CadencyDirect® by Trintech on the Now Platform® Enables Integrated and Enforced GRC Risk Management of Traditionally Siloed Risk Controls
Governance, Risk and Compliance (GRC) has evolved to become much more than discrete financial risk management and auditor satisfaction. The last decade has seen organizations across the globe redefine what GRC means for their sustainability and future growth. The ability to leverage risk intelligent tracking and data analysis in real-time makes an organization agile and responsive in lieu of the mature, but discrete and period-focused avenues of GRC management.
This “real-time” approach to a risk management strategy and overall Governance, Risk and Compliance was noted in Deloitte’s recently published predictions for the future of finance. But executing this type of extensible approach means that GRC must become an integrated process at the enterprise level, which includes an investment and commitment to GRC technology, and the corresponding infrastructure to support this vision.
While many organizations are trying to get on board with this new approach, there is a lagging indicator of true usability.
An industry benchmark report from Cambridge’s Judge Business School indicates that half of the researched organizations have enabled Governance, Risk and Compliance technology solutions, but only 25% are using it to actually process large quantities of data or organize complex information. Why the disparity?
The findings of a recent report conducted by VirtueSpark and Risk-!n provide the obvious answer. Those findings clarified that only one-third of the polled customers had GRC technology that offered an integrated platform. The practice of integrated GRC is a critical component to the vision of process standardization, automation, and unification that benefits not just the enterprise, but the holistic financial close process in terms of maturity and long-term success.
But what does this kind of integrated GRC, which includes near-real-time access to financial close controls, look like?
Implement a Risk Management Strategy with an Integrated GRC Process
Let’s say that accounting and the Office of Finance perform their normal close activities and discover a SOX control test has failed, and they immediately note the issue.
In a truly integrated GRC and financial close system, the InfoSec team would be immediately and systematically notified of the issue in order to review and resolve, with all associated risk parameters and details communicated automatically.
Meanwhile, the same integrated communication and automation processes feed into real-time dashboards that notify governance personnel of the situation and take any appropriate risk oversight, such as making comments and adjusting task status as needed. The ability for GRC to not only have visibility and awareness, but also be part of issue resolution is critical.
But discrete issue identification and control — while critical to successful risk management — is a lagging indicator. Leading indicators managed by an integrated GRC system use both human and systematic analysis to identify risk concerns before they manifest into serious problems. This requires a solution that gives GRC real-time oversight into overall financial close operations as they occur.
CadencyDirect from Trintech and ServiceNow for GRC Risk Management
Enterprise workflow systems connected to the Office of Finance can assist in automating this particular Governance, Risk and Compliance process, but the fact is that merely automating the process isn’t enough. GRC needs to see overall activity to identify and manage disproportionate close tasks that are overdue, close tasks (or period activities) that have been re-opened after prior closure, and spikes in created close issues. All of which is data that has traditionally been siloed behind the walls of the Office of Finance.
CadencyDirect® by Trintech (available on the ServiceNow® platform) leverages the power of ServiceNow® to break down the silo walls and extend financial close data and processes to the broader enterprise — giving GRC a truly integrated solution that enables these challenging processes.
Using automated, data-driven workflows on the Now Platform®, the financial close and reconciliation processes can create immediate notification and task activities outside of the Office of Finance, based on created, completed, late, or re-opened close tasks or close issues. Any of these automated workflows can be configured for the organization’s specific needs to integrate to IT, InfoSec, FP&A, Consolidation, Legal, Procurement — or to GRC, directly.
But through it all, regardless of task assignment and issue resolution, GRC gains continuous, real-time oversight through Record to Report Dashboard views in the CadencyDirect native app in ServiceNow® to highlight Financial Close progress and increase visibility across the enterprise. Additionally, Financial Close controls and indicators can be configured to be a part of ServiceNow’s native GRC Dashboard, which not only consolidates risk management views from all areas of the enterprise, but can dictate GRC-specific activities and resolutions.
As the only native Built on Now™ app for the financial close, CadencyDirect enables ServiceNow® customers to leverage the same process management capabilities they’ve come to trust in for workflows, extended to a truly integrated risk management solution.
Director of Product Management for CadencyDirect