The ultimate goal for many GRC professionals is to arrive at a converged GRC program with a supporting technology platform.  We often tell our customers that it is important to take a phased approach when planning an enterprise deployment of a GRC management solution and that they should set expectations and goals for each phase as their risk management program matures.

For instance, implementing an effective and non-disruptive Sarbanes-Oxley initiative can do more than just meet regulatory compliance.  In fact, it can play a key role in moving to a successful GRC initiative.  Eric Krell, a contributing writer to Business Finance magazine who focuses on GRC, wrote in a recent blog that "Sarbanes-Oxley compliance continues to prevent many companies from launching and/or successfully executing broader GRC initiatives that promise greater returns (than "avoiding non-compliance").  

Eric recently interviewed Dun & Bradstreet's CRO Charles Pavlounis who concluded in Eric's blog that ERM success hinges on "getting SOX [compliance] to be something that is not disruptive, that is almost embedded in the core DNA of the company."  To learn more about D&B's ERM program, look for Eric's interview with Charles and the D&B case study in the December issue of Business Finance.

The G-20 met last weekend to discuss the state of the world's economy and coordination of economic policy.  Perhaps the most significant output of the meeting were the pictures of the groups which very clearly illustrated that the world's financial system's major players have expanded beyond the tiny group of 7 countries that made up the initial G7.  These emerging economies, like Brazil and China, made it very clear that the world's financial institutions--like the World Bank and IMF--must be governed more democratically. 

While there was little concrete output, there was a set of actions to be taken to strengthen the world's economy  that highlighted the need for risk management and internal controls.  My favorite bit was the following:


OpenPages is doing this today with some of the worlds largest banks, one of which we will be announcing in the coming weeks.  Stay tuned.

OPUS 2008 - our 5th annual OpenPages User Symposium recently concluded with elevated excitement about improving business performance with OpenPages solutions as well as a renewed emphasis on managing risk given the current market turmoil and downturn.

Hopefully you attended and enjoyed the content-rich agenda with leading keynotes from industry experts as well as a large number of case studies from global organizations deploying enterprise GRC solutions based on OpenPages. In the product direction keynote led by OpenPages’ Gordon Burnes, Pat O’Brien and John Lundgren, a number of thought-provoking and forward looking questions were asked using an OPUS-first innovative electronic name badge by nTag which allowed live voting and results tallying.

We polled the 150+ strategic risk, governance and finance professionals from Fortune 1000 companies in the audience and found some very interesting and telling trends. For instance, while industry experts predict that overall IT spending may be flat or down next year, over 90% reported that investments in GRC technology will increase or at least remain the same in 2009, and 90% of those polled expect new laws and regulations to be introduced next year in an effort “to improve corporate risk management oversight.”

Clearly, the results of this year’s survey highlight the impact of the current financial crisis on enterprise risk management efforts and the role GRC management solutions will play in helping customers mitigate risk while integrating and managing all of their risk management practices.

To view the actual questions and results check out our Flickr page at: http://www.flickr.com/photos/openpages2.
To read the OpenPages announcement, visit the OpenPages News and Events page.