Bob's Your Uncle .... in the Cloud

I heard the phrase “Bob’s Your Uncle” a few years ago in a conversation with a couple of colleagues. One of them said it, the other laughed in acknowledgment, and I sat there quiet and confused for a moment before asking, “What the H-E-double hockey sticks does that mean?” After being surprised I’d never heard it before, neither of them could explain its meaning very well, and not being curious enough about it at the time, I just let it go.

It came up again recently, this time with a couple of different colleagues. After one of them did his best to tell me what it meant – and admitting while doing so that he might get something wrong – I looked it up. Turns out, Bob’s Your Uncle is an expression meaning "everything will be fine", originated when Arthur Balfour was unexpectedly promoted to Chief Secretary for Ireland by the Prime Minister, Lord Salisbury, in 1900. Salisbury was Balfour's uncle and his first name was Robert. I’ll let you figure it out from there.

Over a hundred years later, Lord (no, not Salisbury) knows that no technology shift confronting governance, risk management, and compliance – GRC for short – is as huge as our collective move to the cloud. The inevitability of most corporate business operations gradually moving from on-premises to the cloud is generally assumed today such that it’s not a matter of if, but when. Many corporations view moving to the cloud before others as being a competitive advantage. But as GRC generates increasing scrutiny with regulation after regulation adding more and more challenges to managing it, the inevitable transition to the cloud will feel like a daunting undertaking for corporations uncertain about how to include their GRC operations. How can they possibly be sure that Bob’s Your Uncle? 

After all, as noted in the OCEG Red Book, managing GRC is no simple effort. In many corporations, GRC remains largely disconnected from performance and strategy. While many of them have risk and compliance management “processes,” few adjust their strategies as risk levels change or as new risks emerge. Without adequate consideration of business risks, these corporations struggle setting strategies, defining tactics, and executing operating plans. On the other hand, those whose GRC officers give enough consideration, recognizing that doing so is an element of survival and preserving a good corporate reputation, will manage to figure it out by embracing the cloud rather than getting lost in it.

As noted in the white paper "Compliance and the Cloud: Reaping the Benefits and What You Need to Succeed by compliance consultant Matt Kelly on www.workiva.com: At the highest and most strategic level, cloud technology lets compliance and audit executives offload the labor-intensive, technical chores of compliance so they can focus on analysis, risk assessment, and exercise good judgment. Benefits include:

·        Better use of manpower

·        Stronger, more effective security

·        Less tedium, more judgment

·        More flexibility in a fast-changing world

·        Keeping pace with cloud-using vendors, customers, and partners

These are not new ideas for how the cloud can better enable business operations, but it they are relatively new to GRC. If you want to be one of these leaders in the GRC space and ensure that Bob’s Your Uncle, I can help. To find out how, send me an InMail.