ControlPanelGRC HomeAbout ControlPanelGRCGRC Tools and SolutionsCompliance Automation ProductsSOX Compliance ResourcesContact ControlPanelGRC

SymSoft: Second-Generation GRC Tools Will Help Companies Get Healthy in 2010

MONDAY, DECEMBER 14, 2009

MILWAUKEE--(BUSINESS WIRE)--The following opinion editorial is provided by Dan Wilhelms, President and C.E.O. of SymSoft Corporation, makers of ControlPanelGRC.


Sometimes, it takes a painful event for us to do what’s good for us, says Dan Wilhelms, President and C.E.O. of SymSoft. For example, many of us talk about eating better, exercising more and getting healthier. But that’s all it is – until we have a heart attack. After that wake-up call, we’re forced to do things we always knew we should, and after we get past that first painful period of adjustment, we find we’re better for it.



Compliance is the business world’s version of the heart attack. After the accounting scandals of the early 21st Century, enterprises were forced to put in controls over business processes, mostly in the area of Segregation of Duties (SOD), to meet compliance laws. First-generation tools were adequate, like a worn-out treadmill or an old pamphlet on eating healthy. But the process was still painstaking and painful.


Looking ahead to 2010, though, it appears we’re coming out of the painful “adjusting to the new life realities” phase, and moving into the part where enterprises will see real gains in the area of Governance, Risk and Compliance (GRC). Much of this can be attributed to second-generation tools that make GRC more affordable, especially for small and mid-size enterprises. They also embed compliance into business processes, and ultimately help executives do a better job of managing their businesses. Here’s where GRC is headed in 2010:

  • Less C, More G & R – In the rush to meet compliance after Sarbanes-Oxley(SOX), enterprises focused on getting reports done by any means possible. Some adopted painful, manual processes, while others purchased expensive “first generation” software to make compliance happen. Now, though, there has been an epiphany– GRC is really about business process engineering and vice-versa. The best-run enterprises are looking for ways to streamline and automate their approaches. Making GRC a part of the way they do business every day – instead of a special effort on top of the normal course of business – is a part of that. In 2010, they won’t be looking just to comply – they will be looking to second-generation GRC tools to help them run better.
  • Move to Best-of-Breed – Large ERP systems do some things very well, and in other areas they struggle. In 2010, enterprises will be more open to taking a best-of-breed approach to GRC, allowing them to be both more efficient and more nimble.
  • Talking about Second Generation – The first generation GRC software tools were expensive, difficult to implement, and cumbersome to use. Now enterprises are looking to bring costs down – especially in time and personnel, as well as reducing on-going support. Second-generation GRC tools reduce total cost of compliance (TCC) while getting more benefits out of GRC. That also makes GRC more attractive to privately held companies looking to improve business processes as well.
  • Lean Staffing is the New Normal – Enterprises are looking to restructure and automate GRC business processes so one person can realistically do the work that used to require two people in the pre-recession world. This leaner approach is the new normal. They will also need to institute controls to detect and avoid a catastrophe, especially since they won’t have the IT staff to recover from it.
  • Change Management is Mission-critical – Historically, organizations often lobbed changes into Production ERP systems without a lot of governance. Un-approved or under-tested configuration and programming changes often cause outages and errors, especially when teams working in silos don’t realize how their changes impact other operations. In 2010, it will be critical to look at the business as a whole and make sure controls are in place to promote – not restrict – growth. Second-generation GRC tools facilitate the smooth execution of implementing changes into Production ERP systems. This reduces the risk of problems while increasing the speed and precision of implementing change. It also allows organizations to create well-defined business processes and controls, tweak their operations, and give management visibility into what’s happening throughout the enterprise via a very precise dashboard.

Any time there’s a life-changing event, there’s bound to be some pain. But it’s the good kind of pain that can lead to some real, tangible gains. Second-generation GRC tools can help enterprises of any size re-engineer and optimize their business processes while reducing the risks that got them into their current fix in the first place.


And in the end, the organization will continue to reap the benefits longafter the pain of getting there becomes a distant memory.


Dan Wilhelms is President and C.E.O. of SymSoft Corporation, the makers of ControlPanelGRC, professional solutions for compliance automation (www.controlpanelGRC.com).
He can be reached at dwilhelms@sym-corp.com.

Copyright ©2010 SymSoft Corporation. ControlPanelGRC is a product of SymSoft Corporation.