Demystifying GRC Risk Solutions
The GRC Index is an objective
measure to learn about Risk Technology
Demystifying GRC Risk Solutions
The GRC Index is an objective
measure to learn about Risk Technology
Infusing the Human Element in Risk
The Human Element
The human - machine interaction presents the greatest opportunities, and the biggest threats, to the performance of risk programs. Understanding risk includes an awareness of the internal and external technology workflows including gaps in visibility to the operation of risk programs. Want to learn more?
GRC Index Ethical Standards
Guiding principles
Global Compliance Associates, LLC is the corporate owner of GRC Index, the creation of more than 20 years of experience as a senior risk officer and adviser to large financial services firms. Global Compliance Associates and TheGRCBlueBook were established to provide unbiased research and insights into leading risk management practice using technology. Our reputation as an objective source of practical risk methodology and insights into how humans leverage technology to manage risk is paramount to successful outcomes.
TheGRCBlueBook does not attempt to be all things to all people. Our goal is a simple one:
“Provide objective insight and understanding into the functionality of risk technology platforms.”
This guiding principle requires that the GRC Index not rank firms in its index or pick winners or losers. Our belief is that rankings GRC and RegTech solution providers assumes that all buyers are homogenous in approach and risk profile. The truth is that very simple solutions work equally as well as more sophisticated platforms if the risk profile and needs of a firm are aligned. The challenge is wading through all of the marketing hype and language which promises far more than the actual capability of the GRC risk solutions.
The GRC Index uses publicly available information and 20 years of experience evaluating GRC and RegTech solution providers. Research methods include a variety of approaches inclusive of hands-on experience, surveys, feedback from GRC and RegTech solution providers as well as user-data. Our researchers have the experience to cut through the marketing hype to identify the key functional attributes important to risk professionals. The GRC Index employs risk professionals with decades of experience managing risks and using risk technology to achieve sustainable outcomes.
The GRC Index is created by assigning objective criteria applied consistently across solution providers to allow buyers to make an objective decision about the functional capability of each solution provider. The results of this approach accomplish two key goals:
1. Allows for comparisons and distinctions to be more easily made;
2. Ensures functional risk outcomes are consistently defined by levels of analytical sophistication.
The Index combines these objective criteria with insights into how leading risk practice efficiently operationalizes a solution provider to accomplish specific risk outcomes. The matrices used to create models of solution providers is based on a multidisciplinary approach to risk management. Solution providers are given an opportunity to clarify the measures used in the matrices but are not allowed to determine the final evaluation of the functional capability.
Solution providers will be notified 30 days prior to the publication of new and revised GRC Index publications to clarify the criterion to ensure fairness and objectivity. Solution providers who choose not to participate will be given a disclaimer that the solution provider chose not to update the Index and the results are solely the product of publicly available information and the proprietary analysis of independent risk researchers.
The GRC Index is not intended to be the sole source for making a final decision to choose or not choose a GRC or RegTech solutions provider. The GRC Index may be used to better understand the marketplace of risk technology solutions and to perform due diligence prior to making an informed decision about which vendor is a better fit to address specific risks in each firm.
Conflicts of Interest Disclosures
Conflicts of interest are defined as arrangements where payments are made by solution providers for the use of the GRC Index and brand images in marketing material to promote a vendor’s products or services. Permissions to provide such arrangements are made with an agreement that does not violate the objectivity of the GRC Index nor change the outcomes to benefit one vendor over another. The marketing fees that result from such arrangements are considered payments for use of the GRC Index copyright, brand and images in a vendor’s marketing material, website or marketing collateral.
Consulting Engagements
The GRC Index may be engaged by a technology provider, private equity, and public and private organizations to assist with refining strategic analysis of risk technology, assess and interpret either a market segment or services provided by that company to a specific customer or group of customers. These studies are completed using proprietary assessment tools, methodologies or data-gathering techniques, and include interpretation of the results. These studies are conducted by the Global Compliance Associates’ Risk Advisory Unit.
Global Compliance Associates neither uses nor incorporates the results of individual client-commissioned studies for publication in our subscription research services.
Clients are not allowed to share client-commissioned consulting study results outside of their own organizations. However, studies performed for a government client that is subject to the Freedom of Information Act (FOIA) may be released as required, with restrictions as specified by the FOIA.
All inquiries may be sent to jbone@grc-index.org by fax at 401-205-1855 or phone at 774-991-9142. All correspondence will be answered within 48 hours.
Engage
Risk Surveys
Risk Conferences & Events
Risk Conferences & Events
Contribute to risk research and insights into advancements in risk management practice.
Risk Conferences & Events
Risk Conferences & Events
Risk Conferences & Events
New conference events will be posted here monthly. Our media sponsors include Opal Financial Group and marcus evans the premier financial services conferences in the world.
Trends in Risk
Risk Conferences & Events
Perform GRC Due Diligence
Follow trends in Enterprise Risk Management, Cybersecurity, GRC applications, Machine Learning and much much more!
Perform GRC Due Diligence
Perform GRC Due Diligence
Perform GRC Due Diligence
Have you had enough of the hype surrounding GRC solutions? Confused about what these products do and how they work? Pick up your FREE GRC Functional Capability Matrix.
Letters from the Editor
Perform GRC Due Diligence
Letters from the Editor
The Letter from the Editor section highlights topics relevant to risk pros across disciplines. We want to discuss topics top of mind and provide insights that help you navigate the noise in risk management solutions providers. The topics will tackle a broad range of subjects on risk.
Give us feedback
Perform GRC Due Diligence
Letters from the Editor
Have questions about the GRC Index or just want to learn more and speak with a representative? Contact, message or call us someone will get back to you right away!