The hidden threats of risk, poor governance and non-compliance are in plain sight
The larger a business or organization becomes, the higher its susceptibility to problems caused by issues like internal governance, a poor approach to risk, and the falling-foul of any regulatory strictures that may be in place.
The latter issue is one that plagues many large enterprises, operating as they do across borders and continents, where geographical differences muddy the waters when trying to keep compliant.
To combat the problems of compliance, risk management, and internal governance, many companies have developed departments or programs that monitor performance, look at the broader risk picture and even incorporate activities like corporate responsibility.
It may not be necessary for an enterprise to dedicate an entire department to GRC (governance, risk & compliance), but due to the broad nature of the issues involved, it’s usually thought expeditious to deploy technology to allow oversight of the entire GRC gamut. Not only can software platforms provide an overarching structure for GRC activities and reporting, but they can also prevent the silo-ing of data that may otherwise not be surfaced.
The dangers of not having a firm handle on GRC include:
- No visibility of risk, either caused by the company, or its partners, suppliers, and associated entities.
- High costs of GRC management, plus higher costs accrued at times of crisis.
- Difficulties of assessing risk-adjusted performance, or performance at board level in particular.
- Lack of foresight of potential problems.
The key to effective governance, risk management and maintaining compliance is that the three elements should be addressed together. The problem with this is that so many areas of the organization need to feed into the scope of a GRC project or team. The legal, finance, IT and HR departments all will figure highly, as will the company secretary and the members of the controlling board.
Many of the issues making up GRC have only, in the past, affected large enterprises. However, as governments gradually catch up with the implications of technological developments and produce data-oriented legislation, small businesses, not-for-profits, and even start-ups need to ensure compliance and good governance.
Due to the nature of the strictures and legislative burdens placed on businesses of all sizes, cybersecurity and digital practices right across the business have been highlighted as the areas where most fall foul. While there remains risk from (for instance) misplaced or lost board meeting minutes typed up and printed on paper, the increased reliance on digital media means that internal governance now has a particular focus on technology.
The more sensitive the data, the more risk is involved, and therefore the higher the need for oversight. It’s at the level of the board of directors, company secretary and associated company officers – in short, C-level executives or higher – that a great deal of emphasis should be placed. Ironically it’s that level of personnel in the enterprise where even basic levels of digital hygiene are observed. Ask any lowly IT support technician who the least technologically astute staff are, and it’s invariably those at the very top.
At Tech Wire Asia, we’d like to highlight an end-to-end governance management platform that’s currently in use by over 50 percent of the Fortune 1,000 companies. Diligent‘s secure Governance Cloud solution creates a framework in which board-level activities (including the most risk-laden communications and discussions) can take place safely, securely, and in terms of risk and legislative considerations, safely.
Diligent’s industry-leading data centers protect sensitive boardroom-level data, and in order to ensure local compliance, those repositories are chosen to be as close as possible. Security is paramount, with all data encrypted at its source, and communications from data center to users highly secure.
The cloud basis of the platform means, of course, that directors get access to board materials from anywhere: on phone, tablet, or laptop. Even when there’s no data or cell signal, board members and officers can work offline, with synchronization taking place once connection is re-established.
Diligent is an unusual company in that its levels of customer service, friendliness, support and helpfulness are the highest. That sole aspect of its offerings is not the usual accolade granted to a high-tech company, but one that further differentiates it from its nearest competitors. Support for the platform’s users is available 24/7, at the end of the phone, so any pain-points or queries can be addressed in seconds.
To learn more about Diligent here and see for yourself the facets of this specialist platform that can drive change at the highest level of the organization, click here.
*Some of the companies featured on this editorial are commercial partners of Tech Wire Asia