As another new year begins, the Qualsys team have reflected on the events from the past year and shared their predictions for the year ahead.
We've asked members of staff from across the business to tell us what they foresee as potential GRC challenges and opportunities over the next year.
1) Data privacy - top of the business agenda
Kate Armitage, Product Quality Assurance Manager at Qualsys believes first and foremost that data privacy will be squarely on top of the 2018 business agenda:
Data privacy isn't anything new, but when the European Union's General Data Protection Regulation (GDPR) enters into force in May 2018, it will strengthen the rights of individuals to control what data they share.
However, this poses many challenges for businesses who rely on the data to benefit society. For example, modern cars collect vast quantities of data. This data is used for all kinds of things, such as improving the vehicle performance and even making roads safer. Yet in Germany, privacy rules already give ownership of the data to individuals in the default setting, making it hard to get consent. As a result, this makes their roads ever so slightly less safe.
For many businesses, in particular high-tech companies who rely on vast amounts of consumer data, GDPR is a complex and broad regulation which will fundamentally change how their business operates now and long into the future.
2) Brexit turbulence might cause a rise in ISO certifications
Ryan Peplow, one of Qualsys's product testers, thinks Brexit will result in a larger number of UK-based businesses investing in their ISO certifications.
UK businesses who export their products and services will likely invest more in their ISO certifcations. Many of these standards, such as ISO 13485, the medical device standard, harmonise regulatory requirements and help businesses implement a best practice management system. ISO certification may help UK-based businesses stay competitive.
3) Ethics will play a wider role in the business
Mike Pound, Managing Director, says that there will be more pressure on governance, risk and compliance to monitor and manage the ethics of the business.
Governance, risk and compliance is always influenced by changes in society. We must continually be asking what our consumers want and care about.
For example, throughout 2017, sexual harassment and assault allegations have surfaced around many powerful and influential men, and media coverage of these revelations has dominated news cycles. Bill Cosby, Harvey Weinstein and Kevin Spacey are but a few that have been revealed, but there will be more. Throughout 2018, more businesses will be reviewing their processes, and should be investigating any past events that might surface.
4) Leadership will understand the role they play in governance, risk and compliance
Michael Ord, New Business and Marketing Director at Qualsys, believes quality teams are going to get much more involved with key performance metrics in order to engage leadership.
The Global Quality Survey 2017 revealed 67% of leadership teams weren't engaged with governance, risk and compliance.
But these same leadership teams are running successful, busy and high-growth businesses. A weak governance, risk and compliance system will never keep pace with the risks that a high-growth business faces. As the business grows and encounters more challenges, it needs a management system that works.
We're finding more and more GRC professionals are getting better at engaging leadership. They are using our software to monitor key performance indicators such as Net Promoter Score, Customer Lifetime Value, and the Cost of Poor Quality. That is getting the attention of leadership, because they can do something with that information and it speaks their language.
5) Culture of Excellence
Tom Hodgson, New Business Development Manager at Qualsys believes GRC professionals will be doing a lot more in 2018 to encourage employees to take ownership of the governance, risk and compliance management system.
While we have always known that culture will always triumph over compliance, there is a disturbing trend of employees not challenging the information presented by their governance, risk and compliance management systems.
This leads to one-sided views, interpretations and ideas. I think 2018 will be the year where GRC professionals are going to go further to get their employees really stuck in. We're already seeing our software getting more and more attention as employees understand why they need to be challenging documents, processes, and even our software. This makes their business fitter, faster and stronger.
6) Truly integrated GRC solutions
Charlie Munns, Business Development Executive at Qualsys said businesses are going to invest heavily in technology in 2018.
GRC teams are spending a lot of time chasing people for the information they need to do their job well. This data isn't always accurate and it's slow to reach them. Throughout 2018, we're going to see more businesses adopt a real-time integrated approach. We're already seeing more and more businesses connect our software with their existing ERP and Microsoft applications - this is reducing duplication of effort and enabling teams to identify risks and opportunities faster than ever.
What you should do now
Ambitious plans for 2018? We can help you replace tired, outdated legacy systems, engage your employees and achieve a culture of excellence. Browse our GRC solutions here.
Alternatively, if you are looking for inspiration on where to focus your efforts in 2018, read Global Quality Industry trends report here.