GRC Disruptions Blog Post Header
GRC Disruptions Blog Post Header

Seizing Opportunities During Disruption: Scott Metro & Mark Delgado at Interact 2020

In the introductory session of the risk & compliance stream at Mitratech’s recent Interact user community conference, Scott Metro, Partner at PWC, and Mark Delgado, Managing Director of Mitractech GRC, explored how businesses were adapting their processes and procedures as their staff worked extensively from home.

For many organizations, the COVID-19 pandemic has been an opportunity to shine, as staff and management have readily adapted to the ‘new normal’ to focus on maintaining customer services, despite the many hurdles.

Mark and Scott recognized that this commitment to maintaining services was made possible by adapting and enhancing existing manual processes, often a speed. Applications like spreadsheets and emails have helped to move data, including sensitive PII and corporate data around the business. Mark sensed that while this was effective, it also opened up the business to compliance issues that they were looking to address.

From his conversations with customers, Mark found they were now formalizing these processes and moving to more cost-effective, powerful and robust systems that work equally well at home as in the office.

Remote compliance is key

Scott and Mark saw remote compliance as central to this need. Organizations must demonstrate to management, auditors, stakeholders, and regulators that their policies, procedures, and governance remain firmly enforced, despite the new environment. A significant challenge is the need to monitor multiple changes to policies, procedures, and regulations as they adapt to a changing situation.

They then explored how Mitratech’s PolicyHub solution helps provide a transparent, dynamic, and integrated solution that consolidates all the policy management requirements into a single platform across the enterprise. They both recognized that the two-way communication between policy owners and staff it provided was core to keeping the business and dispersed staff always aligned in a fluid situation.  As Scott observed:

What is important right now? Making sure you have an understanding of what your policies are, what regulations are coming, and get them into a system where you can track them

Alongside the compliance issues, Scott flagged the growth of EUCs – End User Computing applications – as a potentially explosive issue, as people turn to desktop applications to address the significant challenges of working with corporate IT application developers remotely. These applications, which often use Excel spreadsheets or Robotic Process Automation (RPA) tools, are powerful, quick, convenient, but uncontrolled, with the potential to compromise governance and compliance standards across the business. Scott and Mark both recognized the benefit of these Shadow IT environments and how Mitratech’s ClusterSeven solutions help customers provide both flexibility and control to a widely dispersed workforce.

The need for operational resilience

With remote working likely to stay for the foreseeable future, for a range of reasons, Mark and Scott also reviewed the need for operational resilience. Both recognized that this demanded capabilities that span the enterprise, including operations, risk, reporting, disaster recovery, and other business services to provide a holistic perspective of the organization. Scott made the point that this was a classic ‘People, Process, Technology’ issue where a range of capabilities need to be captured and integrated to deliver this much-prized resilience.

Mark made the point that while this touched on the areas traditionally covered by risk and compliance solutions, another essential issue for management, auditors and regulators is vendor risk. While widely recognized, they now expect visibility to be in place for 3rd party, 4th party, and even 5th party relationships.

What is Enterprise Compliance?

It was evident from Mark and Scott’s conversation that organizations they’ve worked with have transitioned from the initial turmoil of earlier this year and are now firmly focussed on a hybrid working environment. These businesses remain committed to maintaining their compliance, as well as customer service.

To learn about the points that Mark and Scott discussed, go here to access videos of their Interact session and others.  

Watch Every Day of Interact 2020 On Demand

View each recorded session, featuring legal, risk & compliance pundits, for free!