The True Cost of Using Spreadsheets for GRC Processes

To help fulfil their Governance Risk and Compliance (GRC) obligations – and faced with a lack of suitable functionality within their native ERP systems – many organizations use spreadsheets as a “low cost” solution to help them manage their controls, risk analysis, audit reporting and more.

Whilst many are aware of the limitations and problems of using spreadsheets, they perceive this to be more cost effective than investing in a GRC solution.

But is this use of spreadsheets costing them more than they think?

We’ve always believed that using spreadsheets to store critical or sensitive data isn’t a realistic proposition within a robust GRC strategy; they are notoriously prone to error, difficult to manage in a collaborative environment insecure and impossible to audit – exactly what you DON’T need when you’re trying to manage risk or prove compliance!

By their nature, spreadsheets don’t provide a centralized, secure repository for risk and compliance information – which makes it very difficult to:

Be sure that you have the correct version with current information
Retrieve accurate data to respond to information requests from auditors
Automate tedious, time-consuming risk management processes
Gain accurate insight into risk exposure and historical trends
Respond efficiently to business or regulatory change.

In May 2014 Blue Hill Research published “The Hidden Costs of Spreadsheets in Compliance and Risk Management,” a report which finds that the limitations of using spreadsheets increase organizations’ costs in three main areas:

inefficient compliance and risk processes
impediments to business process execution
increased and unknown risk exposures.

Organizations who implemented GRC applications reported 25-30% time savings in compliance and risk activities, but perhaps more importantly, they also reported improved insight into risk and reduced risk exposure.

This insightful report discusses these issues in more detail and explores how to build a successful business case to justify GRC software investment – you can download it here

You can also find more information about our tools to help you manage JD Edwards EnterpriseOne security more efficiently.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.