Skip to content

Reflections on the GRC market: A Fireside Chat with Dr. Heather Buker

Anthony Stevens |

September 12, 2022

Reflections on the GRC market: A Fireside Chat with Dr. Heather Buker


Anthony Stevens, CEO & Co-founder at 6clicks, and Dr. Heather Buker, Chief Technology Officer, had the opportunity to interview each other about the GRC market and its future with some cool secrets revealed. 

According to IDC, worldwide revenues for governance, risk, and compliance (GRC) software experienced healthy growth in 2020, growing at 8.2% year over year. A new forecast from International Data Corporation (IDC) shows global GRC revenues growing from $11.3 billion in 2020 to nearly $15.2 billion in 2025.

While the GRC market has experienced a drastic transformation over the past several years, the COVID-19 pandemic elevated the focus on risk areas and threats to business continuity, cyber security, the environment and sustainability, and more. In addition, the regulatory environment has both expanded and become more stringent, particularly around privacy and cyber security, placing greater pressure on enterprises and their compliance capabilities. Boards are also facing new directives on environmental and social responsibility from investors and consumers that are forcing them to redefine how enterprises approach governance.

In this fireside chat, Anthony Stevens and Heather Buker talk about the GRC market and its future. Watch the recording of this interview below, and look out for secrets revealed on where the team at 6clicks are heading next.

The state of the GRC market right now

According to Heather, the GRC software market is still largely fragmented with 'old school' players dominant largely at the pointy end of the financial services industry and with multinationals across other industries. As yet, there's no player that meets the needs across the value chain, including for advisors and businesses, that's easy to handle, powerful, beautiful and affordable. 

Frustratingly, there are still stories of implementations that take years, are complex and fail to deliver the results expected by organisations. The reason for this is outdated GRC software, dependence on unreliable methods such as spreadsheets and Word documents, and lack of collaborative GRC implementation, to name a few. However, as newer players like 6clicks take hold, this experience for business is expected to change.

During the discussion, Heather shares her point of view on the market that comes from thinking about the pedigree of GRC software providers. Some were founded with a mission to automate audit processes, some much more orientated around compliance and some essentially focused on risk management. The reality is that, for many businesses now, all these areas dovetail into one another, and the external environment is more complex than ever to manage. 

Digital transformation is a major theme for all businesses. In a recent research report, digital transformation is among the top priorities as well as the top challenges for businesses. As the adoption of digital transformation increases, the use of spreadsheets will go down. See how spreadsheets were rendered useless by accounting software? The same fate is in store for spreadsheets used for GRC as modern GRC solutions take over.

The most important lessons about finding GRC software that works for businesses

The challenges for GRC have evolved over time. Unfortunately, the solutions had not kept pace with this evolution, until 6clicks. The lessons that we have learned about simplifying GRC software for businesses have been translated into the solutions we provide as part of the 6clicks platform. 

  • Content is critical: It really helps to have good content in terms of policies, assessments, questionnaires, etc. to help accelerate automation and adoption.  
  • Good user experience: This really trumps everything. A fast, responsive, contemporary platform experience is critical to increasing the usability of the solutions. 
  • People and their inputs: It's important to involve lots of people in the process to make it more comprehensive and inclusive - not just the risk and compliance dude in the corner.
  • Reporting & Analytics: Reporting and analytics are important to process and understand the expanding amount of information and also to share this information internally and externally. 

Experts Guide to GRC Software

The future of GRC software

GRC has a huge market out there - not just for partners and MSPs, but also for enterprises. Businesses need solutions that actually make it easy for them to navigate complex GRC processes. 

While it would be too soon to reveal any details, 6clicks has been working on a game-changing analytics suite this year. It will be a lot more than simple reporting. To be honest, our current in-app reporting capability is not yet where we want it to be.  Engineering teams have been flat out on a major release that will change this and bring us close to our vision. Very simply, the best way we can put it is to imagine a world where risk and compliance are not just easy, but beautiful too. That's our mission now.

The role of artificial intelligence within GRC software

AI has so much to offer when it comes to GRC software. We created Hailey, the AI engine, and it is proof of the power of AI to simplify and revolutionise GRC. Here's how AI is changing the risk and compliance environment.

  • Taking complex, repetitive tasks and getting them to run faster, and with more efficiency and ease.
  • Understanding the similarity between various standards, laws, and regulations, making it easier to navigate multiple standards. 
  • We have just released a capability that understands the gaps associated with a control set against any standard, law or regulation. 
  • Making sense of data is as important as getting the data. AI and predictive analytics can help you query and understand risk and compliance data more effectively. To do this we've used a combination of natural language processing (NLP) and a very smart user interface that allows you to query data in a guided and assisted way. So, for example, you start typing the word 'risk' and then 'rating', and Hailey will suggest that you want to visualize your risks based on risk ratings. 

Game changers for GRC software in 2022

Taking into account the changing needs of the market, 6clicks has updates in store that are true game-changers for GRC software. 

  • The 6clicks platform, with its Hub & Spoke architecture is designed to increase productivity for advisors, which will in turn result in better outcomes for their customers. Everybody wins. 
  • For the first time ever, 6clicks LiveDocs (yes that's our name for it!) will help risk and compliance professionals tell a story, include a narrative, and present risk and compliance data that's never been possible before. We reckon this mashup of document collaboration, real-time access to data and a story or presentation format makes access to risk and compliance data and insights easier to understand than ever.

And there's more!

Next, we are going to bring all of the functionality and features of 6clicks to mobile with a release of a new mobile app for risk and compliance analytics. The idea is to make risk and compliance even more streamlined, easy, and convenient - that, too, on the go! We're stoked!

Get started with 6clicks