To save time, money, or both, many of us have the tendency to re-purpose tools and processes for something they weren’t originally intended for.

Depending on the circumstances, this approach sometimes works …

Take, for example, a client who uses a system called Jira designed for facilitating IT help requests. With a few tweaks, this client was able to re-purpose this system for work requests for other (non-IT) departments in the company. Of course, there is nothing wrong with being creative with tools like this – provided it gets the job done in an effective and ethical way.

But oftentimes, this sort of “re-purposing” can be like trying to make a square peg fit into a round hole, therefore leading to wasted time and resources.

One area where this is especially prevalent is with ERM software, which as I explain in this buyer’s guide, can be one of the most difficult challenges of establishing a mature risk management process.

Many systems you’ll encounter, including many big names, label themselves as “GRC” software, which is short-hand for Governance, Risk, and Compliance. These companies often claim their systems are able to handle all of these needs well, but as David Vose explains:

GRC tools are sold as ticking all the boxes of G, R, and C – they do everything, much like the Amphicar 770 ticked the boxes for both a boat and a car – as long as you didn’t have a practical need for either.”

To further illustrate, one of my son’s favorite books, If I Built a Caris about a boy who dreams about building a car with a hot food bar, a robot driver, a sofa, and even a pool! This car even goes under water and up in the air!

Now we understand the moral of the story is to encourage kids to dream big, and while lounging in a pool during a road trip sounds incredibly awesome, could you seriously imagine such a vehicle in real life?

Software systems labeled as “GRC” fall into a similar trap…Read more:

Leave a Reply

Your email address will not be published. Required fields are marked *