Despite the importance of governance, risk and compliance (GRC), organizations are not satisfied with their tools to meet regulations, and many are vulnerable to losing business or revenue as a result, according to a new survey conducted by Loudhouse Research for SAP.

The study involved interviews with 1,010 people responsible for GRC in large organizations in the United States, the United Kingdom, Germany, the Netherlands, Brazil, Japan, France, South Africa and the Nordics.

Most companies surveyed recognize the importance of investing in GRC technologies to create competitive advantage and profitability, the survey shows. But nine in 10 organizations are not satisfied that they have adequate GRC technologies and processes in place.

On average, only 46% of GRC data that an organization has access to is effectively captured and used to support strategic goals, and nearly half (48%) of organizations have not reviewed their GRC processes or technologies for at least three years.

“Companies need to act fast to limit exposure to further risk,” Thack Brown, general manager and global head of Line-of-Business Finance at SAP, said in a statement. “The ability to effectively manage risk can help improve profits. Garnering IT support, investing in skilled resources and opening up funds to achieve and maintain a sturdy GRC system are critically important.”

Based on the survey feedback, SAP recommends a five-point plan to improve GRC practices: Make a case for the strategic value of GRC; make a decision about who’s responsible; seek a holistic, future-proof solution; drive cultural change; and act now.

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access