While the general processes and procedures for governance, risk, and compliance (GRC) initiatives are very similar, the complexity and maturity of an individual organization’s GRC initiatives can vary immensely. When GRC buyers choose a product that’s supposed to make their program more efficient and effective, they shouldn’t have to wait months to use it. Legacy GRC serves a purpose, but getting immediate time-to-value is not a common thread among these players.

Customization has long been the enemy of speed in software implementation. Across industries and enterprises—from ERPs to CRMs to ERM-GRC—software companies promise truly customized solutions and send implementation teams to make them happen. But sometimes it takes months or even years to complete the project.

We’ve read through every Gartner and Forrester report, analyzed every review from those using legacy GRC, and spoken to other analyst firms about this subject. This is the consensus: It takes at least 3 months, if not more, to simply implement GRC technology after buying it. This is particularly frustrating because a longer implementation time does not equal more value, especially as technology continues to evolve. The future of GRC (IRM) will involve more rapidly deployed capabilities that bring just as much, or even more, value to users.

When we meet with potential customers, one of the first things they want to know is the implementation timeline. In every interaction we’ve had in the past 12-18 months, we’ve frequently discussed the term “configuration vs. customization,” and administrators of the GRC product have stressed the importance of having flexibility to configure their forms, workflows, users, logic, reports, notifications, dashboards, etc. from front-end interface.

GRC software should be configurable and adaptable to meet an organization’s specific requirements without any coding or programming. This allows fast deployment and speed to value. The customer should also be able to modify the solution to meet the needs of various GRC management functions within an organization

Solutions with “configurable” workflows are predesigned to be adaptable to multiple use cases without customization. A configurable solution offers a closer fit to an organization’s processes without incurring the additional costs and delays of customizing the solution. Ultimately, this helps to speed time-to-value of the investment.

Simple configurability may not be enough to meet your business workflows, which is why it’s important to ask questions about the options within the software you’re reviewing. What does it do out of the box? What configuration choices can you make about how it works?

One small shift in mindset—from customization to configuration—can make all the difference in your success by shaving months off the implementation time for GRC software. If you’re interested in a configurable GRC solution that won’t impede your productivity, set up a demo with me at https://truops.com/free-demo/

Mohit Lal - Principal GRC Specialist

Mohit Lal - Principal GRC Specialist

Mohit Lal has been with TruOps since its inception, and he interacts extensively with TruOps customers. During his time with the company, he’s led all TruOps implementations and given various product demonstrations to potential customers. With more than 11 years of industry experience, Lal uses his unique expertise to build specialized solutions for clients and solve complex GRC-related problems. To continue providing the best service to clients, Lal consistently keeps up with the latest industry trends by reading about the GRC market, competitors, analysts, and predictions.