eGRC simplifies compliance, adds real-time insights
Governance, risk and compliance is gaining maturity in South Africa, according to Yousuf Karrim, Governance, Risk and Compliance Lead at Puleng Technologies.
While not all South African organisations have embraced GRC practices, more organisations are being made aware of the need for compliance and are no longer treating it as a tick-box exercise, says Karrim. “It is a maturing field.”
Karrim will be speaking at the ITWeb Governance, Risk & Compliance 2020 conference next week. He will be presenting a high-level talk on ‘Enhancing enterprise assurance through visibility and insights’ that will cover the pitfalls and opportunities of eGRC.
“I’ll be talking delegates through the challenges businesses face in putting governance risk and compliance systems and processes in place and answering some of the key questions, such as: How bringing GRC data onto one platform will serve decision-makers with the information they need, when they need it, as well as how it can help them see the status of their controls–or the risks in their departments– within the organisation,” he explains.
“Previously, all compliance work had to be done manually, meaning critical information wasn’t being centralised or there was no collaboration between the relevant departments. That was one of the issues around compliance, everything was done in silos— the auditors did their own work, the risk department did their own work and this would often lead to contradictions and/or duplicated information.”
With the shift to eGRC, compliance has been simplified, giving practitioners real-time access to reports.
“We are living in a world of immediacy where more things are going digital. GRC is an old discipline; modernising it helps organisations access their data faster, granting increased visibility to those running the organisation.”
Automating compliance processes offers more structured, integrated ways of working with GRC, he adds.
“Companies are paying more attention to compliance, and they’re investing in it to avoid dealing with scandals such as fraud and having to pay fines. It used to be taken lightly, now it’s a business focus.”
ITWeb's annual GRC event will be held on 25 and 26 February at The Forum in Bryanston.