際際滷

際際滷Share a Scribd company logo

Forrester Webinar: Building a Compelling Business Case for Boosting your GRC Program

Download as PPTX, PDF
NAVEX Global
NAVEX Global

This document discusses building a business case for boosting a governance, risk, and compliance (GRC) program. It provides metrics and frameworks for demonstrating the value of GRC programs and automation through increased efficiency, risk reduction, and enhanced performance. Senior executives are more likely to support GRC programs if they are presented with customized, high-level reporting that addresses risk assessments, trends, and other relevant issues and shows how the program improves the bottom line. Effective business cases focus on benefits like flexibility, cost savings, and better decision-making based on risk intelligence. Regular reporting is needed to continue building support over time.

1 of 33
Downloaded 10 times
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Building a Compelling Business Case for Boosting Your GRC Program Data, insights and tools to help you build or grow your programand better protect your organization
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com P R E S E N T E D B Y Vice President, Advisory Services NAVEX Global Chris McClean Vice President, Research Director Forrester Research Randy Stephens
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Agenda Is Your Program Stuck in Neutral? A Framework for Demonstrating the Value of GRC Measuring the value of automation Fundamentals Next generation metrics Engage Senior Executives With Effective Reporting Q&A
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Its not in the budget Its not a priority We dont want to grow a cost center Our [CEO/CFO/Board] doesnt see the value We dont need more people who say no That scenario is unlikely / thats not a risk we need to spend resources mitigating Use the chat function to share other reasons your efforts to build, grow or expand your GRC program get shut down. Pop Quiz: Which of These Have You Heard About Your GRC Program
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Until you can make a credible, compelling business case for GRC, your program could be stuck in neutral. Today well share tips for creating a persuasive business case, including: Metrics Tools Best practices If These Are Your Issues, You Need a Compelling Business Case for GRC
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Well help you build a framework you can use to get the support you need from the senior executives you need to partner with to make your program effective and successful. In this presentation, well share: Metrics that make the case for technology and automation Fundamentals you need to be measuring, tracking and reporting on Data and concepts to take your program to the next levelcreating better connections to top business concerns Talk So Senior Executives Can Hear
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com New Ways To Show The Value Of Compliance Chris McClean, Vice President & Research Director
Can you explain the value of your program?
息 2016 Forrester Research, Inc. Reproduction Prohibited 9 Program success metric categories User adoption: Number of active users by Line of Defense Number of times needed to re-instruct users User satisfaction: User acceptance Can our employees perform their basic roles within the program and find their information? Coverage of program Number of business areas managing work on the system Usage of data for business decisions on everyday basis in all the units
Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
What does your company care about?
息 2016 Forrester Research, Inc. Reproduction Prohibited 18 Business Leaders Care About Risk
息 2016 Forrester Research, Inc. Reproduction Prohibited 19 Customer Experience Changes Priorities
息 2016 Forrester Research, Inc. Reproduction Prohibited 20 Customer-focus Increases Risk Concern
息 2016 Forrester Research, Inc. Reproduction Prohibited 21 Reputation Factors Raise Risk Criticality
息 2016 Forrester Research, Inc. Reproduction Prohibited 22 Resilient Brands Keep Promises
息 2016 Forrester Research, Inc. Reproduction Prohibited 23 Other success metrics to consider Customer loyalty: Word-of-mouth Loyalty after risk events Customer satisfaction: Survey scores Alignment to values Revenue support: New business opportunities RFP question coverage
Key Takeaways Reputational risk is a growing area of concern, which creates opportunities to connect ethics and compliance to business value. Justify compliance efforts with improvements in efficiency, risk reduction, and improved performance. Add program success metrics to track how well your technology and processes are rolling out.
Thank you forrester.com Chris McClean cmcclean@forrester.com
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com 1) Are we going to wait for a crisis to do something? Crisis could be a fine, lawsuit, negative press coverage and/or reputation damage that will take years to recover from. (Do we want to be the nextVolkswagen, FIFA, etc.) 2) Are we missing an opportunity to add significant value? More and more studies show that better GRC practices and a strong organizational culture, characterized by ethical behavior from top to bottom, creates improved bottom-line performance. 3) Are we losing a competitive advantage by not investing in GRC? Ability to attract and retain top talent increases, and turnover decreases in the most ethical companies. 4) Are we enjoying short-term gains while setting ourselves up for unacceptable levels of long-term risk? Profits may look good now. But if regulators came in, would we be able to defendand documentour decision-making processes related to compliance? 5) Are we taking the right risksand enough risks? Strong GRC helps you take the right risks in the right way, rather than taking blind leaps. Tool: 5 Disruptive Questions to Tackle Skepticism About the Value of GRC Head On
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Senior execs and board members expect to see customized, high-level data and information presented thoughtfully. 1) Create a compelling, professional format & structure 2) Deliver reports at the right frequency 3) Include (only!) the most crucial, relevant content 4) Address risk assessment, emerging trends and current events of interest 5) Elevate senior executive & board engagement Engage Senior Executives & Avoid Common Mistakes in Reporting
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Own it. When something works, celebrate it. When something doesnt, be transparent and make improvements. Make it part of who you are. Drive awareness and participation, showcase efficiencies and performance improvements Commit and follow through. Set targets and stay focused on your goals. Emphasize benefits. Business flexibility, efficiency gains, improved employee retention, cost reductions. Report and prove. Regular and smart reporting as you improve & grow will help you build on your success. Checklist: Executing on the Business Case
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Id Like to Talk with a NAVEX Global Solutions Expert About [check all that apply] Getting additional metrics and benchmarks that help me build the business case for GRC program development Making sure my compliance program meets legal and regulatory requirements Tools that help me automate, measure and report on the value of critical components of my compliance program Partnering with an experienced GRC strategic advisor to help strengthen my program Goal setting, scoping and defining resource requirements for an effective GRC program at my organization
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com NAVEX Globals Comprehensive Ecosystem Regardless of your programs place on the ethics and compliance continuum, we can help.
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com NAVEX Globals Resource Center has free resources you can put to work in your program today, including: Benchmarking Reports. Leverage our data to demonstrate where major components of your programhotline, training, policy management, third party risk management and moreare performing against industry norms. http://bit.ly/1Layo5P By the Numbers: Making the Business Case for Employee Compliance Training. Legal and reputational risks of employee misconduct are massive. Get the data on how effective compliance training helps. http://bit.ly/1V7Tgvt Definitive Guide to Policy Management: Understand how to make all activities related to policy management more efficient and effective http://bit.ly/1NtzPHn NAVEX Globals Blog, Ethics & Compliance Matters: Our expert authors help you stay up to date on the latest trends in E&C. www.navexglobal.com/blog Additional Tools
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Questions?
息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Thank You! Randy Stephens Vice President, Advisory Services NAVEX Global rstephens@navexglobal.com Chris McClean Vice President, Research Director Forrester Research cmcclean@forrester.com

More Related Content

Forrester Webinar: Building a Compelling Business Case for Boosting your GRC Program

  • 1. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Building a Compelling Business Case for Boosting Your GRC Program Data, insights and tools to help you build or grow your programand better protect your organization
  • 2. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com P R E S E N T E D B Y Vice President, Advisory Services NAVEX Global Chris McClean Vice President, Research Director Forrester Research Randy Stephens
  • 3. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Agenda Is Your Program Stuck in Neutral? A Framework for Demonstrating the Value of GRC Measuring the value of automation Fundamentals Next generation metrics Engage Senior Executives With Effective Reporting Q&A
  • 4. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Its not in the budget Its not a priority We dont want to grow a cost center Our [CEO/CFO/Board] doesnt see the value We dont need more people who say no That scenario is unlikely / thats not a risk we need to spend resources mitigating Use the chat function to share other reasons your efforts to build, grow or expand your GRC program get shut down. Pop Quiz: Which of These Have You Heard About Your GRC Program
  • 5. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Until you can make a credible, compelling business case for GRC, your program could be stuck in neutral. Today well share tips for creating a persuasive business case, including: Metrics Tools Best practices If These Are Your Issues, You Need a Compelling Business Case for GRC
  • 6. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Well help you build a framework you can use to get the support you need from the senior executives you need to partner with to make your program effective and successful. In this presentation, well share: Metrics that make the case for technology and automation Fundamentals you need to be measuring, tracking and reporting on Data and concepts to take your program to the next levelcreating better connections to top business concerns Talk So Senior Executives Can Hear
  • 7. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com New Ways To Show The Value Of Compliance Chris McClean, Vice President & Research Director
  • 8. Can you explain the value of your program?
  • 9. 息 2016 Forrester Research, Inc. Reproduction Prohibited 9 Program success metric categories User adoption: Number of active users by Line of Defense Number of times needed to re-instruct users User satisfaction: User acceptance Can our employees perform their basic roles within the program and find their information? Coverage of program Number of business areas managing work on the system Usage of data for business decisions on everyday basis in all the units
  • 10. Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
  • 11. Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
  • 12. Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
  • 13. Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
  • 14. Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
  • 15. Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
  • 16. Compliance platform success metrics CATEGORY BENEFITS METRICS Efficiency Reduced costs of risk assessments and aggregation Speed of policy development, approval, distribution Improved speed/cost of risk reporting Improved speed/cost/coverage of audits Staff-hours saved per process Payroll savings from delay or avoidance of staff increase Reduction in costs for internal and external audits. Risk reduction Reduction in incidents, near misses, loss events Reduction in regulatory fines, actions, law suits, etc. Reduction in time to discover control gaps, violations Reduction in audit/assessment findings Reduced number and cost of incidents Reduced number/size of fines Reduced cost of capital Reduced insurance premiums Enhanced performance Use of risk info in management/exec decisions Improved decision making when risk is considered Risk intelligence coverage Risk management process coverage Improved reputation among stakeholders (partners, regulators, customers, etc.) Reduction in reactionary costs Frequency of risk data used in business decisions Improvement in financial or operational metrics
  • 17. What does your company care about?
  • 18. 息 2016 Forrester Research, Inc. Reproduction Prohibited 18 Business Leaders Care About Risk
  • 19. 息 2016 Forrester Research, Inc. Reproduction Prohibited 19 Customer Experience Changes Priorities
  • 20. 息 2016 Forrester Research, Inc. Reproduction Prohibited 20 Customer-focus Increases Risk Concern
  • 21. 息 2016 Forrester Research, Inc. Reproduction Prohibited 21 Reputation Factors Raise Risk Criticality
  • 22. 息 2016 Forrester Research, Inc. Reproduction Prohibited 22 Resilient Brands Keep Promises
  • 23. 息 2016 Forrester Research, Inc. Reproduction Prohibited 23 Other success metrics to consider Customer loyalty: Word-of-mouth Loyalty after risk events Customer satisfaction: Survey scores Alignment to values Revenue support: New business opportunities RFP question coverage
  • 24. Key Takeaways Reputational risk is a growing area of concern, which creates opportunities to connect ethics and compliance to business value. Justify compliance efforts with improvements in efficiency, risk reduction, and improved performance. Add program success metrics to track how well your technology and processes are rolling out.
  • 26. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com 1) Are we going to wait for a crisis to do something? Crisis could be a fine, lawsuit, negative press coverage and/or reputation damage that will take years to recover from. (Do we want to be the nextVolkswagen, FIFA, etc.) 2) Are we missing an opportunity to add significant value? More and more studies show that better GRC practices and a strong organizational culture, characterized by ethical behavior from top to bottom, creates improved bottom-line performance. 3) Are we losing a competitive advantage by not investing in GRC? Ability to attract and retain top talent increases, and turnover decreases in the most ethical companies. 4) Are we enjoying short-term gains while setting ourselves up for unacceptable levels of long-term risk? Profits may look good now. But if regulators came in, would we be able to defendand documentour decision-making processes related to compliance? 5) Are we taking the right risksand enough risks? Strong GRC helps you take the right risks in the right way, rather than taking blind leaps. Tool: 5 Disruptive Questions to Tackle Skepticism About the Value of GRC Head On
  • 27. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Senior execs and board members expect to see customized, high-level data and information presented thoughtfully. 1) Create a compelling, professional format & structure 2) Deliver reports at the right frequency 3) Include (only!) the most crucial, relevant content 4) Address risk assessment, emerging trends and current events of interest 5) Elevate senior executive & board engagement Engage Senior Executives & Avoid Common Mistakes in Reporting
  • 28. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Own it. When something works, celebrate it. When something doesnt, be transparent and make improvements. Make it part of who you are. Drive awareness and participation, showcase efficiencies and performance improvements Commit and follow through. Set targets and stay focused on your goals. Emphasize benefits. Business flexibility, efficiency gains, improved employee retention, cost reductions. Report and prove. Regular and smart reporting as you improve & grow will help you build on your success. Checklist: Executing on the Business Case
  • 29. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Id Like to Talk with a NAVEX Global Solutions Expert About [check all that apply] Getting additional metrics and benchmarks that help me build the business case for GRC program development Making sure my compliance program meets legal and regulatory requirements Tools that help me automate, measure and report on the value of critical components of my compliance program Partnering with an experienced GRC strategic advisor to help strengthen my program Goal setting, scoping and defining resource requirements for an effective GRC program at my organization
  • 30. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com NAVEX Globals Comprehensive Ecosystem Regardless of your programs place on the ethics and compliance continuum, we can help.
  • 31. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com NAVEX Globals Resource Center has free resources you can put to work in your program today, including: Benchmarking Reports. Leverage our data to demonstrate where major components of your programhotline, training, policy management, third party risk management and moreare performing against industry norms. http://bit.ly/1Layo5P By the Numbers: Making the Business Case for Employee Compliance Training. Legal and reputational risks of employee misconduct are massive. Get the data on how effective compliance training helps. http://bit.ly/1V7Tgvt Definitive Guide to Policy Management: Understand how to make all activities related to policy management more efficient and effective http://bit.ly/1NtzPHn NAVEX Globals Blog, Ethics & Compliance Matters: Our expert authors help you stay up to date on the latest trends in E&C. www.navexglobal.com/blog Additional Tools
  • 32. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Questions?
  • 33. 息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com息 2015 NAVEX Global, Inc. All Rights Reserved. www.navexglobal.com Thank You! Randy Stephens Vice President, Advisory Services NAVEX Global rstephens@navexglobal.com Chris McClean Vice President, Research Director Forrester Research cmcclean@forrester.com

Editor's Notes

  • #6: If those responses are true for you, todays presentation should help. Today, well walk you step by step through some data, tools and best practices help you make the business case for a building a stronger GRC program.
  • #9: http://www.publicdomainpictures.net/view-image.php?image=50657&picture=balanced-rocks-3
  • #18: http://www.publicdomainpictures.net/view-image.php?image=18362&picture=piles-of-money
  • #25: http://www.publicdomainpictures.net/view-image.php?image=1394&picture=notepad
  • #30: Were going to talk about some additional tools we want to provide you for making the business case. But first, briefly, we wanted to give you the chance to raise a hand to have a further conversation with us. Check one or more of these boxes and well be happy to get in touch. Or you can message us through the console as well. But let me just read through these.
  • #31: NAVEX Global provides the right solution to meet todays evolving ethics and compliance challenges, and we are always working toward improving on our offerings to support you. You may have heard about our recent acquisition of The Network. That acquisition has helped us strengthen our overall product offering, and add to the level of innovation were able to add to our Ecosystem. Key Points Our Software: Industry-leading solutions that standalone to meet immediate ethics and compliance needs, but also integrated to ensure that critical components of your ethics and compliance program management are connected. This includes our incident management, policy management and enterprise due diligence software. Our Content: Innovative approaches to communicating with todays workers through training content thats ideal for a professional audience. Feedback from clients includes words like: engaging, relevant, great production value, highly customizable and global orientation. Our courses are vetted by some of the worlds leading workplace compliance law firms and exclusively endorsed by SHRM which helps to ensure legal defensibility. This also extends to providing ethics and compliance content to help manage your program codes of conduct and policy writing services to our internal awareness materials that will make your employees more aware of your commitment to a culture of Ethics and Compliance. Our Services: Advisory Services: We are home to the industrys foremost group of compliance experts most of whom are former in-house ethics and compliance officers or former DOJ prosecutors who assist organizations of all sizes with their ethics and compliance responsibilities from program evaluations or, as mentioned, policy and code writing services. Their work and experience also helps to shape our own software solutions through their unique knowledge and work with clients.
  • #33: MB to start