Secure-24 is now NTT!

NTT brought the world's best technology companies and emerging innovators together, to deliver sustainable outcomes to your business and the world. Together we are one. Together we do great things.

Learn More
Blog

Compliance

The Case for GRC Tools, Part 3: GRC Implementation and Proving ROI

August 6, 2021

After your business has conducted a GRC tool comparison (as detailed in Part Two of this series), it is crucial that you also prepare for – and effectively implement – your automation solution, so that it performs at its maximum ability. Without the proper solution set-up, your business cannot leverage all the benefits your GRC tool has to offer.

In the final article in this series, we will discuss how to implement your chosen GRC automation solution and how its benefits provide return on investment.

Managing the Adoption and Implementation of an Automated GRC Solution

It’s important to consider any costs and complexities associated with implementing a given GRC solution to address a business problem. As described in Part Two of this series, the savings associated with the new solution must exceed the ongoing costs of coping with the business problem through current, manual methods.

Beyond easily quantifiable software licensing and maintenance costs, other costs associated with implementing a new solution often include incremental IT infrastructure (and associated administration and maintenance costs), solution administrator training, GRC implementation consulting services, end-user training, documentation and ongoing support services.

No small consideration is interleaving the implementation of automated user provisioning and compliance reporting solutions with other competing IT and compliance initiatives. The shorter and more discrete the solution implementation, the better the chance of actually getting the solution approved and implemented.

In the case of NTT’s ControlPanelGRC, no additional infrastructure or associated costs are required. The solution runs within existing client SAP systems as simply additional software functionality. Training and GRC implementation are measured in days, not weeks or months. Generally, ControlPanelGRC can be implemented incrementally, without interruption or retraining required outside the specific functionality being “turned on.”

Because ControlPanelGRC is written in SAP’s programming language, navigating to functionality is similar to any other SAP transactions or Fiori Apps. Generally, end-users pick up navigation with little formal training.

GRC Implementation Results and How to Show ROI

Adopting ControlPanelGRC offers multiple benefits for businesses that will ease the compliance process. Businesses will have:

  • Higher-quality service. Companies are freed up to provide more efficient and effective service – thanks to faster turnaround of user and role requests, visibility into the status of various changes on a self-service basis, fewer trips to the help desk for information, and SAP-based solutions that have fewer applications to navigate.
  • Improved IT team morale and less operational drudgery.Since automation tools like ControlPanelGRC are centrally managed, IT staff doesn’t have to search multiple data sources for information, requiring less manual provisioning. Such automation also means less “death by screenshots”; more streamlined, individual tasks that prove administratively easier (with cleaner processes and fewer interfaces); and fewer routine requests. As a result, internal, technical teams are happier and can be better utilized to restore the balance of operational and project support.
  • Streamlined audit support.This reduces the internal costs associated with supporting compliance by building and extending automated rule books, reducing time spent preparing for audit compliance reporting, providing reliable and automated reports, and eliminating the need for screenshots to support manual reports. Auditors also become more productive with more self-service, as opposed to having internal staff produce reports and answer questions.
  • Technical teams better prepared to drive strategic initiatives.With fewer manual processes and, thus, more time, technical teams have more bandwidth to invest in new, strategic initiatives that more rapidly address GRC concerns and focus on propelling the business.
  • Cost savings. Organizations save time and money by automating compliance and auditing tasks.

Expert Support: Assessment, Tool Comparison and Implementation

Ultimately, GRC automation tools help organizations streamline processes and enable their IT teams to drive innovative and strategic business solutions. Less time is spent on manual tasks, which also reduces overall costs and risks involved.

To learn how ControlPanelGRC can help your company automate audit readiness and improve business performance, request a free risk assessment today.

And for more on GRC automation don’t forget to check out Part One of this series (exploring the costs of manual GRC) and Part Two (examine how to go about choosing a solution).

Scott Goolik is the vice president of SAP security and compliance at the Managed Cloud & Infrastructure Services of NTT.