What Does Agile GRC Mean?

Before we discuss what agile GRC means, we need to first look at what it means to be agile and what it means for an organisation to be agile.


What does it mean to be agile?

The agile approach originated in the software development industry, and essentially emphasised collaborative product delivery over everything else.

As the ideas enshrined in the agile approach gained ground, it began to dawn on organisational thinkers that the agile approach represented more than a new project management methodology; more fundamentally it represented an alternate organisational paradigm – that is, a new lens of what an organisation is.

This alternative organisational paradigm is discussed in more detail in our new ebook titled Agile GRC available to download.

How can a GRC function in an organisation be agile?

To this we should answer, how can it not!

Things are moving faster all around us. Agile thinking encompasses the idea of “clock speed” i.e. the pace at which an organisation, as an entire system, is able to move, react, adapt and so forth. It’s estimated that today’s average large organisation requires a clock speed 3-5 times faster than the equivalent organisation a decade ago.

Change is the single greatest governance, risk and compliance (GRC) business challenge today…

-Michael Rasmussen, a highly regarded GRC thinker

Michael Rasmussen continues, “organisations often fail to monitor and manage access controls efficiently and effectively in an environment that demands agility.” It’s a reality that GRC practitioners are facing a continuous barrage of SAP access complexity, as well as regulatory and business change. Rasmussen says “Often, existing SAP access risk tools are dated, cumbersome, too costly to own and maintain, and lack the ease-of-use and intuitiveness that the business needs to understand SAP access risk and related processes.”

The point is clear: A more agile approach is required in the face of accelerating change, it cannot be “business as usual” for GRC practitioners.

Agile GRC

How can GRC practitioners get this right then?

Getting GRC right in an agile environment depends on having;

  • the right mindset,
  • the right approach,
  • the right framework,
  • and the right tools.

Download our Agile GRC ebook for a detailed explanation as we look at each of these four points in turn.

Soterion can help your organisation

Soterion has reimagined GRC from the ground up to offer an unparalleled GRC solution to organisations running SAP. It’s popular features combine with an award-winning user experience, delivering a solution that’s quick to install, easy to learn and S/4HANA ready.

Experience a better way of managing GRC, today.

You may find this interesting