GRC Software Helped Master the New Normal: A User Roundtable
The right GRC software can enable an enterprise to rise to meet the new risks that are presenting in a post-COVID-19 world.
To explore this, three Mitratech clients and partners sat down with Henry Umney, SVP of Commercial at Mitratech at this year’s Interact EMEA conference in a roundtable discussion about The Community That Co-innovates.
They shared multiple insights into how they’ve utilized specific Mitratech solutions to meet many of the challenges that are still present or gathering steam, even after the pandemic.
Diethard Kaiserseder from DK Risk Advisory & Coaching spoke about ClusterSeven, and how it helped insurers who were in a state of ‘intensified supervision’. Bill Vaeth, Vice President: Senior Systems Analyst/Project Manager of Societe Generale, discussed PolicyHub. And Andy Delaney and John Woodhouse, CEO and COO, respectively, of TSG, chatted about DataStore.
Together, they supplied a fascinating dive into how the right products can help alleviate the unique and often unexpected pain points that, if not produced outright by the pandemic, were certainly exacerbated by it.
Just some of what they touched on?
Monitoring EUCs to head off risk
Diethard Kaisersder, who worked primarily with insurance providers, pointed out recent instances where mistakes involving EUCs, whether the result of dereliction or simple human error, created huge potential exposure for companies. In just one of the cases he cited, a file containing a huge amount of personal data, including Social Security numbers, was mistakenly moved into a SharePoint folder that wasn’t secure. The regulatory fine, had the issue not been detected and dealt with, could have been astronomical.
In cases like this, a GRC software solution like ClusterSeven becomes mandatory, as it helps mitigate EUCs and other shadow IT risks that might go undetected until it’s too late to prevent damage.
“How can technology help? ClusterSeven is one of those solutions where a digital approach to a process is absolutely pragmatic and effective at the same time…ClusterSeven with enterprise spreadsheet management obviously makes it so much easier to do change management because every change is recorded, there’s a complete audit trail.”
GRC software enabled agile policysetting
As Bill Vaeth put it, “everything got flipped on its ear” for companies when the pandemic struck. The percentage of people working from home at his financial services firm might have risen close to the 99% mark. There was a need to look at rollouts of different processes and policies that hadn’t warranted examination before, in many cases because they hadn’t even needed to exist. But now, policies needed to be drafted, distributed, and attested to that were suited to a remote workforce.
What policy needed to be in place, for instance, for at-home employees who might be sharing confidential information on a Zoom call, only to have a neighbor or family member walk in? These were the kinds of challenges that needed a quick and agile solution to enable risk managers and HR teams to keep pace with a rapidly pivoting situation.
“The percentage of people working from home probably jumped from fifteen to ninety-five (maybe even ninety-nine) percent…we were able to transition into a work from home environment pretty quickly. What did that mean for PolicyHub? PolicyHub gave us an opportunity to look at rollouts of different processes and focus on different groups which we never really had to before.”
Controlling critical data in the Channel Islands
Andy Delaney and John Woodhouse lead the foremost information services business on the island of Jersey. The island is, they reminded people, the “highly regulated” location of many financial companies, though TSG works with clients in many other locales as well. In their case, the GRC software offering they put to good use is DataStore.
In a digital world with constant and rapid exchanges of data and information, the ability to securely capture, collate, and then ensure the expiry of data and documents in a manner that’s both secure and compliant is vital for financial services firms. “It is no longer simply a case of archiving documents into another system for the long term,” John Woodhouse said.
The ability of DataStore to integrate with other applications also provides high value, as in one case where a leading bank needed to connect its CRM platform so it would be far easier to find and display key customer documents. At the same time, the TSG team was able to readily customize APIs and connectors to ensure security and access limitations were soundly in place for these integrations.
TSG (The Solutions Group) is driven by implementing solutions that deliver risk mitigation, compliance, security and timesaving. By doing so, it enables businesses to increase their productivity, deliver business-wide efficiencies, and provide a positive impact on their bottom line profitability.”
The DataStore platform offers our customers a long-term, centralized, secure repository for all record types. Most clients use the same technology for over 25 years.”
Explore more of what went down at Interact EMEA
This year’s conference was particularly rich with ideas, innovations, and perspectives that had been driven by the pandemic. Our client community and guest speakers did yeoman’s work in sharing them with everyone in attendance.
To see this particular session in full (because there’s a lot of great ground covered), just use the link below to access it or any of the panels and sessions from Interact EMEA 2021.
Watch Every Day of Interact EMEA 2021 On Demand
View every recorded session, featuring legal, risk & compliance pundits, for free!