Our Holiday Schedules

Last week in July
(approximately July 21-30:
SOX and DF anniversaries)

Last week in December
(approximately Dec 25-31:
i.e. Christmas-New Year's)


Member Login

Current member login:

Email:     Password:

If you are a member and have forgotten your user ID and/or password click here.

Contact Us

Fax: 1-888-FAX-GRC-G
E-mail: email@grcg.com

Main: +1.212.626.9016
Fax : +1.212.712.8897

Discerning Trends. Increasing Value.

The GRC Group conducts both member and industry surveys in order to discern the needs of our constituency and to deliver exceptional information, training, and certification programs. Here, you’ll find summaries of our most recent surveys, as well as downloadable PDFs.

Training is the Answer!

In January 2008 The SOX Institute conducted a survey of its email newsletter subscribers that resulted in 393 completed responses. This survey revealed a high level of satisfaction among The SOX Institute’s clients that grew even higher as their involvement with the organization deepened.

The survey found that over 70% of respondents agreed that training reduced their compliance costs by $10,000 or more a year. A full 25% of respondents felt that training reduced their compliance costs by more than $100,000 per year. This represents a significant ROI on the training dollars their companies invested.

Over 75% of respondents agreed that training improved their job performance in some fashion. Over 52% agreed that training helped with their implementation of SOX and their knowledge of internal controls.

Nearly 71% agreed that training reduced the amount of time their auditors had to spend at the company with over 33% estimating that the reduction was greater than 30 hours. Given the billing rates of external auditors, this represents a significant driver in the reduction in the cost of compliance.

Not surprisingly, given these findings, there was a strong positive assessment of the SOX Institute. A full 90% of the respondents who answered the question “Would you refer The SOX Institute to a friend” agreed that they would.

Download the PDF by clicking here.

GRC Industry Survey 2008: A Benchmark for Compliance Programs and Spending

Over the past decade, the landscape of regulatory compliance and industry standardization has become increasingly complex. Companies at every point in the spectrum – from SMBs to large enterprises to multinational corporations – have been deeply impacted by regulations like the Sarbanes-Oxley Act (SOX Act) and the Health Insurance Portability and Accountability Act (HIPAA), as well as standards like the Payment Card Industry Data Security Standard (PCI DSS).

This survey, conducted in early 2008 by The Compliance Authority and The SOX Institute, sought to assess perceptions of compliance, spending related to compliance programs, and approaches to mitigating compliance costs. The survey reached a broad spectrum of participants, with 455 respondents from a representative range of companies and occupations within the compliance industry. A full 20% of the respondents were from the executive suite.

The largest category of respondents came from Compliance (39%), followed by Internal Audit (22%), IT (20%), and Finance (11%). Over 57% came from companies with more than 1,000 employees and a full 24% came from companies with more than 10,000 employees. Approximately one-third of respondents were from the Financial Services sector, and two-thirds from a broad range of industries.

The majority of respondents indicated that compliance was an ongoing process, and that SOX Act compliance was a top priority. Only 15% of respondents stated that compliance costs were declining and a full 40% reported increases in compliance spending.

The most popular methods of reducing compliance costs involved standardization of processes and staff training. Yet the survey revealed that a full 57% of respondents could further reduce costs by sending their staff to training. Two of the leading barriers to successful compliance programs, organizational impediments and compliance staffing, can both be addressed by comprehensive training programs.

A significant number of respondents (22%) expressed concern that their organization’s risk of noncompliance was increasing. While 88% of respondents acknowledged the importance of eliminating barriers to successful compliance programs, only 57% used tools to automate a portion of their compliance activities. Likewise, only 50% of respondents expressed satisfaction with their current tools.

Organizations cite two primary factors when evaluating software solutions: the ability to manage risk and ensure process integrity.

Download the PDF by clicking here.