LogicGate Report shows 59% of organizations
using a single centralized GRC solution strongly agree they can
effectively manage risk–– compared to just 15% of
organizations using two
CHICAGO, May 21, 2024
/PRNewswire/ -- LogicGate, the holistic GRC experts delivering
leading GRC solutions for cyber, governance, risk, and compliance
leaders, today unveiled the results of its 2024 GRC Strategies,
Teams and Outcomes Report, conducted by independent third-party
firm Osterman Research. The research revealed that one in three
organizations surveyed are not currently able to proactively
identify, assess, and mitigate risk with their GRC program, nor are
they able to ensure compliance with regulations and
frameworks––both key aspects of a mature, holistic GRC program.
This leaves considerable room for growth as organizations
continue to recognize that centralized GRC practices lead
to positive business outcomes.
"Security, risk, and compliance needs look different for every
organization depending on their industry and applicable
regulations, among other factors," said Matt Kunkel, LogicGate co-founder and CEO.
"However, our research identified a common factor across optimal
GRC programs: utilizing a single, comprehensive GRC solution to
uphold program objectives that support the organization's core
business goals and desired outcomes. By using a holistic approach
to streamline GRC, organizations can better mitigate risk and
deliver heightened business value."
Key findings from the report include:
- GRC is a team sport, but a unified GRC platform is a
significant advantage: The majority of GRC programs are
supported by multiple teams, requiring close collaboration across
functions. For example, while 81% of Risk Management groups claim
sole responsibility for the risk management area of a GRC program,
40% of Cybersecurity teams and 37% of Compliance teams play vital
supporting roles to maximize the success of risk management
activity. In addition, the report found that as the number of GRC
software solutions being used by an organization increases, the
efficacy of those solutions at proactively managing risk declines
(59% of organizations using just one GRC solution strongly agreed
that their software is effective at proactively managing risk,
whereas only 15% of organizations using two GRC solutions had the
same sentiment). It also found that leveraging one comprehensive
GRC tool is more cost-effective, as organizations using two or more
solutions spend 21% more to run their GRC program compared to those
using a single solution.
- GRC spending varies widely between industries: The
amount organizations spend on GRC varies between industries and
organizational sizes, with the largest organizations spending the
least due to their ability to achieve economies of scale. Looking
at significant industry differences, financial services
organizations spend a median of 1.13% of total annual revenue on
GRC, while healthcare spends just 0.41%. This is somewhat
surprising, as recent data indicates that the average cost of a
healthcare breach is $10.93 million –
far and away the highest of any industry, with finance a distant
second at $5.90 million. Both
healthcare and finance are subject to stringent regulations, but
financial services organizations spend almost three times as much
on GRC as their counterparts in healthcare.
- Cybersecurity risk and geopolitical risk top the list:
Cybersecurity risk, geopolitical risk, and social and reputational
risk claim the three top spots for most impactful risks and market
trends expected to impact the ability of organizations to meet
their strategic business objectives over the next 12 months.
However, supply chain risk, a significant issue during the pandemic
and its aftermath, appears to be stabilizing as the economy
continues to recover. Artificial intelligence (AI) is the element
with the greatest unknown and unquantified risk and may have a
significant unforeseen impact. While this information does not come
as a surprise, it will be important to track how these rankings
evolve as AI becomes increasingly accessible and regulators
continue to explore ways to govern its impact and use.
- GRC investment is largely focused on people and
software: Hiring and retaining talent is by far the largest
expense related to GRC, claiming 46% of GRC budget allocation. GRC
software tools come in second at 18%, with organizations investing
in solutions to drive their programs, align teams, and automate
manual GRC processes. Additionally, 80% of organizations are either
keeping the same budget allocation or increasing it over the next
12 months. The largest increases will again be seen in investments
in the workforce and GRC software, with a combined net average
increase of 5% and 4% respectively.
LogicGate's 2024 GRC Strategies, Teams and Outcomes Report
stems from a survey of 350 respondents in risk management,
cybersecurity, and compliance leadership roles at organizations
with at least 1,000 employees. Respondents came from four countries
(United States, Canada, United
Kingdom, and Ireland) and
from across four industries (Financial Services; Healthcare;
Retail; and Technology, Software, and Media).
To learn more about the increasing importance of holistic GRC in
proactively managing risk and compliance processes, access the full
report.
About LogicGate
LogicGate® is a global, market-leading SaaS company empowering
customers to effectively manage and scale their cyber risk and
control, third-party risk management, compliance controls,
enterprise risk, and operational resilience programs. Recognized by
The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q4
2023 report as one of four leading global GRC platforms, Risk
Cloud®, is built with usability in mind, including a no-code
interface and graph-database management making the technology
flexible, agile and scalable to support various levels of GRC
maturity and bolster business outcomes. With an unwavering
commitment to fostering business resilience in dynamic landscapes,
LogicGate empowers customers to quantify risk, strengthen their
security posture, and have visibility into information to create
strategic advantages and support business objectives. Learn more
about our solutions by visiting www.logicgate.com and/or join us on
LinkedIn.
View original content to download
multimedia:https://www.prnewswire.com/news-releases/new-research-highlights-growing-need-for-holistic-grc-33-of-organizations-cannot-proactively-manage-risk-302150587.html
SOURCE LogicGate