In this week's episode of GRC & Me, Megan Phee talks to Charlie Meyer, the Implementation Services Manager at LogicGate, to discover the key ingredients to successfully implementing governance, risk, and compliance (GRC) solutions.
Since working at LogicGate in the customer success team and at IBM where he implemented customer solutions, Charlie has a wealth of experience implementing and supporting GRC solution adoption programs. He is also a qualified risk professional and shared, "I am an OCEG certified risk professional and am always trying to learn as much as I can about governance, risk, and compliance to ensure that I'm providing our customers with the best knowledge that I can be."
Keep End-Users in Mind
When asked about the most important aspect of a GRC implementation, Charlie shared, "First and foremost, when implementing a GRC solution, you need to have end-users in mind."
This critical component can make or break an implementation as the end-users must be comfortable and confident with the solution. Charlie provided an example of Zurich Ireland, a customer who used LogicGate's Risk Cloud platform to help generate reports for their regulator. By implementing a solution that enabled end-users to enter information accurately and promptly, the customer was able to generate the required reports quickly and in a semi-autonomous way. This streamlined the operation time from a couple of days to a virtually automatic process.
According to Charlie, "A key question that customers should be asking when they start implementation is, ‘How easy will this be for my end-users to use?’ Because that really dictates the success of a GRC implementation."
When an end-user is required to work in a software solution for most of their day, it is imperative the solution is enjoyable and facilitates better quality data entry. It also helps if the solution holistically integrates key features such as systematic data capture and subsequent communication. This leads to less effort managing the system and more focus on achieving the task at hand.
Establish a Clear Vision
What are the other key ingredients in achieving a successful GRC implementation?
Charlie reflected on the success Thought Machine experienced in a recent implementation. Charlie explained, "They had a well-defined process. That is key when implementing a GRC solution in that you start from where you want to be."
Having a clear vision of the end goal gave Thought Machine an advantage when it came to implementation. It meant LogicGate could better identify all of the necessary information points and integrate them into a cohesive solution.
While knowing what they wanted was critical, having a dedicated implementation team was just as important. "Another key thing that they were able to do was having a dedicated focus team to the implementation," said Charlie.
Under the leadership of a key stakeholder, Thought Machine could organize the necessary information and communicate it to the LogicGate implementation team via regular team meetings. The team leader had a clear vision of what the solution needed to achieve.
As previously stated, an essential ingredient was to keep the end-users in mind. This was easier for Thought Machine in many ways as the dedicated team also represented the central user community. According to Charlie, "They wanted to make sure that it was actually an application that they could utilize going forward."
Leverage a Holistic Platform
When end-users are moving between spreadsheets, saving data on SharePoint, compiling reports in PowerPoint, and communicating results via email, they are wasting time and resources simply managing the system. Implementing a holistic GRC solution can generate many benefits for an organization. Charlie explains how Intradiem achieved this, "After a few hours of training with our team, they were able to build out, I believe, five applications on their own to automate a lot of the processes and really ensure that they have a holistic GRC program inside a solution."
Automation helps clients better focus their time in areas of higher value, which Charlie explained is one of the most important benefits of a successful GRC implementation. "An end goal for us is to really open up their schedules so they're not following up with different individuals manually via email or generating reports on their own. We would like to automate as much of this as we can for them to make their lives easier."
While the implementation itself is important, offering ongoing support is also a critical element in the relationship. Charlie said, “If the provider is not offering you the support that you need, you may not be able to adopt the new software and your end-users may be struggling with it going forward.”
How LogicGate Can Help
LogicGate provides the Premier Success support solution for its customers, and Charlie described how Beam Suntory benefited from this service. "They worked with our professional services to ensure that they have their NIST cybersecurity framework evaluations created each quarter and assigned to the correct individual and also reports generated for that particular set of assessments."
As an organization grows and develops its GRC program, the solution provider must continue to provide professional support and guidance. Being part of the maturity strategy is something that LogicGate takes very seriously. Charlie said, "It is critical that as you mature in your GRC program, you are offered the support and guidance you need going forward. After the initial implementation, you may want to grow and expand beyond that particular application. We would work with that particular team, in strategic business reviews, in order to ensure that your GRC vision is being met within our platform."
To learn more about LogicGate Risk Cloud and the incredible services and support team, request a demo or visit logicgate.com.