On May 1st French Caldwell posted a blog titled GRC Will be a Performance Platform in which he references a blueprint that provides a practical approach for identifying the goals of ERM programs in terms of strategic business objectives, and linking that to an underlying GRC architecture that can drive business performance benefits. But isn’t that too limiting?
Performance Management is merely a solution category and doesn’t do GRC platforms justice! When considering how GRC platforms span across Finance, Operations, Legal and IT providing organizations ways to manage risks, demonstrate compliance and ensure governance business performance benefits is only one output and to me only represents how an organization has done historically against business objectives. This is important but not all the benefits that a GRC Platform can and should provide a company.
When organizations use GRC platforms that also includes Big Data Risk Analytics not only will they be able to report on past performance to various levels, domains and to different audiences but they will also be able to predict the future. Future performance, future risks, future efficiencies, and most important future opportunities for success. Big Data risk analytics within a GRC Platform should model out opportunities for growth that drive success within each domain. So I think that GRC platforms will not be performance management but “Success Management Platform”. Might this be a new category?
PS – I would have really enjoyed the panel with Paul Proctor and Network Frontier’s Dorian Cougias. Not only do I find business predictive and risk management conversations interesting I also am equally if not more fascinated by conversations with “the security geeks” of the world as they save our businesses every day. We should all find them fascinating!