Four-fifths of managers responsible for Governance Risk
& Compliance (GRC), GRC believe that too much ‘noise’ or
‘overkill’ on the need to be compliant and risk free is threatening
attitudes to compliance within their own
organisations.
This is the key
finding of
a survey by European GRC Technology company Achiever Business
Solutions (ABS) who also found that the recent and intense
hype and debate around compliance and risk related issues, coupled
with a burgeoning numbers of standards is, in some cases, leading
to complacency and discontent at an operational level.
One worrying
aspect revealed was that negative attitudes to compliance and risk
were now becoming established in workplace cultures, particularly
amongst operational management.
Even though less
than 10 % of those surveyed felt that they had detected a ‘wait
until we get caught’ attitude, 63% felt that a ‘no-one will notice
or check’ culture was becoming prevalent amongst some elements of
operational management. Organisations that did not have
a
company wide GRC policy or a centralised compliance or risk
management function were most likely to have such attitudes.
In all, just over
three-quarters of respondents felt that negative attitudes to
compliance issues and risk, could rebound significantly on their
organisations later.
A total of 86%
felt that the most effective solution lay in deploying
enterprise-wide GRC systems run from a central GRC department.
This, it was felt, would remove the burden of compliance and risk
avoidance from operational management or support them more in
meeting those compliance targets that were essential.
Related articles
Sound
security: four elements of a successful strategy
Storage
changes with MiFID
Storage
session downloads: data protection and back-up
track
Build
in compliance to ensure business success