Governance, Risk & Compliance (GRC) Status Quo and Software Use: Results from A Survey Among Large Enterprises

The focus on governance, risk and compliance (GRC) is steadily increasing as companies are facing increased risk and a growing number of legal, regulatory and other compliance requirements. Enterprises start to emphasise the integration and automation of GRC activities in order to efficiently manage them. This research evaluates how integrated GRC and GRC software are perceived and applied in large enterprises. Through a survey among large enterprises several key findings are derived. Even though integrated GRC is deemed useful and integration efforts are ongoing, many companies are unsure about the importance of an integrated approach. Half of organisations have deployed integrated GRC software that helps leverage the benefits of GRC. Solutions developed in-house are more often used than standard solutions. Participants are unsatisfied with their current reporting solutions. The authors recommend actions for research to follow up on each of the findings.