Posts

As one of the world’s foremost GRC providers, recognised by analysts for the strength of our technology and working with an array of blue-chip customers across a variety of industries and territories, we are obviously major advocates for an efficient and effective GRC function.

Remaining compliant with relevant regulation has become a much more involved process over the past decade or so, while at the same time there is more risk to businesses than at any other point in time. Organisations have to do much more to demonstrate compliance and it can be a significant undertaking that requires time, resource and the right technology platform to get right, while managing and mitigating risk is a long-term and on-going task.

At Oxial we choose our partners very carefully, preferring to only work with companies and consultancies that really add value to our own proposition and technology. One such partner is EY, which fits our supervised and digital compliance model particularly well.

With Oxial’s technology to automate controls and processes around compliance legislation, in conjunction with the vast industry expertise and understanding offered by EY’s consultants, there is a powerful proposition for any organisation that wants to approach compliance in a more joined-up and modern way.

We’ve written previously about how Brexit is the ultimate in risk management. Organisations must fully understand their level of exposure to Brexit – what is their supply chain, who do they trade with and what the likely impact of Brexit will be?

They can either make changes ahead of time to mitigate that risk or at least put in place contingency plans for the future. That’s a hard task right now because of the sheer uncertainty involved with Brexit. Even now, with just over a month or so until Brexit takes place, we do not know what form it will take or even if there will be a deal or not.

We discussed recently the growing importance of Governance, Risk and Compliance (GRC), as organisations look to protect themselves against the multitude of threats faced by organisations in 2019.

We live and work in a world containing more risk than ever before and the penalties for non-compliance and poor governance are also growing and are increasingly being enforced by regulators. So GRC has become one of the most important functions in any business, valued by the board and playing a central role in the strategy of many organisations.

For those firms committed to GRC there is an on-going challenge to ensure that it operates as it should. What should those organizations be doing to optimise their GRC function?

The rise of Governance, Risk and Compliance (GRC) software platforms over the past decade has been remarkable. What were once business disciplines that ticked along independently from the rest of the organisation, are now central to everything and amongst the most important functions in a business.

Staying on top of governance requirements, managing and mitigating risk and ensuring compliance, are all interconnected and taken extremely seriously by the smartest organisations. They all have the foresight to understand the benefits to business and acknowledge the need to invest in the right tools to ensure governance, risk and compliance functions all operate to the best of their ability.

In all of the discussions about GDPR, many people seem to have become overly focused on the new financial penalties for non-compliance. It’s certainly a weighty amount – any organisation failing to achieve compliance with GDPR could face penalties of up to €20m or 4% of annual turnover, whichever is greater.

But how realistic is that, especially for mid-sized firms? I would say it is highly unlikely that any organisation will be hit with such a fine in the first few months at least of the GDPR era. But that’s not to say that there aren’t huge risks out there for non-compliance. What are the real risks of GDPR and how do organisations go about measuring them?

The European Union (EU) General Data Protection Regulation (GDPR) is one of the most talked about directives to emerge over the past few years, and certainly one of the most important changes in data privacy regulation in recent times.

The European Union (EU) General Data Protection Regulation (GDPR) is one of the most talked about directives to emerge over the past few years, and certainly one of the most important changes in data privacy regulation in recent times.