The components of a GRC Platform

Nov 5, 2019

The most basic GRC components are provided by most of the GRC Vendors with their platforms that can be configured to fit different GRC solutions. Organizations who are looking to implement GRC technology for a specific need will evaluate the functionality and cost of the solution differently when compared to organizations seeking an integrated GRC solution.

The basic functional components of a GRC platform include:

  • Data modeling – Data modeling supports the establishment of a consolidated GRC framework and entity hierarchy within which detailed business records are managed. This core component is used across all GRC platform. The flexibility of the data modeling architecture is essential in integrated GRC deployments.

  • Content management – This component is basically applicable to individual business records. Content management supports authoring, rich-text editing, cross-referencing, tagging, workspace/file collaboration with control of version, change history or edit. This core component is featured in compliance with i.e policy management, contract management, and audit management solution areas.

  • Project management – Project management capabilities are utilized to manage project schedules, activities and work papers related to multiple GRC efforts, most notably audit and case management. These capabilities are very important when it comes to IT project portfolio management and are becoming more useful for the management of regulatory projects.

  • Workflow management – This is component is crucial because it automates responsibility and facilitates enterprise communication, collaboration, notification, accountability and assurance, and review. It is used across all GRC domains.

  • Regulatory change management: This basically incorporates external regulatory feeds from multiple content providers in order to be updated with the latest change in the regulations that take place in this dynamic business world.

Some other components that important for supporting the core architecture are:

• Configuration – Configurability is essential to meeting unique customer requirements related to the data model, data input and visualization, and reporting.

• Data integration – GRC platforms mostly provide seamless integration across third-party systems via a web-based application program interface (API) as well as automated common-data-format (.xml, .csv) uploads.

• Data security – GRC platform vendors typically offer a role-based security architecture that supports enterprise, entity, record and field-level security.

• Contextualization – When there is integration in GRC implementation, the ability to provide different navigation and input screens becomes very important for organizations because they are likely to use a more intuitive platform.

• Performance – The organization must start evaluating architecture performance by establishing performance standards based on the composition of users. Many GRC platforms lack “snappiness” even when not under heavy load. Knowing the vendor’s largest implementation and comparing it with the size of yours will help ensure that the platform meets your load requirements.

Recent Articles
The 5 Stages of Policy Management
What is the Importance of Compliance Technology?
How to Assess Compliance: 6 Steps To Take Today
How different is policy management from procedure management?
5 steps to easy and effective policy communication
75%
reduction in non-compliance penalties using VComply’s integrated solution.
Ready to get Started?

Experience our Award-winning GRC platform!

Drive efficiency and value across your business with VComply’s user-friendly platform.
Product Enquiry
For any product enquiries, get in touch with a product specialist today!
Help Desk
Find your answers in our expansive knowledge base.
Start for Free
Ready to Ditch Spreadsheets Forever?
Since VComply is entirely configurable to match you internal/external policies and controls, we want to ensure you're set up correctly the first time.

Tell us a little about yourself below, so we can have a customer success rep reach out directly to get you onboarded.