Governance, Risk, Compliance and Cloud: A Fresh Look at Benefits, Value Proposition
By Nanda Ramanujam, Director of GRC Solutions/PS-North America, MetricStream
Today’s world is undergoing phenomenal and unprecedented change. From political chaos and economic volatility, to great strides in the fields of science and technology, to an increasingly savvy and global workforce. All of this together is pushing the envelope forward, but also requiring us to take a step back to ask some tough questions about how we as individuals, organizations, governments, and societies will continue to meet the needs and demands of future generations.
In the context of the past, present, and future ahead, this notion of cloud computing becomes all the more interesting, and all the more critical for us to include as a key topic in our strategic planning discussions. In short, cloud computing represents a fundamental shift and change in the way technology is delivered and consumed.
For organizations operating in today’s increasingly global, social, hyper-connected, and technologically advanced world, a reliable and robust cloud computing environment will continue to play an increasingly significant role in both promoting efficiency as well as improving their ability to innovate.
By providing on-demand access to applications and resources anywhere, cloud computing offers significant cost savings, operational scalability, and an accelerated time-to-market. All businesses have to be agile in order to be competitive, able to quickly address and respond to their customers, partners and supplier ecosystems, as well as continuously deliver an even better experience, product, or service.
So, why are organizations so quick to adopt the cloud? A few reasons stand out:
- Improves time to market
- Offers scale and increases the capacity to meet a growing demand
- Simplifies the delivery of applications
- Controls and minimizes capital and operating costs
- Eliminates cross functional silos
- Improves customer satisfaction
Public cloud service adoption has become mainstream in most organizations. Meanwhile, many larger organizations see a private cloud in their future. Choosing whether to invest in building an internal cloud infrastructure, or buy from an existing cloud service provider is an important question that must be addressed, and savvy IT leaders must fast become experts and brokers of such dynamic business technology solutions. Despite this question, the fact remains -- opting for cloud solutions, and making the business for doing so, is important.
For organizations evaluating Governance, Risk, and Compliance (GRC) applications, the cloud can provide an organization with significant benefits. Developing a cloud-based GRC program offers many business benefits, such as:
- Offers unmatched scalability, reliability and flexibility
- Achieves economies of scale
- Reduces CAPEX on technology and infrastructure including software licenses
- Lowers the cost of ownership
- Requires less or zero maintenance
- Supports globalization efforts
- Improves visibility into operations
- Promotes continuous availability
The adoption of GRC applications and solutions via SaaS continues to rise, and in large part, is driven by the usage and proliferation of devices -- such as tablets -- within and throughout the organization and extended enterprise.
The cloud enables organizations to develop and run GRC applications with unbounded scalability and ease-of-use, and with rapidly changing and evolving regulations, adopting a cloud strategy makes long-term business sense. Common GRC related activities such as stress testing, inspections, and audits necessitate temporary and periodic increases in the need for collaborative workspace, computing needs, and archiving of business records -- and cloud helps to better address these.
However, it is the opportunity for better risk management and the mitigation of business risk which remains one of the primary investment drivers for cloud-based GRC applications. Listed below are some of the applications where the cloud provides better ROI in the world of GRC:
- Field Audits
- Compliance Monitoring
- Supplier Governance and Vendor Management
- Policy Management and Training, with a focus on Social Engineering
- Incident Management
As cloud computing becomes a strategic way for businesses to cut costs and increase sales, there has been tremendous capital activity in funding cloud based ventures. Estimates posit that the global cloud computing sector will reach revenues of $20 billon by end of year 2016, growing at a pace of over 30 percent yearly. There is an increasing interest and unrivaled commitment from organizations of all sizes to run most of their mission critical apps -- including GRC apps -- in the cloud.
Cloud computing is a new paradigm in IT, and new advancements in technology and industries continue to take the cloud to the next level. Collaboration and open communication amongst enterprises and cloud vendors can help strengthen an organizations governance, risk management, and compliance programs, improve overall decision making, and drive superior business performance.