How much should you be paying your compliance officers ?

September 16, 2019

Rolling-out any new technology in an enterprise is rarely straightforward and can be met with eyerolls and shrugs by employees that are used to doing things in a certain way and using certain tools and solutions to do it. The rise of the cloud and Software as a Service (SaaS) over the past decade has made tech roll-outs much easier than they used to be, when in the days of purely on-premise software and technology any roll-out was a lengthy and often arduous process.

But even with SaaS so prevalent in business now, new roll-outs can still be problematic. This applies as much to GRC software solution roll-outs as it does to marketing automation and your GRC employees will be keen for it all to be as painless as possible. How can you go about this and what’s the secret to a successful GRC software solution roll-out?

The importance of the right GRC tool

The right GRC tool is one of the most business-critical technologies in 2019. There is so much pressure to be compliant, to mitigate risk and to demonstrate that an organisation is governed correctly, that GRC software solution selection is a major decision for any organisation.

It needs to be agile, flexible and meet all of that organisation’sspecific needs but to realise the full benefits from that selection, a smooth roll-out is imperative. If things go wrong during this initial period it sets the tone for the entirely of the use of that technology. Here are our tips for successful roll-out of GRC software.

Choose the right GRC solution

this seems obvious but it isalso highly pertinent as not every GRC tool will be right for every user. We have created a guide tochoosing GRC software solutions already – very handy given the number of GRC software vendors on the market – but the process should include full demoes and run throughs and as many trials with your own data and existing systems as you need to make the right decision.

Be flexible about delivery

both the cloud and on-premise deployment have their benefits, but it’s true that on a general level using cloud delivery is a more flexible option. Oxial provides two GRC solutions – the sGRC Express and sGRC Suite– both of which have an extensive range of features of enormous value to any GRC team, but also provide the flexibility of choice between cloud and on-premise delivery.

Be specific about what you want to achieve

when roll-out is about to begin, the client needs to be clear about it’s key objectives and to identify what success will look like. Oxial benchmarkseach new client’s risk management methodology with market best practices in the market to ensure the implementation of our GRC tool completely suits the needs of that client.

Involve your users as early as possible

people in most lines of work are change resistant.They use certain tools for the job and they grow comfortable with those and getting them to change can be a major undertaking. That’s certainly true for governance, compliance and risk professionals working in a GRC sector that has until fairly recently been slower to embrace innovative technologies than other business functions.

There has been a reliance on tools such as Microsoft Excel, which are not fit for purpose given the complexity and variety of modern compliance requirements and risk mitigation. But people use Excel for many day-to-day tasks and are very familiar with it. Rolling-out a new GRC tool can therefore be especially challenging, so users must be involved as early as possible. Invite them to participate in trials, explain why you want to change tools and what benefits will come from that change, both to the organisation overall but also to those users and their day-to-day activities.

Give them all the required training

even when users have been involved in testing and trials of the new GRC software solution, they will still need help and guidance when they actually start using it on an every-day basis. The GRC software vendor you are working with should provide any and all training required to get the maximum value from it.

Oxial’s sGRC solutions for example, are very user-friendly and intuitive to use but we still offer full training for anyone in an organisation that requires it. The training is based on the organisation’s own specific use cases to ensure the training is practical and has real-life benefit.

Keep dialogue open with your vendor

traditional GRC methods often require clients to set up their own digital platform independently. This is a flawed approach and clients should maintain an on-going dialogue with he GRC software vendor they have chosen. This is something in which Oxial really excels. We work in close collaboration with all of our clients, involving our consulting partners too, to ensure that the client getsall that it needs from their new GRC tool on an on-going basis.

If you are interested in a new GRC software solution and feel that a smooth implementation and roll-out is important, please get in touch with us here and we can discuss your organization’s specific GRC requirements.