 of 2,200 audit, compliance, and risk professionals conducted by ACL, this is due mostly to internal roadblocks. A lack of budget, lack of IT support, and lack of knowledge about new technologies are the top obstacles impeding all lines of corporate defense from preventing fraud, accounting errors, and operational waste.
The top three areas of concern for 2014 indicated by respondents are:
- Internal fraud and abuse
- Operational waste
- Regulatory reform
The survey also shows that relying on dated, non-integrated GRC technology solutions from a variety of vendors inhibits management of these risks. Survey results shed light on what companies are doing – or not doing – with regard to this issue.
Following are highlights of findings from the survey: (Results infographic available here)
- Internal risks loom large. For 2014, 66 percent of organizations are focused on internally driven risk exposures, and 27 percent of respondents are focused on externally driven risk exposures.
- Disparate GRC platforms dominate. Nearly 55 percent of respondents indicated that their GRC platform is comprised of a multitude of different solutions scattered across the organization. Only 15 percent of organizations are using a single, unified technology platform to manage GRC processes.
- Old technology increases risks. Over 49 percent of respondents indicated that they felt their organization is more at risk by not leveraging newer technologies. Respondents cited the greatest barrier to adopting new GRC technology as a lack of funds/budget, and the second greatest barrier as a lack of IT support.
- Dissatisfied customers. Only 14 percent of respondents indicated that they are satisfied with their current GRC platform, with 54 percent stating they are dissatisfied. More than 29 percent stated that they would be likely to switch vendors if they could buy a GRC solution that is fully integrated with data analysis/continuous monitoring from a single vendor. Feedback from survey respondents suggests that legacy GRC technology is falling short of user expectations and is ripe for innovation and improved user experience.
- Cloud technology growing. More than 21 percent of responding organizations use some form of Cloud technology, with the number of organizations planning to implement Cloud-based technology for GRC expected to more than double in the next two years. For laggards, lack of knowledge and understanding remains the top barrier to Cloud adoption, with nearly half of respondents stating this as their top concern.
"It's essential that ACL understands the rapidly evolving GRC landscape so that we can continue to deliver transformational products that enable organizations to better mitigate risks while achieving their objectives", said Ross Paul, VP of Go to Market and IT at ACL. "The fact that stood out in our annual survey centered on internal barriers, especially a lack of both budget and IT support. Our data-driven GRC software platform solves the issues identified by providing a cost-effective, subscription-based Cloud solution that removes budget barriers and eliminates IT burden."
View the GRC Technology Pulse Survey 2013 results.
About the survey:
ACL conducted a comprehensive survey of audit, compliance, and risk professionals. More than 2,200 professionals from all over the world spanning a broad cross-section of management levels completed the survey, which ran from May 14-31, 2013. The survey will be conducted annually.
Source: July 30, 2013, ACL Press Release