This report helps enterprises chart out their action plan for developing a robust governance, risk, and compliance (GRC) program by identifying potential service providers. It begins with a summary of key trends and challenges shaping the risk and compliance space. We continue with a detailed assessment of 20 leading risk and compliance service providers. Each profile provides an overview of the service provider, its solutions for risk and compliance, and a list of representative clients and partnerships, along with brief client case studies. Each profile concludes with analyst insights on the provider’s practice maturity, partner ecosystem, and investments and innovations.

Why read this RadarView?

There is increased pressure on enterprise leaders to ensure transparency and alignment between third-party vendors, regulatory compliance, and internal compliance controls, as well as the use of security frameworks and tools to address the complex regulatory and privacy landscape. It is necessary to conduct periodic enterprise assessments to identify and remediate gaps to achieve compliance.

The Risk and Compliance Services 2022 RadarView highlights key GRC market trends and Avasant’s viewpoint on them. It aids companies in identifying top service providers to assist them in adopting GRC solutions. It also offers an analysis of each service provider’s capabilities in technology and delivery support, enabling organizations to identify the right strategic partners for GRC.

Featured providers

This RadarView includes an analysis of the following digital service providers in the risk and compliance space: Accenture, AT&T Cybersecurity, Atos, BAE Systems, Capgemini, CGI, Cognizant, DXC, HCL, Kyndryl, Infosys, LTI, Lumen Technologies, Mphasis, TCS, Tech Mahindra, Telefónica Tech, Verizon, Wipro, and Zensar.

Methodology

The industry insights and recommendations presented are based on our ongoing interactions with senior executives, vendors, subject matter experts, and Avasant Fellows, along with lessons learned from consulting engagements.

Our evaluation of service providers is based on primary input from the providers, focused briefings, public disclosures, and our ongoing market interactions. The assessment is across the three dimensions of practice maturity, partner ecosystem, and investments and innovation, leading to our recognition of those service providers that have brought the most value to the market over the past 12 months.

About the report (Page 3)

Executive summary (Pages 4–7)

- Defining risk and compliance
- Key enterprise risk and compliance trends shaping the market
- Avasant recognizes 20 top-tier providers supporting enterprise risk and compliance

A rapidly evolving landscape (Pages 8–14)

- Key drivers for GRC adoption
- Enterprises are implementing GRC services to gain advantages
- Service providers are taking various initiatives to act as a catalyst for enterprise adoption of new use cases
- Highly regulated industries such as financial services and manufacturing are leading the GRC adoption trend
- A surge in the adoption of risk and compliance services in banking and financial services industries is further driven by regulatory technology firms (RegTechs)
- GRC service and platform providers are integrating environmental, social, and governance (ESG) parameters

RadarView overview (Pages 15–20)

- Methodology and coverage
- Interpretation of classification
- RadarView assessment

Service provider profiles (Pages 21–61)

- Detailed profiles for Accenture, AT&T Cybersecurity, Atos, BAE Systems, Capgemini, CGI, Cognizant, DXC, HCL, Kyndryl, Infosys, LTI, Lumen Technologies, Mphasis, TCS, Tech Mahindra, Telefónica Tech, Verizon, Wipro, and Zensar.

Key contacts (Page 62)

Read the Research Byte based on this report.