The Evolution and Future of GRC with Dan Zitting


 
Dan Zitting is the CEO of Galvanize and is Tom Fox’s guest this week on the Innovation in Compliance Podcast. Dan was the Chief Product Officer of Galvanize before taking up the CEO role. Galvanize is a software company that helps its clients achieve their goals and objectives. Dan and Tom discuss GRC software, the role of GRC professionals, and why data is so important to a company’s operations.
 

 
The Evolving Role of GRC
GRC refers to a company’s governance, risk management, and compliance capabilities in achieving its objectives. The pandemic has proven that GRC is a valued and impactful asset. As a result, the scope and demand for GRC professionals and their services have accelerated. “We had the ability to work through one of the most pervasive risk issues to come along in decades, and it demonstrated the value of risk management and the value of strong governance,” Dan tells Tom. “Our role is to think about how we can demonstrate that same level of value in all of the other areas of risk that were already on the radar.”
 
The Cost of Reputational Risk 
Tom asks Dan to explain why reputational risk may be more costly than a fine. Dan explains that though reputational risks may be harder to quantify, the time it takes to undo the damage done is significant and tends to have a more lasting impact. “A significant loss of talent or employees and having to go rebuild that reputation and re-recruit…are real costs, and they are often much bigger,” Dan says. 
 
Preventing NonCompliant Conduct
Preventing noncompliant conduct is just as important, even more so, than detecting it. “There are two key things,” Dan begins, “[The first being] the very nature of building strong governance programs in and of itself creates prevention.” As culture shifts, what was previously introduced as a detection mechanism becomes a prevention mechanism. In addition, advancement in technology is helping organizations prevent corrupt activities.  Dan gives the example of data analytics and its machine learning model.
 
GRC in The Future
GRC is going to have a much larger and broader impact on the world because it’s a more efficient and impactful way to bring governance into organizations. Dan tells Tom that compliance professionals need to embrace technology more: trying to evaluate governance programs and controls manually is ineffective and time-consuming. 
 
Resources
Dan Zitting | LinkedIn | Twitter 
Galvanize
 

Leave a Reply

Your email address will not be published. Required fields are marked *

What are you looking for?