Companies spend millions of dollars annually on various forms of regulatory compliance, be it government, industry or even self-imposed internal compliance. Compliance can range from occupational health and safety through to internal branding compliance within franchises. As new legislation is continually introduced, repealed or reformed the costs of conforming are increasing and management can sometimes spend more time focusing on compliance than real business outcomes.
This GRC environment - Governance, Risk and Compliance - isn't only about the internal policies that are critical to GRC success, but also the tools that are used to communicate, manage and report it. Reducing the degree by which this albeit important function interferes with more general productivity has become a holy grail for the private and public sectors alike.
While technology has greatly improved the ability of organisations to meet GRC challenges in recent years, it can still be an expensive and arduous proposition for IT departments. Much of the problem is that when it comes to these issues, the most crucial information is unstructured rather than structured and therefore difficult to expose and track. Far from being nicely filed within well-managed databases, the data most pertinent to GRC resides either in email or in Word or Excel documents often poorly filed on local drives. Exposing what has been said, to whom and when - or what processes have been complied with and when - by searching through hundreds of emails or other files can be a tedious and unproductive chore. Only the most high-end expensive software can automate it to any degree.
With the development of modern Social Business Software Tools however, a whole host of features and functions to enterprise-wide communication have become available that make GRC a far easier realm to manage. Tracking activity around an annual franchise brand audit within an Enterprise Social Network (ESN), for instance, is literally as easy as the click of a few buttons. The result is complete and rich in context. Equally, those tasks required by everyone to comply with such an audit can be far better communicated within an ESN than via email. The user experience is far simpler, increasing the likelihood of acquiescence.
At a more critical level, managing the response to a product recall is where Social Collaboration Software is really delivering impact. For a large retail chain, for example, tracking exactly what tasks have been completed across thousands of stores nationally, or even internationally, is a resource-absorbing quest. It is difficult to ensure the right communications reach all the store managers concerned in a timely fashion; and tracking when instructions have been executed can be hard to report on at scale.
ESNs structure and convey communication so much more effectively than email. By way of case study, on a platform like Mumba Cloud: priority messages such as those relating to such an important project are delivered to store managers right on their mobile in a way that is hard for them to miss and is easy to track. Using our survey tool means that a simple question such as "have all of the recalled products been returned to the warehouse?" can be answered by a simple "yes" or "no" that is tracked instantly in a report. Such an essential question is held on a user's screen until it is answered, meaning avoidance is impossible. At a glance, a live activity report provides visibility as to which stores have complied and which have not. Managing this process manually using email is far more convoluted, prone to human error and time consuming to capture the results.
Right across the GRC landscape, ESN features and functions either already exist or are easy to develop that can make risk mitigation and regulatory compliance far easier, efficient and cost-effective to manage. Through working with our clients, we at Mumba Cloud have seen first hand how Social Software is finally providing the silver bullet to the GRC challenge.