Business Agility and Resilience Drive Demand for Risk and Compliance Services

April, 2021

COVID-19 has emphasized the need for regulatory compliance, internal compliance controls, and the use of security frameworks and tools. Meanwhile, the regulatory environment is increasingly complex, particularly for multinational companies, as they struggle to comply with sometimes conflicting regulations across regions. Risks have changed with a growing cloud environment and increasingly diverse IT service portfolio. The need for a strong governance, risk, and compliance (GRC) partner has grown.

These emerging trends are covered in our Risk and Compliance Services 2020-2021 RadarView™ report. The report is a comprehensive study of the industry-wide adoption of risk and compliance services. It includes the essential drivers, geographic landscape, key challenges, and a close look at the leaders, innovators, disruptors, and challengers in this market.

Avasant evaluated 30 providers across three dimensions: practice maturity, partnership ecosystem, and investments and innovation. Of those 30 providers, we recognize 20 as having brought the most value to the market during the past 12 months.

The report recognizes service providers in four categories:

    • Leaders: Accenture, HCL, IBM, TCS, and Wipro
    • Innovators: Atos, Cognizant, DXC, Infosys, and Telefonica Tech
    • Disruptors: AT&T Cybersecurity, Capgemini, LTI, Mphasis, and Tech Mahindra
    • Challengers: CGI, Fujitsu, Lumen Technologies, Trustwave, and Verizon

Figure 1 from the full report illustrates these categories:

 

Mark Gaffney, a Director with Avasant, congratulated the winners noting, “As enterprises accelerate cloud adoption, business leaders need to apply security control and compliance measures based on industry standards. Moreover, it calls for a cloud services evaluation process based on all aspects of a company’s GRC requirements and policies.”

Some of the findings from the full report include the following:

  1. All businesses need a robust GRC program.
    • In a stringent and ever-evolving regulatory environment, enterprises are increasingly looking towards tools and platforms-based solutions to solve their GRC requirements. Increased migration to cloud and a lack of consistency and transparency among disparate business units are some other drivers.
    • The GRC landscape gets further complicated in global organizations, which operate across multiple borders with additive policies and controls.
  2. Regulations such as GDPR, CCPA, and HIPAA affect all industries.
    • Highly regulated industries such as banking, healthcare and life sciences, and manufacturing must adhere to regulations and operate within the policy frameworks.
    • The key factors driving demand for GRC solutions are an increased need to protect consumer data, securing end-to-end processes across enterprises, reducing the cyberattack threat impact, and minimizing the financial impact of regulatory noncompliance.
  3. C-level sponsorship is required to engrain GRC into a company’s culture.
    • Typically, GRC services implementations are championed by the compliance operations team.
    • It is important to secure the supply chain and the cloud environment of global organizations. This would require a thorough third-party risk management evaluation.
  4. Service providers are driving focus on automation and new business models.
    • Service providers continue to invest in automation capabilities to solve business challenges. Solutions include carrying out quality assurance reviews in a shorter timeframe and streamlining and automating IT recovery processes.
    • Many service providers offer Chief Information Security Officer (CISO) support for end-to-end security requirements, from devising a strategy to managing operations and implementation services.

“As the regulatory environment evolves, there is an increased need to adopt GRC tools and platforms that automate risk management processes and provide for risk and compliance reporting. These tools help increase visibility and improve enterprise security posture,” said Avasant’s Associate Research Director, Gaurav Dewan.

The full report also features detailed RadarView profiles of the 20 service providers, along with their solutions, offerings, and experience in assisting enterprises in digital transformation.

This Research Byte is a brief overview of the Risk and Compliance Services 2020-2021 RadarView report (click for pricing).

 

CONTACT US

DISCLAIMER:

Avasant’s research and other publications are based on information from the best available sources and Avasant’s independent assessment and analysis at the time of publication. Avasant takes no responsibility and assumes no liability for any error/omission or the accuracy of information contained in its research publications. Avasant does not endorse any provider, product or service described in its RadarView™ publications or any other research publications that it makes available to its users, and does not advise users to select only those providers recognized in these publications. Avasant disclaims all warranties, expressed or implied, including any warranties of merchantability or fitness for a particular purpose. None of the graphics, descriptions, research, excerpts, samples or any other content provided in the report(s) or any of its research publications may be reprinted, reproduced, redistributed or used for any external commercial purpose without prior permission from Avasant, LLC. All rights are reserved by Avasant, LLC.

Welcome to Avasant

LOGIN

Login to get free content each month and build your personal library at Avasant.com

NEW TO AVASANT?

Click on the button below to Sign Up

Sign Up
Welcome to Avasant
Linkedin-in Twitter Youtube Facebook-f