While spreadsheets are a widely-accepted go-to for compliance and risk management activities, findings from Blue Hill Research present a number of considerations for the limitations they pose. Most of these issues are related to challenges supporting multi-stakeholder activities, manual processes, and difficulty in scaling and adapting to meet expansions in stakeholders, regulatory complexity, and changing business needs.
Blue Hill Research’s whitepaper identifies spreadsheet alternatives, particularly software-based governance, risk and compliance (GRC) solutions. While investing in software can initially seem like a costlier alternative to spreadsheets, Blue Hill explains that as organizations encounter increasingly complex and changing regulatory and business environments, the limitations posed by spreadsheets begin to generate costs in the form of the productivity of compliance and risk staff and risk exposures.
The report’s author, Principal Analyst David Houlihan, also noted the following feedback from the study’s participants, which included senior compliance and risk function owners: “Overall, research participants reported that while the implementation of GRC entails the additional expenses of software investment, its corresponding reduction in the costs generated by spreadsheet-based processes provided significant improvement in enterprise value.”
In conclusion, the Blue Hill Research report tracked comparisons of participants’ experiences both prior to and after GRC implementation with the following findings: (1) reductions in report generation time from a matter of days to hours, (2) increases in reporting frequency from monthly or quarterly to weekly, (3) 25% to 30% reductions in time required to execute compliance and risk activities, and (4) “near real-time” awareness of risk and compliance performance.
Click here to download “The Impact of GRC in Spreadsheet-Driven Compliance and Risk Management Environments.”
The post The Hidden Costs of Spreadsheets in Compliance and Risk Management appeared first on Risk Management Blog.